Identity and Access Management (policy by ISMS or Trust Framework)

1. Identity Management (early binding paradigm)

1.1. Identity Life Cycle Management

1.1.1. Enrollment

1.1.1.1. Application/Initation

1.1.1.2. Identity Proofing and Verification

1.1.1.3. Registration

1.1.2. Attribute Management

1.1.2.1. Addition

1.1.2.2. Update

1.1.3. Termination

1.1.3.1. Retire/Deletion

1.1.3.2. Purge

1.2. Credential Life Cycle Management

1.2.1. Issuance/Replacement

1.2.1.1. Creation/Production

1.2.1.2. Delivery

1.2.1.3. Activation

1.2.2. Revocation

1.2.3. Suspension, Re-activation

1.3. Consent Management

1.4. Entity Authentication Services

1.4.1. online paradigm

1.4.1.1. Brokered Verification

1.4.1.2. Direct Verification

1.4.2. off-line paradigm

1.4.2.1. Brokered Verification

1.4.2.2. Direct Verification

1.5. Attribute Service

1.5.1. Manage Attribute Release Policies

2. Policy and compliance management

2.1. Federation Operation

2.1.1. Membership Management

2.1.2. Interfederation Management

2.1.3. Metadata Aggregation

2.2. Monitoring

2.3. Audit

2.4. Reporting (Interface to SIEM)

3. Out of Scope

3.1. DRM

3.2. Identification of Resources

4. Access Management

4.1. Policy Management

4.1.1. Resource Management

4.1.2. Privilege Management

4.2. Privileged Accounts Management

4.3. Authorizaion (Policy Decision & Enforcement)

5. Service Provisioning and Delivery

5.1. Services (Pull-metaphor)

5.2. Synchronization (Push-metaphor)