Press Release

OASIS Members Form New Committee to Standardize Methods for Evaluating Online Reputations

BEA, IBM, Sun Microsystems, AOL, Booz Allen Hamilton, CA, Cordance, Google, NeuStar, NRI, VeriSign, and Others Collaborate on Open Reputation Management Systems

Boston, MA, USA; 2 April 2008 — OASIS, the international open standards consortium, has formed a new technical committee to make it easier to validate the trustworthiness of businesses, projects, and people working and socializing in electronic communities. The new OASIS Open Reputation Management Systems (ORMS) Technical Committee will define common data formats for consistently and reliably representing reputation scores. ORMS will be relevant for a variety of applications including validating the trustworthiness of sellers and buyers in online auctions, detecting free riders in peer-to-peer networks, and helping to ensure the authenticity of signature keys in a web of trust. ORMS will also help enable smarter searching of web sites, blogs, events, products, companies, and individuals.

"The use of the Internet as a medium for social interaction, commerce, and collaboration places new emphasis on the need for standard reputation mechanisms. More and more, trust is based on verifiable claims and opinions of others online," explained Abbie Barbir of Nortel. "As the convener of the OASIS ORMS Technical Committee, I see that the challenge to be addressed with this new work is to define open reputation management systems that enable large sets of different and possibly contradictory opinions about a person, company, or product to be evaluated in a fair and meaningful way."

Because the majority of existing on-line rating, scoring and reputation mechanisms have been developed by private companies using proprietary schemas, there is currently no common method to query, store, aggregate, or verify claims between systems. The different sources of reputation data–user feedback channels (product ratings, comment forms), online user profiles, etc.– are each uniquely susceptible to bad actors, manipulation of data for specific purposes, and spammers.

"ORMS will provide standard ways to express assertions, evaluations and comparisons of rating and reputation data, making it easier to consume that data, aggregate it, and even ‘rate the raters’," said James Bryce Clark, director of standards development at OASIS. "This will make systems less susceptible to data manipulation, and help make trustworthiness scores more usable, constructive and contextually relevant."

ORMS will not attempt to define algorithms for computing reputation scores. Instead, the OASIS Committee will provide the means for understanding the relevancy of a score within a given context.

ORMS will be offered for implementation on a Royalty-Free basis. The new technical committee will hold its first meeting on 1-2 May, in conjunction with the OASIS Open Standards 2008 symposium in Santa Clara, California. Participation in the OASIS ORMS Technical Committee remains open to all interested parties. Archives of the work will be accessible to both members and non-members, and OASIS will offer a mechanism for public comment. The ORMS Technical Committee is affiliated with the OASIS IDtrust Member Section, a group that promotes greater understanding and adoption of standards-based identity and trusted infrastructure technologies, policies, and practices.

Support for ORMS

BEA "BEA is pleased to join in this effort," said Hal Lockhart, Office of the CTO at BEA Systems. "Developing reputation management standards is important to enabling agile business processes."

CA "CA welcomes and supports the formation of the OASIS ORMS Technical Committee. Reputation on the Internet and within the enterprise is a critical aspect of managing trust among participants in business transactions and social collaborations," said Vadim Lander, CA chief security architect. "Having an open standard for managing and providing reputation services will simplify the ability to include this important information in identity security solutions resulting in more secure and satisfactory business relationships."

Cordance "Reputation systems will without doubt play a major role in the emerging Internet identity layer," said Drummond Reed, Chief Architect of Cordance Corporation and co-chair of the OASIS XRI (Extensible Resource Identifier) and XDI (XRI Data Interchange) Technical Committees. "In fact, a key purpose of the XRI digital identifier and XDI data sharing specifications is to provide the building blocks Internet reputation systems will need. So we are very pleased to be a founding member of the ORMS TC."

IBM "With the increasing use of ‘strong’ identities, regulated or unregulated, reputation plays an important part in the process of tracking an entity’s actions and creating a feedback loop for analysis of that data," said Anthony Nadalin, IBM Distinguished Engineer and chief security architect for IBM Tivoli Software. "The goal of this technical community is to look at standardized algorithms for this analysis and common data formats to develop working interoperability between these various reputation systems."

Additional information: OASIS ORMS Technical Committee IDtrust Open Standards 2008: Composability within SOA

About OASIS: OASIS (Organization for the Advancement of Structured Information Standards), drives the development, convergence, and adoption of open standards for the global information society. A not-for-profit consortium, OASIS advances standards for SOA, security, Web services, documents, e-commerce, government and law, localisation, supply chains, XML processing, and other areas of need identified by its members. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. The consortium has more than 5,000 participants representing over 600 organizations and individual members in 100 countries.

Press contact: Carol Geyer OASIS Director of Communications +1.978.667.5115 x209 (office) +1.941.284.0403 (mobile)