nkSRPS EN ISO/IEC 24760-1:2025

Information security, cybersecurity and privacy protection - A framework for identity management - Part 1: Core concepts and terminology

Scope

This document:
- defines terms for identity management and specifies core concepts of identity and identity management, and their relationships;
- is applicable to any information system where information relating to identity is processed or stored;
- is considered to be a horizontal document for the following reasons:
- it applies concepts such as distinguishing the term “identity” from the term “identifier” on the implementation of systems for the management of identity information and on the requirements for the implementation and operation of a framework for identity management,
- it provides an important contribution to assess identity management systems with regard to their privacy-friendliness and their ability to assure the relevant attributes of an identity, and consequently it provides a foundation and a common understanding for any other standard addressing identity, identity information, and identity management.