UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ISO/IEC 29146

Information technology - Security techniques - A framework for access management

active, Most Current
Buy Now
Organization: ISO
Publication Date: 1 June 2016
Status: active
Page Count: 42
ICS Code (Information coding): 35.040
scope:

This International Standard defines and establishes a framework for access management (AM) and the secure management of the process to access information and Information and Communications Technologies (ICT) resources, associated with the accountability of a subject within some context.

This International Standard provides concepts, terms and definitions applicable to distributed access management techniques in network environments.

This International Standard also provides explanations about related architecture, components and management functions.

The subjects involved in access management might be uniquely recognized to access information systems, as defined in ISO/IEC 24760.

The nature and qualities of physical access control involved in access management systems are outside the scope of this International Standard.

Document History

ISO/IEC 29146
January 1, 2024
Information technology — Security techniques — A framework for access management
This document defines and establishes a framework for access management (AM) and the secure management of the process to access information and information and communications technologies (ICT)...
ISO/IEC 29146 AMD 1
August 1, 2022
Information technology — Security techniques — A framework for access management AMENDMENT 1
A description is not available for this item.
ISO/IEC 29146
June 1, 2016
Information technology - Security techniques - A framework for access management
This International Standard defines and establishes a framework for access management (AM) and the secure management of the process to access information and Information and Communications...

References

This document references:
ISO/IEC 24760-1 - Information technology - Security techniques - A framework for identity management - Part 1: Terminology and concepts
Published by ISO on December 15, 2011
This part of ISO/IEC 24760 — defines terms for identity management, and — specifies core concepts of identity and identity management and their relationships. This part of ISO/IEC 24760 is applicable...
This document references:
ISO/IEC 27002 - Information technology - Security techniques - Code of practice for information security controls TECHNICAL CORRIGENDUM 2
Published by ISO on November 15, 2015
A description is not available for this item.
This document references:
ISO/IEC 24760-2 - Information technology - Security techniques - A framework for identity management - Part 2: Reference architecture and requirements
Published by ISO on June 1, 2015
This part of ISO/IEC 24760 - provides guidelines for the implementation of systems for the management of identity information, and - specifies requirements for the implementation and operation of a...
This document references:
IETF RFC 6749 - The OAuth 2.0 Authorization Framework
Published by IETF on October 1, 2012
The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction...
This document references:
ISO/IEC 10181-3 - Information Technology - Open Systems Interconnection - Security Frameworks for Open Systems: Access Control Framework
Published by ISO on September 15, 1996
A description is not available for this item.
This document references:
ISO/IEC 24760-1 - Information technology - Security techniques - A framework for identity management - Part 1: Terminology and concepts
Published by ISO on December 15, 2011
This part of ISO/IEC 24760 — defines terms for identity management, and — specifies core concepts of identity and identity management and their relationships. This part of ISO/IEC 24760 is applicable...
This document references:
ISO/IEC 24760-2 - Information technology - Security techniques - A framework for identity management - Part 2: Reference architecture and requirements
Published by ISO on June 1, 2015
This part of ISO/IEC 24760 - provides guidelines for the implementation of systems for the management of identity information, and - specifies requirements for the implementation and operation of a...
This document references:
ISO/IEC 27002 - Information technology - Security techniques - Code of practice for information security controls TECHNICAL CORRIGENDUM 2
Published by ISO on November 15, 2015
A description is not available for this item.
This document is referenced by:
ISO/IEC 24760-3 - Information technology - Security techniques - A framework for identity management - Part 3: Practice
Published by ISO on August 1, 2016
This part of ISO/IEC 24760 provides guidance for the management of identity information and for ensuring that an identity management system conforms to ISO/IEC 24760-1 and ISO/IEC 24760-2. This part...
This document is referenced by:
BS EN ISO/IEC 24760-1 - IT Security and Privacy - A framework for identity management Part 1: Terminology and concepts
Published by BSI on October 31, 2022
A description is not available for this item.
This document is referenced by:
CSA ISO/IEC 24760-3 - Information technology - Security techniques - A framework for identity management - Part 3: Practice
Published by CSA on January 1, 2018
This part of ISO/IEC 24760 provides guidance for the management of identity information and for ensuring that an identity management system conforms to ISO/IEC 24760-1 and ISO/IEC 24760-2. This part...
This document is referenced by:
ANSI/INCITS 525 - Information Technology – Next Generation Access Control – Implementation Requirements, Protocols and API Definitions (NGAC-IRPAD)
Published by ANSI on September 6, 2018
NGAC follows an attribute-based construction in which characteristics or properties are used to describe and manage policy and to control access to resources. The family of NGAC standards specifies...
This document is referenced by:
ITU-T X.1093 - Telebiometric access control with smart ID cards
Published by ITU-T on November 1, 2018
This Recommendation addresses the telebiometric access control requirements and architecture of personal identity verification platform, which allows users to ensure personal identification using...
View Less
View All
Advertisement