Customer Support: +1 416-401-8730

Login to i2i Subscription Intertek.com
  • There are no items in your cart
Please enter a keyword to search
Advanced search

CAN/CSA-ISO/IEC 24760-3:18

Current
Current

The latest, up-to-date edition.

Information technology — Security techniques — A framework for identity management — Part 3: Practice (Adopted ISO/IEC 24760-3:2016, first edition, 2016-08-01)
Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

01-01-2018

Publisher

Canadian Standards Association

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 Mitigating identity related risk in managing identity
  information
6 Identity information and identifiers
7 Auditing identity information usage
8 Control objectives and controls
Annex A (normative) - Practice of managing identity information
        in a federation of identity management systems
Annex B (normative) - Identity management practice using
        attribute-based credentials to enhance privacy protection
Bibliography

Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the SCC Mirror Committee (SMC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T). Scope This part of ISO/IEC 24760 provides guidance for the management of identity information and for ensuring that an identity management system conforms to ISO/IEC 24760-1 and ISO/IEC 24760-2. This part of ISO/IEC 24760 is applicable to an identity management system where identifiers or PII relating to entities are acquired, processed, stored, transferred or used for the purposes of identifying or authenticating entities and/or for the purpose of decision making using attributes of entities. Practices for identity management can also be addressed in other standards.

Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the SCC Mirror Committee (SMC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T). Scope This part of ISO/IEC 24760 provides guidance for the management of identity information and for ensuring that an identity management system conforms to ISO/IEC 24760-1 and ISO/IEC 24760-2. This part of ISO/IEC 24760 is applicable to an identity management system where identifiers or PII relating to entities are acquired, processed, stored, transferred or used for the purposes of identifying or authenticating entities and/or for the purpose of decision making using attributes of entities. Practices for identity management can also be addressed in other standards.

DocumentType
Standard
ISBN
978-1-4883-1024-9
Pages
48
PublisherName
Canadian Standards Association
Status
Current

Standards Relationship
ISO/IEC 24760-3:2016 Identical

ISO/IEC 29146:2016 Information technology — Security techniques — A framework for access management
ISO/IEC 29151:2017 Information technology — Security techniques — Code of practice for personally identifiable information protection
ISO/IEC 24760-1:2011 Information technology Security techniques A framework for identity management Part 1: Terminology and concepts
ISO/IEC 27002:2013 Information technology Security techniques Code of practice for information security controls
ISO/IEC 27018:2014 Information technology Security techniques Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
ISO/IEC 29115:2013 Information technology Security techniques Entity authentication assurance framework
ISO/IEC 29134:2017 Information technology — Security techniques — Guidelines for privacy impact assessment
ISO/IEC 29101:2013 Information technology Security techniques Privacy architecture framework
ISO/IEC 29100:2011 Information technology — Security techniques — Privacy framework

View more information
US$159.00
Excluding Tax where applicable
USD
CAD
CHF
CNY
DKK
EUR
GBP
HKD
IDR
INR
JPY
KRW
MXN
NOK
NZD
SEK
SGD
USD
ZAR
Hardcopy - English
PDF - English
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

or

Get in touch with us