Difference between revisions of "OASIS"

From IPEN Wiki
Jump to: navigation, search
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
<span style="font-size:larger;"></span>[[File:OASIS.png]]
+
[[File:OASIS.png]]
  
 
== <span style="font-size:larger;">Introduction</span> ==
 
== <span style="font-size:larger;">Introduction</span> ==
Line 17: Line 17:
 
|-
 
|-
 
| Overview
 
| Overview
| <span style="color: rgb(0, 0, 0); font-family: Verdana, Tahoma, 'DejaVu Sans', sans-serif; font-size: 12px; line-height: 18px;">The OASIS PMRM TC works to provide a standards-based framework that will help business process engineers, IT analysts, architects, and developers implement privacy and security policies in their operations. PMRM picks up where broad privacy policies leave off. Most policies describe fair information practices and principles but offer little insight into actual implementation. PMRM provides a guideline or template for developing operational solutions to privacy issues. It also serves as an analytical tool for assessing the completeness of proposed solutions and as the basis for establishing categories and groupings of privacy management controls.</span><br/>
+
|  
 +
<span style="line-height: 20.7999992370605px;">Privacy Management Reference Model and Methodology (PMRM) Version 1.0 was approved as an Committee Specification Draft on 26 March 2012</span>
 +
 
 +
<span style="color: rgb(0, 0, 0); font-family: Verdana, Tahoma, 'DejaVu Sans', sans-serif; font-size: 12px; line-height: 18px;">The OASIS PMRM TC works to provide a standards-based framework that will help business process engineers, IT analysts, architects, and developers implement privacy and security policies in their operations. PMRM picks up where broad privacy policies leave off. Most policies describe fair information practices and principles but offer little insight into actual implementation. PMRM provides a guideline or template for developing operational solutions to privacy issues. It also serves as an analytical tool for assessing the completeness of proposed solutions and as the basis for establishing categories and groupings of privacy management controls.</span>
 +
 
 
|-
 
|-
 
| Web pages
 
| Web pages
Line 29: Line 33:
 
*Committee Specification Draft V1.0 26 March 2012.&nbsp;[http://docs.oasis-open.org/pmrm/PMRM/v1.0/csd01/PMRM-v1.0-csd01.pdf http://docs.oasis-open.org/pmrm/PMRM/v1.0/csd01/PMRM-v1.0-csd01.pdf]
 
*Committee Specification Draft V1.0 26 March 2012.&nbsp;[http://docs.oasis-open.org/pmrm/PMRM/v1.0/csd01/PMRM-v1.0-csd01.pdf http://docs.oasis-open.org/pmrm/PMRM/v1.0/csd01/PMRM-v1.0-csd01.pdf]
 
*Slides prepared by John Sabo during IPEN workshop (June 5th 2015)[http://ipen.trialog.com/wiki/File:PMRM_Overview-_Short_IPEN_5_June_2015.pdf http://ipen.trialog.com/wiki/File:PMRM_Overview-_Short_IPEN_5_June_2015.pdf]
 
*Slides prepared by John Sabo during IPEN workshop (June 5th 2015)[http://ipen.trialog.com/wiki/File:PMRM_Overview-_Short_IPEN_5_June_2015.pdf http://ipen.trialog.com/wiki/File:PMRM_Overview-_Short_IPEN_5_June_2015.pdf]
 +
*Version 1.0, OASIS Committee Specification 02, incorporating numerous enhancements and clarifications to CS01, was approved by the TC on 17 May 2016 and is available at[http://docs.oasis-open.org/pmrm/PMRM/v1.0/cs02/PMRM-v1.0-cs02.html http://docs.oasis-open.org/pmrm/PMRM/v1.0/cs02/PMRM-v1.0-cs02.html]
  
 
|-
 
|-
Line 40: Line 45:
 
|}
 
|}
  
=== <span style="font-size:larger;">PbD-SE</span> ===
+
=== <span style="font-size:larger;">PbD-SE (Privacy-by-Design Documentation for Software Engineers)</span> ===
  
 
{| border="1" cellspacing="1" cellpadding="1" style="width: 900px;"
 
{| border="1" cellspacing="1" cellpadding="1" style="width: 900px;"
Line 49: Line 54:
 
| Overview
 
| Overview
 
|  
 
|  
Privacy Management Reference Model and Methodology (PMRM) Version 1.0 was approved as an Committee Specification Draft on 26 March 2012
+
<span style="line-height: 1.6;">The OASIS PbD-SE TC provides privacy governance and documentation standards for software engineers. It enables software organizations to embed privacy into the design and architecture of IT systems, without diminishing system functionality.</span>
 
+
The OASIS PbD-SE TC provides privacy governance and documentation standards for software engineers. It enables software organizations to embed privacy into the design and architecture of IT systems, without diminishing system functionality.
+
  
 
The PbD-SE TC work follows the Seven Foundational Principles of Privacy by Design:
 
The PbD-SE TC work follows the Seven Foundational Principles of Privacy by Design:

Latest revision as of 18:41, 3 April 2017

OASIS.png

Introduction

The objective of this page is to provide a high-level view of activities related to privacy standards in OASIS

Some conventions on OASIS standards

Technical Committees

PMRM (Privacy Management Reference Model)

Chair John Sabo
Overview

Privacy Management Reference Model and Methodology (PMRM) Version 1.0 was approved as an Committee Specification Draft on 26 March 2012

The OASIS PMRM TC works to provide a standards-based framework that will help business process engineers, IT analysts, architects, and developers implement privacy and security policies in their operations. PMRM picks up where broad privacy policies leave off. Most policies describe fair information practices and principles but offer little insight into actual implementation. PMRM provides a guideline or template for developing operational solutions to privacy issues. It also serves as an analytical tool for assessing the completeness of proposed solutions and as the basis for establishing categories and groupings of privacy management controls.

Web pages
Documentation
Comments

[Antonio Kung]

  • use case based process
  • integrates concept of touch points (supporting systems developed by several organisations)

PbD-SE (Privacy-by-Design Documentation for Software Engineers)

Chair Dawn Jutla, Ann Cavoukian
Overview

The OASIS PbD-SE TC provides privacy governance and documentation standards for software engineers. It enables software organizations to embed privacy into the design and architecture of IT systems, without diminishing system functionality.

The PbD-SE TC work follows the Seven Foundational Principles of Privacy by Design:

  1. Proactive not Reactive; Preventative Not Remedial
  2. Privacy as the Default Setting
  3. Privacy Embedded into Design
  4. Full Functionality - Positive-Sum, Not Zero-Sum
  5. End-to-End Security - Full Lifecycle Protection
  6. Visibility and Transparency - Keep It Open
  7. Respect for User Privacy - Keep It User-Centric

PbD-SE offers a privacy extension/complement to OMG’s Unified Modeling Language (UML) and serves as a complement to OASIS’ eXtensible Access Control Mark-up Language (XACML) and Privacy Management Reference Model (PMRM).

Web pages
Documentation
Comments