OASIS Privacy Management Reference Model (PMRM) Technical Committee
The official charter for this Technical Committee is provided below. (For additional information, see the Call for Participation that was issued when this TC was formed.)
OASIS Privacy Management Reference Model (PMRM) Technical Committee
STATEMENT OF PURPOSE AND PROBLEM TO BE SOLVED
For purposes of this project, from a business and operational perspective, "data privacy" is defined to mean the assured, proper, and consistent collection, storage, processing, transmission, use, sharing, trans border transfer, retention and disposition of Personal Information (PI) throughout its life cycle, consistent with data protection principles, privacy and security policy requirements, and the preferences of the individual, where applicable.
The principal purpose of the PMRM TC will be to develop and articulate a Privacy Management Reference Model that describes a set of broadly-applicable data privacy and security requirements and a set of implementable Services and interactions for fulfilling those requirements.
Today, increased cross-border and cross-policy domain data flows, networked information processing, federated systems, application outsourcing, social networks, ubiquitous devices and cloud computing bring ever significant challenges, risk, and management complexity to privacy management.
However, business process engineers, IT analysts, architects, and developers do not have standards-based technical privacy and security frameworks or lifecycle reference models that can enable development and implementation of privacy and associated security requirements. Frequently, expressed as broad policy objectives (fair information practices and principles), these objectives are far removed from the rigorous requirements' expressions needed by business sponsors, business and system analysts, architects and developers.
Typical policy expressions provide little insight into how to actually implement such policies, presenting frustration for policymakers (who expect business systems to manage privacy and security rules) and design challenges for IT architects and solution developers (who have few models to guide their work). This becomes a greater problem in increasingly federated networks, systems and applications.
An effective solution to privacy and security management and compliance obligations in today's IT-centric, networked systems, services and applications environment would be a collection of privacy and security policy-configurable, IT-based, systematic behaviors that faithfully satisfy the requirements of privacy and security policies within a wide variety of contexts and implementation use-case scenarios.
The purpose of the OASIS Privacy Management Reference Model is to aid in the design and implementation of operational privacy and security management systems.
The Reference Model is intended to serve as a guideline or template for developing operational solutions to privacy issues, as an analytical tool for assessing the completeness of proposed solutions, and as the basis for establishing categories and groupings of privacy management controls. The Reference Model will serve as an evaluation framework for implementations, but will not itself be an implementation. It is intended to be used as a tool or basis for development of further implementations and standards, which either currently exist or would be developed independently.
SCOPE OF THE TC
The TC is open to submission of other relevant work and encourages submissions, particularly use cases appropriate for testing the lifecycle management aspects of the Reference Model.
The PMRM will:
Define a set of operationally-focused privacy requirements which can serve as a reference for evaluating options for designing and implementing operational privacy controls. These requirements will constitute a useful working set of 'privacy guidelines', which can both serve as general guidance, and as a feature set against which the PMRM and any implementation can be tested.
Define a structured format for describing privacy management Services, and identify categories of functions that may be used in defining and executing the Services.
Define a set of privacy management Services to support and implement the privacy requirements at a functional level. These Services will include some capabilities that are typically implicit in privacy practices or principles (such as policy management or interaction), but that are necessary if information systems and processes are to be made privacy configurable and compliant.
Establish an explicit relationship between security requirements and supporting security services (such as confidentiality, integrity and availability services) and the privacy management Services. Security services and standards are essential to secure Personal Information; therefore, each specific privacy management Service is expected to have its own security service requirements.
In order to refine the Privacy Management Reference Model, the TC may employ and refine use cases supplied by other OASIS TCs and external organizations. The TC may also consider hosting educational workshops and producing additional supporting materials such as 'best practices' documents.
Specification of the performance of any particular security service, mechanism or standard for the security of Personal Information is out of scope for this TC. The Reference Model, however, will consider the applicability and relationship of security services (confidentiality, including identity management, authentication and access controls; integrity; and availability) within the Reference Model, since the Reference Model incorporates security as a component of privacy management services.
A LIST OF DELIVERABLES AND PROJECTED COMPLETION DATES
The key deliverables are the OASIS Privacy Management Reference Model and one or more comprehensive Use Cases. Estimated completion date is 12 months after the formation of this TC.
Privacy Management Reference Model: Define a set of operational privacy management Services. Each Service will consist of a set of syntactically-structured and logically related Functions that implement that Service. The Service/Function sets will be complete in the sense that all arbitrary but rational sets of privacy requirements (e.g., principles, practices, privacy legislation) can be re-defined in terms of the Services. In that sense, the Reference Model will provide the basis for a high-level system design, a privacy architecture, and a privacy management implementation that solves the given set of privacy requirements.
One or more comprehensive Use Cases: From a number of initial candidates solicited from a cross-section of vertical industries and privacy-sensitive environments, the TC will select one or more Use Cases and apply the Privacy Management Reference Model to convert the Use Case requirements into a system design for an implementation. Ideally, the Use Cases will fully exploit the set of operational Services.
As part of the Use Case development, two additional items are applicable:
Selection of one or more formal methodologies for expressing Use Cases, and.
Profiles of the PMRM applied to selected specific environments (such as Cloud Computing, Health IT, e-Gov, and/or the Smart Grid) that could be used to derive architectures for implementing the PMRM.
Any additional deliverables will be produced after the main deliverables have been finalized. However, additional, representative use cases can be developed in parallel with the Reference Model.
IPR MODE UNDER WHICH TC WILL OPERATE
This TC will operate under the Non-Assertion Mode of the OASIS IPR Policy.
ANTICIPATED AUDIENCE OR USERS OF THE WORK