 Another very important module that is part of the overall engine architecture is the identity management. Now, seemingly it looks like identity is something very obvious. After all, every device in the overall network has an identity. It has a certain serial number provided to it by its vendor. It has an IP address, for instance. It has a number of ports with each port having its own port number. Identity is something very obvious. But NGN makes it very systematic and brings a method to the understanding and the implementation of identity management as more like a science. So in this module, we shall first understand what is an entity and how is that entity identified and is there a need to identify that entity to make it look obvious and different from other entities in the network. So NGN implements the identity management module. The identity management module is regarding the identity of the entities. So an entity could be anything that has some existence. It could be the existence in terms of hardware, a certain location, a software or a user accessing that software. An entity is required to be uniquely identifiable that an entity A is considered to be different from entity B. To do that, the identity management functions overall are a group of methods, functions and procedures which all work together to make sure that each entity has a distinct identifier. For instance, look at the users. The users belong to different groups. These groups overlap. So there's a requirement to successfully administer the users in terms of user registration, user management, user deregistration and user assignment to certain services and applications. Then authentication. Of course, authentication and authorization are the processes that you keep coming across time and again because every important functional module in the NGN framework implements some kind of authentication and authorization. There's also a requirement. It could be that different identifiers need to be binded together. For instance, let's look at an email. An email which is characterized by a name and then an and sign and then the mail server, for instance, Ali at the rate gmail.com. So it means this particular email address now has to be attributed to a physical machine on which the mailbox of this particular user, Ali, is installed. These different identifiers need to be dynamically binded in one form or the other and this binding needs to be dynamic in the sense that it needs to be binded for one instance and then it has to be rebinded or unbinded in other instances. Since identification is an introduction of any entity, so some kind of assurance mechanism has to be in place that makes sure that every user that presents its own identity as its introduction is legit, that is, it is a genuine entity. Then proper storage that prevents the spoofing of identity, the stealing of identity are implemented. Likewise, the distribution means the transmission of the identity between multiple parties like, you can say, a federation or a group of users in a multicast group is another important aspect that is an important identity management function. Now, when we look at identity, identity more formally is an identifier that identifies an entity. So it relates to exactly what is the entity. What is the entity means? The entity could be a telephone number, that a telephone number is related to a telephone. A telephone number is not related to a computer. An IP address is related to a computer, it's not related to a telephone. So it means appropriate identifiers have to be associated with the right entities. Then we also have the URIs, the Uniform Resource Identifiers which identify an object over the Internet. And lastly, the email. The credentials are what is the entity dealing with and how the entity can be accessed to be more appropriate. When we look at an entity in a little more detail, we are interested in talking to that entity in getting information from the entity. So the kind of mechanism on how exactly to access the entity is a concern that is done through credentials. Credentials is an important terminology in identity management. This could include the username and password, the digital certificate or a digital token or even a smart card. Now, all these terminologies would make more sense when we look at individual scenarios that we hope to see in the future. Then we have the attributes. The attributes are what is the entity more about in specific terms. For instance, if we are talking about an entity, for instance, a computer. Now, what precisely is the location of a host computer or a server? What is the unique pattern or something unique about that particular server or a computer? Is it located in a secure net? Is it a private network? Is it a public network? And then the context. For instance, a computer that is accessible in daytime, that is 9 to 5, but it is not accessible after 5 p.m. So this is a context or a condition that is associated with a certain identity, with a certain entity. Now, having said all that, I think we are now in a good position to understand what entities are, how their identities are managed.