IAM Architectural Description

This document proposes to describe a reference architecture as a contribution to ISO/IEC 24760-2, aiming for following benefits:

  • Providing a formal reference architecture that may serve as a template for architecture descriptions of concrete systems;
  • Separating the complexity of the architecture into views to address specific stakeholders and their concerns, hiding complexity not relevant to them;
  • Allowing for a validation based on a formalized approach.

According to ISO/IEC 42010 architecture comprises the fundamental concepts or properties of a system in its environment embodied in its elements, relationships, and in the principles of its design and evolution.

To analyze to context and interfaces of 24760-2 access management is included to some extent. Definitions from following standards are regarded:

  • ISO/IEC 29115 Entity Authentication Assurance
  • ISO/IEC 24760-1 A framework for identity management—Part1: Terminology and Concepts
  • ISO/IEC 29146 A framework for access management
  • ISO/IEC 29100 Privacy framework