This document provides illustrative use cases, with associated analysis, chosen to assist in understanding the requirements of 31700-1. The intended audience includes engineers and practitioners who are involved in the development, implementation or operation of digitally enabled consumer goods and services.
ISO/IEC 29146:2016 defines and establishes a framework for access management (AM) and the secure management of the process to access information and Information and Communications Technologies (ICT) resources, associated with the accountability of a subject within some context.
This International Standard provides concepts, terms and definitions applicable to distributed access management techniques in network environments.
This International Standard also provides explanations about related architecture, components and management functions.
The subjects involved in access management might be uniquely recognized to access information systems, as defined in ISO/IEC 24760.
The nature and qualities of physical access control involved in access management systems are outside the scope of this International Standard.
This document defines terms for identity management, and specifies core concepts of identity and identity management and their relationships. It is applicable to any information system that processes identity information.
This standard can be applied to internet-based business scenarios, and can also be served serve as a practical guide to achieve help assess business security risk control through the big data technology. This standard can be applied in other types of organization, including public or privately-owned or state-owned enterprises, associations, or organizations, or by individuals, to improve assessment of their protection capability against business security risks based on big data technology.
This standard establishes a practical, technical baseline of specific methodologies and tools for the development, implementation, and use of effective fail-safe mechanisms in autonomous and semi-autonomous systems. The standard includes (but is not limited to): clear procedures for measuring, testing, and certifying a system's ability to fail safely on a scale from weak to strong, and instructions for improvement in the case of unsatisfactory performance. The standard serves as the basis for developers, as well as users and regulators, to design fail-safe mechanisms in a robust, transparent, and accountable manner.
The metaverse promises a host of bright opportunities for business, economics, and society. Though, a number of critical aspects are still to be considered and the analysis of their impact is almost non-existent. In this paper, we provide several contributions. We start by analysing the foundations of the metaverse, later we focus on the novel privacy and security issues introduced by this new paradigm, and finally we broaden the scope of the contribution highlighting some of the far-reaching yet logical implications of the metaverse on a number of domains, not all of them in tech. Throughout the paper, we also discuss possible research directions. We believe that the provided holistic view on the foundations, technology, and issues related to the metaverse (with a focus on security and privacy), other than being an interesting contribution on its own, could also pave the way for a few multidisciplinary research avenues.
The requirements for a systems/software engineering process for privacy-oriented considerations regarding products, services, and systems utilizing employee, customer, or other external user's personal data are defined by this standard. Organizations and projects that are developing and deploying products, systems, processes, and applications that involve personal information are candidate users of the IEEE 7002 standard. Specific procedures, diagrams, and checklists are provided for users of the IEEE 7002 standard to perform conformity assessments on their specific privacy practices. Privacy impact assessments (PIAs) are described as a tool for both identifying where privacy controls and measures are needed and for confirming they are in place.
This document specifies guidelines for developing a cybersecurity framework. It is applicable to cybersecurity framework creators regardless of their organizations' type, size or nature.
An ontology of identity credentials is an explicit specification of a conceptualization of identity credentials, including the actors, actions, and objects that establish the relationships of
their production, use, and destruction.
This Supplement specifies a proof-of-concept for a service that provides named data such as Internet of Things (IoT) named data by information centric networking in IMT-2020. In the Supplement, an enhanced name resolution system is implemented based on distance-constrained containers to resolve from names to addresses more efficiently.
