DOCUMENT #:
GSC14-PLEN-009
FOR:
Presentation GSC-14
SOURCE:
TIA
AGENDA ITEM:
OPEN PLEN 6.4
CONTACT(S):
Dan Bart / Mark Epstein
Identity Management and
Identification Systems
TIA DEL
Fostering worldwide interoperability
Overview (1)
TIA’s standards work that relates to managing
the identity of a user of a system, includes such
things as the assignment functions of unique
identifiers, such as ESNs, UIMs, MEIDs, E-UIMs,
and other identifiers.
It also includes building security into the
standards to make sure that when using
systems, such as cdma2000® technology for
mobile communications, so that handsets and
users can be uniquely identified and
authenticated, as part of ID Mgmt and toll fraud
prevention on such systems.
Other systems standardized at TIA have similar
ID Mgmt or authentication requirements
including, for example, TR-8 P25 Systems used
by Public Safety Users and authentication will be
added to TIA-1039,"QoS Signaling for IP QoS
Support," by TIA TR-34 also.
Fostering worldwide interoperability
2
Overview (2)
TIA is considering possible work on
Equipment Numbering Identifier security
(e.g., MEID (IMEI), UIM, ESN) to help
manage Identity more securely
Consider an International regulatory adoption of
common Equipment Numbering Identifier security
requirements
For information on TIA Numbering Resources see
www.tiaonline.org/standards/resources
Electronic Serial Number (ESN) Assignment
Includes links to Information on UIM and E-UIM
Mobile Equipment Identifier (MEID)
System Operator Code (SOC)
SS7 Translation Type and SubSystem Numbers
Assignment Notification Information Repository
Fostering worldwide interoperability
3
Strategic Direction
In the USA much of Strategic Direction for ID
Mgmt work is driven by increasing concerns over
Identity Theft, loss of Personal Information,
Privacy Concerns, Data Breaches, toll fraud
prevention, Cyber Crime, etc.
Thus, public policy drives the need for technical
solutions and then standards to help solve the
problems.
The Office of Science and Technology Policy
(“OSTP”) of the Executive Office of the President
(“EOP”) has been working on a “Federal Vision
for Identity Management,” for some time, under
the National Science Technology Council (NSTC).
tinyurl.com/EOP-Fed-Vision-ID-MGMT-Jan09
www.biometrics.gov/nstc/Default.aspx
Fostering worldwide interoperability
4
NSTC ID Management TF Report
NSTC issued a Report on ID MGMT in
September 2008, after GSC-13.
Available at:
www.ostp.gov/nstc
www.biometrics.gov
www.idmanagement.gov
www.ostp.gov/cs/nstc/documents_reports
www.biometrics.gov/NSTC/Publications.aspx
Fostering worldwide interoperability
5
Key Recommendations from the
NSTC Report on ID Mgmt
Fostering worldwide interoperability
6
Key Findings
Fostering worldwide interoperability
7
Strategic Direction
In May 2009 the President’s National
Security Telecommunications Advisory
Committee (“NSTAC”) approved a report to
President Obama on an “Identity
Management Strategy.”
www.ncs.gov/nstac/may2009/nstac_meetings.ht
ml
Will be posted at:
www.ncs.gov/nstac/nstac_publications.html
Fostering worldwide interoperability
8
Domestic and international activities
As noted in the NSTC report, many groups are
dealing with issues involved in ID MGMT,
domestically and internationally:
Fostering worldwide interoperability
9
Next Steps/Actions
Should the President act on NSTAC’s
recommendations or should any of numerous
legislative or regulatory actions that are
pending impact TIA’s areas of standards
expertise, we will respond accordingly.
Fostering worldwide interoperability
10
Proposed Resolution
Will determine based on HIS Panel
Discussions
Fostering worldwide interoperability
11
Supplemental Slides
Fostering worldwide interoperability
12
Acronyms
ESN – Electronic Serial Numbers.
The ESN is a number which uniquely identifies the mobile station.
Each ESN is a 32-bit number consisting of two components: a
manufacturer ID Code field and a mobile serial number field. The MFR
Code range is 000-255.
UIM – User Identification Module
R-UIM Removable UIM
Removable User Identification Module, often called the Subscriber
Identity Module (SIM) card.
MEID – Mobile Equipment Identifier
Mobile Equipment Identifier, uniquely identifies the mobile station.
Each MEID is a 56-bit number encoded in Hexadecimal (base 16)
format
E-UIM – Expanded UIM
IMEI – International Mobile Equipment Identity
Administered by GSMA
Fostering worldwide interoperability
13
National Science Technology Council
The National Science and Technology Council (NSTC)
Subcommittee on Biometrics and Identity Management
serves as part of the internal deliberative process of the
NSTC. Reporting to and directed by the Committee on
Technology, the Subcommittee’s tasking is to:
For Biometrics:
Provide technical leadership in the development and implementation of
interoperable federal biometric systems;
Develop and implement multi-agency investment strategies that advance
biometric sciences to meet public and private needs;
Develop and adopt biometric standards as specified in the NSTC
Policy for Enabling the Development, Adoption and Use of Biometric
Standards;
Develop consensus strategic outreach plans for biometrics, including
collaboration on www.biometrics.gov, the annual Biometric Consortium
Conference and other events;
For Identity Management (of which biometrics is a subset):
Identify cross-sector IdM issues, and develop and implement plans to
address the federal government’s priority S&T needs
Facilitate the inclusion of privacy-protecting principles in IdM
system design;
Promote a scientifically educated and aware public that properly
understands IdM technologies, federal programs and issues;
Strengthen international and public sector partnerships to foster
the advancement of IdM technologies.
Fostering worldwide interoperability
14
Architectural Model from NSTC
Fostering worldwide interoperability
15
TIA published Documents related to ID Mgmt
via ESN, UIM and MEID number assignments
MEID Global Hexadecimal Assignment Guidelines
and Procedures, v5.0
ANSI/J-STD-025-B-1, Lawfully Authorized Electronic
Surveillance, support for MEID
TIA-928, TIA 41 (MAP) support for MEID
TIA-1074, OTA support for MEID
TIA-881-1 [E], MAP Location Services
Enhancements for support of MEID
TIA-1137.102, Multiple Authentication and 2G RUIM
Support
ANSI/J-STD-036-B, E911 Phase 2, support for MEID
TIA-943, MEID (TDMA)
TIA-2001-D-1, MEID for cdma2000®
Fostering worldwide interoperability
16
TIA published Standards related to ID Mgmt via
ESN, UIM and MEID number assignments
TIA-2000-D, cdma2000® air interface support for
MEID
TIA-1084-A, Signaling Test Specification for MEID
support of cdma2000® Spread Spectrum Systems
TIA-835-B-1, cdma2000® packet data network
support for MEID
TIA-820-C-1, RUIM for Spread Spectrum Systems
Electronic Serial Number Manufacturer’s Code
Assignment Guidelines and Procedures, v2.0
Fostering worldwide interoperability
17
TR-8 Security, Encryption,
Identity
Engineering Committee TR-8 has a
subcommittee focused on Encryption
Standards, TR-8.3
A block encryption Protocol document,
TIA-102.AAAD-A has been approved for
ballot in 2009
TR-8 has standards for Advanced
Encryption, Data Encryption, and OTAR
For overviews of these areas see ANSI/TIA102.AAAB-A, ANSI/TIA-102.AAAB-A, and TIA102.AACB
Geneva, 13-16 July 2009
Fostering worldwide interoperability
18
Example of TIA P25 Standard for
Authentication
TIA-102.AACE “Project 25 Digital Land
Mobile Radio - Link Layer Authentication”
The authentication service described in this document is
applicable to FDMA and TDMA trunking systems using an
FDMA trunking control channel. Authentication is a
standard option for trunked radio systems. This
document describes two forms of authentication: unit
authentication and mutual authentication. If the
authentication standard is implemented in a
Subscriber Unit, then unit authentication is
mandatory and mutual authentication is optional.
When the mutual authentication option is chosen, it
must be implemented as specified herein. If the
authentication standard is implemented in the FNE, both
unit and mutual authentication are mandatory and must
be implemented as specified herein.
Fostering worldwide interoperability
19