BIAS Integration TCMeeting #1
Meeting #1 - TeleconMeeting #1 - Telecon
16 March 200616 March 2006
© OASIS 2005
Agenda Administrative
Call to order Membership, Attendance, & Introductions Appointment of note taker
TC business TC rules TC charter Election of officers
BIAS project description Background INCITS collaboration Joint workshop overview
© OASIS 2005
Agenda (cont’d) Project plans
Review & comment on INCITS document(s) M1/06-0127
Specification outline Schedule
Project schedule Meeting schedule
TC plans New business Action items Adjourn
© OASIS 2005
Membership(corrected slide)
Members Who have signed up timely Who have org approval where applicable Who attend first meeting
Joining later works also Voting vs. Non Voting (attendance) Observer vs. Member
© OASIS 2005
TC Rules TC Formation
Minimum membership: 5 voting members from at least 2 member organizations
Process: Submit charter Within 15 days: post charter, call for participation,
and 1st meeting announcement TC membership
Per person (not organization) Categories: Observer, member, voting member
© OASIS 2005
TC rules (cont’d) First meeting
Min. membership within 15 days of 1st meeting Become voting member @ 1st meeting Min. membership must attend 1st meeting as
voting members TC must elect a chair from nominations made
by voting members at 1st meeting May also elect a secretary
© OASIS 2005
TC rules (cont’d) Voting membership/rights
After 1st meeting, members obtain voting rights at close of 2nd meeting attended
Lose rights if miss >2 consecutive meetings or ballots
Voting Most votes – simple majority (50% VMs) Committee spec – special majority (2/3 VM +
<1/4 no) Electronic balloting
© OASIS 2005
TC rules (cont’d) TC procedures
Roberts rules Standing rules can be adopted by majority
vote Subcommittees
TC may create SCs as needed IPR
TC must follow OASIS IPR policies
© OASIS 2005
TC rules TC meetings
Must be properly called and scheduled in advance using OASIS collaborative tools
Face-to-face or via telecon (or other electronic media)
Minutes must be recorded and published to TC email list and TC webpage
Quorum: >= ½ voting members
© OASIS 2005
TC rules Document progression
Working draft (WD) Any format
Committee draft (CD) Full majority vote
Public review drafts Full majority vote, announced by TC admin,
call for IPR, substantive changes require 2nd PR
Committee specifications Special majority vote (to submit to OASIS
membership for ballot) OASIS standard
Editable source+ PDF
© OASIS 2005
TC rules Specification quality
Use OASIS file naming scheme Include OASIS copyright notice Use OASIS document template Include list of people who participated in the
development Submit to electronic repository All schema and XML instances must be well
formed Spec may be composed of >1 file
© OASIS 2005
TC rules http://www.oasis-open.org/committees/
process.php 9 August 2005
© OASIS 2005
TC Chartera. TC Name
OASIS Biometric Identity Assurance Services (BIAS) Integration Technical Committee
b. Statement of purpose
The Biometric Identity Assurance Services (BIAS) project of Committee M1 [of INCITS (the InterNational Committee for Information Technology Standards, www.incits.org)] is intended to provide the biometrics and security industries with a documented, open framework for deploying and invoking [biometric] identity assurance capabilities that can be readily accessed as services. The [OASIS BIAS integration] TC is intended to define and describe methods and bindings by which that [INCITS] BIAS framework [of services], and elements of it, can be used within XML-based transactional Web services and service-oriented architectures.
It is expected that the two initiatives will inform and improve each other: BIAS should significantly increase the functional opportunities for implementing security and other identity related functions in XML-based systems; and presently-developed SOA methods for exchanging information, transactions and security data may provide useful methods, constraints and patterns for the broader and more robust use of BIAS data.
© OASIS 2005
TC charter (cont’d)c. Scope of work
The TC will specify a set of patterns and bindings for the implementation of [the proposed taxonomy of] BIAS [functional operations as they are developed and defined], using Web services and service-oriented XML methods.
The TC will review, and if appropriate recommend enhancements to, the definitions and taxonomies of [those] BIAS operations, to leverage known information exchange and assurance patterns (such as message reliability
acknowledgments) and functions (such as repository use and calls) arising in service-oriented systems, and potentially to leverage those functions and features that already are embedded in existing SOA methods and standards.
The TC will not implement actual software products or solutions based on the specifications developed along the course of work of this group.
© OASIS 2005
TC charter (cont’d)d. Deliverables
* Preliminary mapping of draft BIAS functions to SOA standards and patterns: approximately 2 months from TC launch (or 1 month from BIAS first working draft, if later)
* (optional) Feedback to draft taxonomy of BIAS operations may be produced as appropriate upon receipt of drafts from INCITS M1: approximately 1month from INCITS issuance of first and subsequent working drafts
* (optional) Revised mapping of draft BIAS functions to SOA standards andpatterns: approximately 1 month from INCITS issuance of first and subsequent working
drafts* (optional) Revised feedback and commentary on taxonomy of BIAS functions:
approximately 1 month from INCITS issuance of final BIAS version for public review taxonomy
* Final mapping of BIAS functions (and any extensions) to SOA standards andpatterns: approximately [2 months] from INCITS issuance of final BIAS version for
public review taxonomy. This [will be the ultimate version intended for promulgation along with the final BIAS taxonomy, and potentially for co-submission to other bodies for further approvals.]
* Technical Reports and White Papers may be drafted as appropriate, e.g., should an implementation issue arise that is of particular interest or requires further study.
© OASIS 2005
TC charter (cont’d)e. IPR Mode
TC will operate under "RF on Limited Terms" mode.
f. Anticipated audience/users
The anticipated audience for this work includes all OASIS Web Service, ebXML and SOA-oriented TCs, all OASIS security-oriented TCs, other standards groups pursuing similar work, biometrics and security function research and interest groups, SOA architects and programmers, vendors and users.
g. Language in which the TC will conduct business
English. The TC may elect to form subcommittees that produce localized documentation of the TC's work in additional languages.
© OASIS 2005
TC charter (cont’d)Informational Materiala. Related WorkClose liaison will be required with the following INCITS TC since the services to be
integrated are being defined therein:INCITS M1 - Biometrics TC
Additionally, within OASIS, all [TCs that produce specifications that may consume security services[ are the primary target of this work. (The BIAS integration work will leverage work and deliverables from these groups as needed [as well].) It is anticipated that liaisons may be needed [with and/or work may be re-used from] multiple SOA-related Technical Committees [including] such as the following:
OASIS SOA Reference Model TCOASIS SOA Adoption Blueprints TCOASIS FWSI TCOASIS Web Services Security TCOASIS WS-SX TCOASIS Security Services (SAML) TCW3C XML Protocol (SOAP) Working GroupW3C [WS Description] (WSDL) Working Group CEN/ISSS Biometrics working teams Liberty Alliance
OASIS XACML TCOASIS ebXML Registry TCOASIS UDDI TCOASIS SOA Adoption Blueprints TCOASIS ebXML Messaging TCOASIS WSRM TCOASIS WS-RX TCOASIS XBCF TC
© OASIS 2005
TC charter (cont’d)b. Anticipated Contributions
INCITS BIAS [model] (for comment and augmentation; taxonomy remains with INCITS). [This is a work in progress. See first preliminary draft posted by Committee M1 for public comment at http://www.incits.org/tc_home/m1htm/docs/m1060127.pdf]
c. First Meeting
Date: [16] March 2006Time: [11:00 am Eastern US]Type: TeleconferenceCall-in data: To be announced to sign-up listSponsor: [Daon]
d. Meeting Schedule
The expected meeting schedule will be monthly conference calls as well as quarterly Face-to-Face meetings, pending approval and adoption by the TC. Sponsors will be drawn from the TC membership.
© OASIS 2005
TC charter (cont’d)e. Proposers
Young Bang, [email protected], Booz Allen Hamilton Dustin Best, [email protected], SAFLINK Charles Li, [email protected], Raytheon John Mayer-Splain, [email protected], Mitretek Dwayne Mercredi, [email protected], SAFLINK Matthew Swayze, [email protected], Daon Guy Swope, [email protected], Raytheon Paul Thorpe, [email protected], OSS Nokalva Catherine J. Tilton, [email protected], Daon Alessandro Triglia, [email protected], OSS Nokalva Brad Wing, [email protected], DHS Gregory Zektser, [email protected], Booz Allen Hamilton
f. TC Convener
Cathy Tilton, [email protected], Daon
g. Proposed Chair(s)
Cathy Tilton, [email protected], Daon
© OASIS 2005
Officers Election of officers
Chair Secretary
Appointments Project editor
© OASIS 2005
BIAS project description Background
Collaboration discussions began in October 2005 At INCITS/OASIS executive level
Collaboration document drafted outlining approach and general procedures
INCITS project approved Oct05 & revised Dec05 Approved by executive board Jan06
OASIS submitted liaison request to INCITS – approved Dec05 OASIS BIAS Integration TC charter drafted Dec05 & posted
Feb06 6 OASIS member organizations (12 individuals) signed up as
proposers TC launch meeting 15 Feb Call for participation out
OASIS/INCITS joint workshop held 24 Feb 06
© OASIS 2005
Accelerating sophistication Biometric systems and customers are becoming more
sophisticated Increased interest in and utility of biometrics
Government & commercial, but mostly driven by the former at present
Large, complex systems Enterprise architectures built on the SOA model &
standards Emphasis on data sharing & reuse of resources/services The need for vendor independence, multiple sources
Departure from custom solutions Embracing of open systems, standards
Interoperability requirements
© OASIS 2005
The requirement To remotely invoke biometric operations
across an SOA infrastructure. Decouple the software service from the
interface (and requester) that calls it Provide business level operations, without
constraining the application/business logic. Be as generic as possible – technology,
framework, & application domain independent Provide basic capabilities that can be used to
construct higher level, aggregate operations
© OASIS 2005
Purpose of the standard (s) To provide the industry, including software
developers, integrators and end-users, with a documented, open framework for deploying and invoking biometric-based identity assurance capabilities that can be readily accessed using services-based frameworks such as Web-Services.
© OASIS 2005
Benefits It establishes an industry-standard set of
biometric identity management services. This will allow applications and systems to be built upon an open-system standard rather than implementing custom one-off solutions for each service provider.
Eases the implementation of and access to such services since the basic services are pre-defined and can be re-used.
Facilitates federated, cross-organizational use of biometric services.
© OASIS 2005
BIAS features Focused on biometrics (but not exclusively) Biometric device, type, and vendor independent Leverage existing standards where appropriate
e.g. CBEFF – INCITS 398-2005 Transport mechanism independent
OASIS will provide bindings for Web services in a separate standard
Multi-platform, open Primarily focused on remote invocations (services),
i.e. not dealing with local devices
© OASIS 2005
Project scope Scope
BIAS defines a framework for deploying and invoking biometrics-based identity assurance capabilities that can be readily accessed using services-based frameworks (e.g. web services).
Excluded Single-platform functionality (e.g., client-side
capture) Integration of biometric services within an
authentication protocol
© OASIS 2005
Content 3 main elements
BIAS services (biometric identity operations) BIAS data (elements) BIAS bindings (schema, protocols)
INCITS role Define operations & data elements
OASIS role integration of these services within the web services
framework
© OASIS 2005
Rationale for collaboration Both disciplines (biometrics and web services) are
equally important to the content of the standard. Experts in both areas will be required to contribute their
expertise to ensure that the final specification provides the right:
Structure Functionality Technical details
Existing standards are available in both fields and many of these standards will provide the foundation and underlying capabilities upon which the biometric services depends.
Experts in both sets of these base standards will be needed to see that they are properly incorporated.
© OASIS 2005
Collaboration approach Develop 2 documents
Content partitioned as identified Documents are separate but interrelated
(companion documents) Documents technically aligned OASIS document tightly coupled to INCITS document
Develop in parallel Each will normatively reference the other Each should follow the ISO template in terms of
structure 2 projects initiated
INCITS 1823-D approved Jan 06 New OASIS TC initiated
© OASIS 2005
Process interactionBase document (functions)
Comments
Revised mapping to SOA
Comments
1st WD (functions & taxonomy)
Comments
Comments
Draft mapping to SOAstandards & patterns
. . .
INCITS XXX OASIS YYY
© OASIS 2005
Technical alignment Unique aspects of each technology will impact
design decisions of the other Cross-education needed Information exchange
Documents must be 100% technically aligned Iterative draft/review process needed
BiometricServices
ServicesBindings
© OASIS 2005
Goals Immediate
Publication of the 2 companion standards by INCITS & OASIS
Ultimate Publication of a multipart standard
internationally (ISO)
ISO/IEC XXXXX
Part 1
Part 2
© OASIS 2005
Workshop overview Joint OASIS/INCITS workshop held on 24 February in Denver
23 attendees Presentations posted as M1/06-0199
Also to be posted on the BIAS TC page Additional workshops to be held in the future, as required
Workshops provide an opportunity for Expert interaction Information sharing
No formal voting or final project decisions will be made at the workshops
Experts may take back to their respective organizations ideas, suggestions or recommendations for action within that group.
No IP is to be shared at workshops See INCITS and OASIS policies (IP, antitrust, etc.)
Workshops are open forums Presentations will be posted afterwards
© OASIS 2005
Workshop presentations Welcome & introductions INCITS M1 overview OASIS overview Project background Biometrics overview Web services overview BIAS project overview Relationship with other standards Voice XML forum BIP DHS discussion Issues & considerations
© OASIS 2005
Project plans Review & comment on INCITS base
document Next INCITS meeting: April 5
Call for comments & contributions due 28 April Next WD to be discussed at June meeting (12-
16) To be posted 2-4 weeks in advance of meeting
© OASIS 2005
INCITS base document Document outline
1. Scope2. Conformance3. Normative references4. Terms and definitions5. Symbols and abbreviated terms6. System context7. Biometric services8. Data elements9. Error handling and notification10. Security
This document is posted at http://www.incits.org/tc_home/m1htm/docs/m1060127.pdf
© OASIS 2005
Feedback on INCITS document Most useful feedback
Format for definition of operations & data elements
How could taxonomy be modified to make web implementations/bindings easier/better
Advice on mechanisms Notifications Synch/asynch operations
© OASIS 2005
Specification outline Action item – need to develop draft outline Examples of other similar standards? Follow ISO format to extent possible OASIS document template
© OASIS 2005
Project schedule Necessarily tied to INCITS project schedule Need to:
Respond to INCITS documents Within 1 month of publication (or by due date for
call to contributions) First response by 28 April
Develop mappings Preliminary – 2 months after launch (15 May)
Develop draft outline By next meeting With preliminary mappings?
© OASIS 2005
Meeting schedule Telecons: 1-2 hours?
Approximately monthly – tentatively: Wed, Apr 19 Wed, Jun 7 Wed, Jul 19
Face-to-face: ½ day? Week of May 9-12 (OASIS symposium, San
Francisco) Week of Sep 19-21 (BC2006, Baltimore)?
© OASIS 2005
TC plans Mail list: [email protected] Website content
FAQ Schedule Minutes Press Other material
Member recruitment Especially among web services companies
© OASIS 2005
Action items
Top Related