Dear all,
As previously mentioned on the list, OASIS organized a workshop on privacy at EIC 2014. It took place last Tuesday. Dee Schur was there representing OASIS.
John Sabo and Gershon Janssen of the OASIS PMRM, Michelle Chibba of the Office of the Information and Privacy Commissioner of Ontario, Dawn Jutla of the OASIS Privacy by Design for Software Engineers Technical Committee and I (representing the XACML TC) all took part in a panel that covered privacy, privacy management, privacy by design, and applying XACML to privacy scenarios.
The main take-away is that there are at least 2 TCs we could possibly engage with more. These are:
- the PMRM TC which Gershon and John lead.
- The PbD-SE TC (Dawn and Michelle)
Both TCs are about producing guidelines, processes, and templates on how to identity privacy challenges and a process to correctly implement privacy checks w/in companies.
XACML could come in to implement privacy from a technical perspective. It strikes me that neither TC were aware of the work we do, ABAC, and XACML. It would be worthwhile for one of us to attend one of their regular TC calls to introduce XACML, policy- and attribute-based access control and how it can be used for privacy.
Thoughts?
Kind regards,
David.