OASIS Committee Standardizes Use of Biometric Identity Assurance in Web Services and SOA

["Carol Geyer" <carol.geyer@oasis-open.org>]

Link to this press release at 
http://www.oasis-open.org/news/oasis-news-2006-06-28.php.
_____________________________________________________

OASIS Committee Standardizes Use of Biometric Identity Assurance in Web
Services and SOA 

Booz Allen Hamilton, NIST, Raining Data, Raytheon, Sun Microsystems and Others
Collaborate to Apply INCITS Biometric Framework for XML


Boston, MA, USA; 28 June 2006 - Members of the OASIS international standards
consortium are developing a standard for invoking biometrics-based identity
assurance using Web services and service oriented architectures (SOA). The new
OASIS Biometric Identity Assurance Services (BIAS) Integration Technical
Committee will complement the efforts of the InterNational Committee for
Information Technology Standards (INCITS), a standards development organization
accredited by the American National Standards Institute (ANSI). Where INCITS is
working to define the taxonomy of functions that form a framework for deploying
identity assurance in the biometrics and security industries, OASIS will define
the methods and bindings by which that framework can be used within XML-based
transactional services. The two companion standards are expected to reference
one another.

"We expect that the INCITS and OASIS initiatives will inform and improve on one
another," noted Karen Higgenbottom, chair of the INCITS executive board, which
also serves as ANSI's Technical Advisory Group for ISO/IEC Joint Technical
Committee 1. "BIAS should significantly increase the opportunities for
implementing biometric functions in XML-based systems. Likewise, current SOA
methods for exchanging information and transactions data may provide useful
parameters and patterns for the broader application of BIAS data in the
security industry."

"Biometric systems are becoming more complex as they are integrated into larger
identity management and credentialing systems," observed Catherine Tilton of
Daon, chair of the OASIS BIAS Integration Technical Committee. "At the same
time, there is a growing need for data sharing and reuse of resources and
services within and across organizations. Today, custom built, proprietary
solutions are the only option. The availability of a standard biometric
services interface will allow systems to be implemented on an open architecture
and provide users with greater choice in products and services."

"This project represents complementary development efforts between OASIS and
INCITS, and we hope it will serve as a model for future collaboration," stated
James Bryce Clark, director of standards development at OASIS. "It offers a
compelling opportunity for existing SOA and XML security technologies to more
broadly consume biometric technologies."

The new committee members foresee their work leveraging a variety of security,
Web services, and SOA standards developed at OASIS, including WS-Security. In
addition, vertical industry efforts that require secure identification and
authentication may make use of the BIAS effort. It may also influence work
produced by other standards bodies, biometrics research groups, SOA architects,
vendors and users. 

The OASIS BIAS Integration Technical Committee will operate under Royalty Free
on Limited Terms mode, as defined by the OASIS Intellectual Property Rights
Policy. Participation in the Committee remains open to all companies,
non-profit groups, governments, and individuals. As with all OASIS projects,
archives of the Committee's work will be accessible to both members and
non-members, and OASIS will host an open mail list for public comment.

Support for BIAS

Booz Allen Hamilton
"Booz Allen Hamilton is proud to sponsor and participate in the development of
BIAS. This new standard will enhance biometric web services interoperability,"
said Don Waymire, Senior Associate at Booz Allen Hamilton. "Booz Allen's
participation in BIAS is in keeping with our commitment to support biometric
standards development and open system architectures."

Sun Microsystems
"Sun is proud to participate on the OASIS BIAS team working on open standards
for biometric use that will give organizations new choices for open and strong
authentication. Whether used to replace simple passwords or add additional
mechanisms, products based upon these biometric standards will enable
organizations to achieve greater security through the use of open,
community-driven standards," said Edward Clay, security architect, Client
Solutions Global Security Team at Sun.



About OASIS

OASIS (Organization for the Advancement of Structured Information Standards) is
a not-for-profit, international consortium that drives the development,
convergence, and adoption of e-business standards. Members themselves set the
OASIS technical agenda, using a lightweight, open process expressly designed to
promote industry consensus and unite disparate efforts. The consortium produces
open standards for Web services, security, e-business, and standardization
efforts in the public sector and for application-specific markets. Founded in
1993, OASIS has more than 5,000 participants representing over 600
organizations and individual members in 100 countries. Approved OASIS Standards
include AVDL, BCM, CAP, DITA, DocBook, DSML, ebXML CPPA, ebXML Messaging, ebXML
Registry, EDXL-DE, EML, OpenDocument, SAML, SPML, UBL, UDDI, WSDM,
WS-Reliability, WSRF, WSRP, WS-Security, XACML, XCBF, and XML Catalogs.
http://www.oasis-open.org



Additional information

OASIS BIAS Integration Technical Committee
http://www.oasis-open.org/committees/bias/

BIAS FAQ
http://www.oasis-open.org/committees/bias/faq.php/

INCITS
http://www.incits.org


Press contact

Carol Geyer
OASIS Director of Communications
carol.geyer@oasis-open.org
+1.978.667.5115 x209 (office)
+1.941.284.0403 (mobile)