Privacy/Identity
StandardPKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Defines data types, functions and other basic components of the PKCS #11 Cryptoki interface.
PKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Defines data types, functions and other basic components of the PKCS #11 Cryptoki interface.
Produced by:
OASIS PKCS 11 TCVoting history:
Voting History for OASIS Standard, April 2015
Voting History for Approved Errata 01, May 2016
OASIS Standard:
Approved Errata 01
OASIS Standard incorporating Approved Errata 01
Cite as:
Cite as:
[PKCS11-base-v2.40]
PKCS #11 Cryptographic Token Interface Base Specification Version 2.40. Edited by Susan Gleeson and Chris Zimman.
14 April 2015. OASIS Standard. http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/errata01/os/pkcs11-base-v2.40-errata01-os-complete.html.
Latest version: http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/pkcs11-base-v2.40.html.
StandardXACML v3.0 Privacy Policy Profile Version 1.0
Describes a profile of XACML for expressing privacy policies.
XACML v3.0 Privacy Policy Profile Version 1.0
Describes a profile of XACML for expressing privacy policies.
Produced by:
OASIS eXtensible Access Control Markup Language (XACML) TCVoting history:
January 2015
OASIS Standard:
Cite as:
Cite as:
[xacml-3.0-privacy-v1.0]
XACML v3.0 Privacy Policy Profile Version 1.0. Edited by Erik Rissanen. 25 January 2015. OASIS Committee Specification 02. http://docs.oasis-open.org/xacml/3.0/privacy/v1.0/cs02/xacml-3.0-privacy-v1.0-cs02.html. Latest version: http://docs.oasis-open.org/xacml/3.0/privacy/v1.0/xacml-3.0-privacy-v1.0.html.
StandardXACML SAML Profile Version 2.0
Defines a profile for the integration of the OASIS Security Assertion Markup Language (SAML) Version 2.0 with all versions of XACML. SAML 2.0 complements XACML functionality in many ways, so a number of somewhat independent functions are described in this profile:
1) use of SAML 2.0 Attribute Assertions with XACML, including the use of SAML Attribute Assertions in a SOAP Header to convey Attributes that can be consumed by an XACML PDP
2) use of SAML to carry XACML authorization decisions, authorization decision queries, and authorization decision responses
3) use of SAML to carry XACML policies, policy queries, and policy query responses
4) use of XACML authorization decisions or policies as Advice in SAML Assertions
5) use of XACML responses in SAML Assertions as authorization tokens.
Particular implementations may provide only a subset of these functions.
XACML SAML Profile Version 2.0
Defines a profile for the integration of the OASIS Security Assertion Markup Language (SAML) Version 2.0 with all versions of XACML. SAML 2.0 complements XACML functionality in many ways, so a number of somewhat independent functions are described in this profile:
1) use of SAML 2.0 Attribute Assertions with XACML, including the use of SAML Attribute Assertions in a SOAP Header to convey Attributes that can be consumed by an XACML PDP
2) use of SAML to carry XACML authorization decisions, authorization decision queries, and authorization decision responses
3) use of SAML to carry XACML policies, policy queries, and policy query responses
4) use of XACML authorization decisions or policies as Advice in SAML Assertions
5) use of XACML responses in SAML Assertions as authorization tokens.
Particular implementations may provide only a subset of these functions.
Produced by:
OASIS eXtensible Access Control Markup Language (XACML) TCVoting history:
August 2014
OASIS Standard:
Cite as:
Cite as:
[XACML-SAML-v2.0]
XACML SAML Profile Version 2.0. Edited by Erik Rissanen. 19 August 2014. OASIS Committee Specification 02. http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/cs02/xacml-saml-profile-v2.0-cs02.html. Latest version: http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/xacml-saml-profile-v2.0.html.
StandardElectronic Identity Credential Trust Elevation Framework Version 1.0
Recommends particular methods as satisfying defined degrees of assurance for elevating trust in an electronic identity credential, to assure the submitter’s identity sufficiently to support elevation between each pair of assurance levels to transact business where material amounts of economic value or personally identifiable data are involved. Alternative and optional methods may be included. The description of each recommended method shall include functional definitions of the types of identity and assertion data employed by each method, and may include specification of the data services required in each elevation, substantive data exchange patterns or models, message exchange patterns or models, and such other elements as the TC deems useful.
Electronic Identity Credential Trust Elevation Framework Version 1.0
Recommends particular methods as satisfying defined degrees of assurance for elevating trust in an electronic identity credential, to assure the submitter’s identity sufficiently to support elevation between each pair of assurance levels to transact business where material amounts of economic value or personally identifiable data are involved. Alternative and optional methods may be included. The description of each recommended method shall include functional definitions of the types of identity and assertion data employed by each method, and may include specification of the data services required in each elevation, substantive data exchange patterns or models, message exchange patterns or models, and such other elements as the TC deems useful.
Produced by:
OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation) TCVoting history:
May 2014
OASIS Standard:
Cite as:
Cite as:
[trust-el-framework-v1.0]
Electronic Identity Credential Trust Elevation Framework Version 1.0. Edited by Peter Alterman, Shaheen Abdul Jabbar, Abbie Barbir, Mary Ruddy, and Steve Olshansky. 22 May 2014. OASIS Committee Specification 01. http://docs.oasis-open.org/trust-el/trust-el-framework/v1.0/cs01/trust-el-framework-v1.0-cs01.html. Latest version: http://docs.oasis-open.org/trust-el/trust-el-framework/v1.0/trust-el-framework-v1.0.html.
StandardBiometric Identity Assurance Services (BIAS) SOAP Profile Version 1.0
Specifies a SOAP profile that implements the Biometric Identity Assurance Services (BIAS) abstract operations specified in INCITS 442 as SOAP messages.
Biometric Identity Assurance Services (BIAS) SOAP Profile Version 1.0
Specifies a SOAP profile that implements the Biometric Identity Assurance Services (BIAS) abstract operations specified in INCITS 442 as SOAP messages.
Produced by:
OASIS Biometric Identity Assurance Services (BIAS) Integration TCVoting history:
May 2012
OASIS Standard:
Approved Errata 01
OASIS Standard incorporating Approved Errata 01
Approved Errata 02
OASIS Standard incorporating Approved Errata 02
Cite as:
Cite as:
[BIASPROFILE] Biometric Identity Assurance Services (BIAS) SOAP Profile Version 1.0 Plus Errata 02.
Edited by Kevin Mangold, Matthew Swayze, and Cathy Tilton. 06 May 2014. OASIS Standard incorporating Approved Errata 02.
http://docs.oasis-open.org/bias/soap-profile/v1.0/errata02/os/biasprofile-v1.0-errata02-os-complete.html.
Latest version: http://docs.oasis-open.org/bias/soap-profile/v1.0/errata02/biasprofile-v1.0-errata02-complete.html.
StandardCross-Enterprise Security and Privacy Authorization (XSPA) Profile of WS-Trust for Healthcare v1.0
Describes a framework in which WS-Trust is leveraged by cross-enterprise security and privacy authorization (XSPA) to satisfy requirements pertaining to information-centric security within the healthcare community.
Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of WS-Trust for Healthcare v1.0
Describes a framework in which WS-Trust is leveraged by cross-enterprise security and privacy authorization (XSPA) to satisfy requirements pertaining to information-centric security within the healthcare community.
Produced by:
OASIS Cross-Enterprise Security and Privacy Authorization (XSPA) TCVoting history:
November 2010
OASIS Standard:
Cite as:
Cite as:
[XSPA-WS-TRUST-PROF-V1.0]
Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of WS-Trust for Healthcare Version 1.0.
Edited by Mike Davis, Duane DeCouteau, David Staggs, and Jiandong Guo. 01 November 2010. OASIS Standard.
http://docs.oasis-open.org/xspa/ws-trust-v1.0/xspa-ws-trust-profile-os.html.
Latest version: http://docs.oasis-open.org/xspa/ws-trust-v1.0/xspa-ws-trust-profile.html.
StandardCross-Enterprise Security and Privacy Authorization (XSPA) Profile of XACML v2.0 for Healthcare v1.0
A profile of XACML used to support cross-enterprise security and privacy authorization.
Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of XACML v2.0 for Healthcare v1.0
A profile of XACML used to support cross-enterprise security and privacy authorization.
Produced by:
OASIS eXtensible Access Control Markup Language (XACML) TCVoting history:
November 2009
StandardCross-Enterprise Security and Privacy Authorization (XSPA) Profile of Security Assertion Markup Language (SAML) for Healthcare v1.0
Describes a framework in which SAML is encompassed by cross-enterprise security and privacy authorization (XSPA) to satisfy requirements pertaining to information-centric security within the healthcare community.
Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of Security Assertion Markup Language (SAML) for Healthcare v1.0
Describes a framework in which SAML is encompassed by cross-enterprise security and privacy authorization (XSPA) to satisfy requirements pertaining to information-centric security within the healthcare community.
StandardIdentity Metasystem Interoperability (IMI) v1.0
Intended for developers and architects who wish to design identity systems and applications that interoperate using the Identity Metasystem Interoperability specification.
An Identity Selector and the associated identity system components allow users to manage their Digital Identities from different Identity Providers, and employ them in various contexts to access online services. In this specification, identities are represented to users as “Information Cards”. Information Cards can be used both at applications hosted on Web sites accessed through Web browsers and rich client applications directly employing Web services.
This specification also provides a related mechanism to describe security-verifiable identity for endpoints by leveraging extensibility of the WS-Addressing specification. This is achieved via XML [XML 1.0] elements for identity provided as part of WS-Addressing Endpoint References. This mechanism enables messaging systems to support multiple trust models across networks that include processing nodes such as endpoint managers, firewalls, and gateways in a transport-neutral manner.
Identity Metasystem Interoperability (IMI) v1.0
Intended for developers and architects who wish to design identity systems and applications that interoperate using the Identity Metasystem Interoperability specification.
An Identity Selector and the associated identity system components allow users to manage their Digital Identities from different Identity Providers, and employ them in various contexts to access online services. In this specification, identities are represented to users as “Information Cards”. Information Cards can be used both at applications hosted on Web sites accessed through Web browsers and rich client applications directly employing Web services.
This specification also provides a related mechanism to describe security-verifiable identity for endpoints by leveraging extensibility of the WS-Addressing specification. This is achieved via XML [XML 1.0] elements for identity provided as part of WS-Addressing Endpoint References. This mechanism enables messaging systems to support multiple trust models across networks that include processing nodes such as endpoint managers, firewalls, and gateways in a transport-neutral manner.
StandardSubject-based Profiles for SAML V1.1 Assertions
Places constraints upon SAML V1.1 subjects and assertions so that they have properties similar to SAML V2.0 subjects and assertions.
Subject-based Profiles for SAML V1.1 Assertions
Places constraints upon SAML V1.1 subjects and assertions so that they have properties similar to SAML V2.0 subjects and assertions.
Produced by:
OASIS Security Services TCVoting history:
October 2008
OASIS Standard:
Cite as:
Cite as:
[SAML-subj-profile]
Subject-based Profiles for SAML V1.1 Assertions. Edited by Tom Scavo. 7 October 2008. OASIS Committee Specification 02. http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml1-profiles-assertion-subject-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml1-profiles-assertion-subject.html.
StandardIdentity Provider Discovery Service Protocol and Profile
Defines a generic browser-based protocol by which a centralized discovery service implemented independently of a given service provider can provide a requesting service provider with the unique identifier of an identity provider that can authenticate a principal.
Identity Provider Discovery Service Protocol and Profile
Defines a generic browser-based protocol by which a centralized discovery service implemented independently of a given service provider can provide a requesting service provider with the unique identifier of an identity provider that can authenticate a principal.
Produced by:
OASIS Security Services (SAML) TCVoting history:
March 2008
OASIS Standard:
Cite as:
Cite as:
[SAML-idp-discovery] Identity Provider Discovery Service Protocol and Profile. Edited by Rod Widdowson and Scott Cantor. 27 March 2008. OASIS Committee Specification 01. http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery.html.
StandardMetadata Profile for the OASIS Security Assertion Markup Language (SAML) V1.x
Defines a profile of the OASIS SAML V2.0 metadata specification for use in describing SAML V1.0 and V1.1 entities. Readers should be familiar with the SAML V2.0 metadata specification [SAML2Meta] before reading this document.
Metadata Profile for the OASIS Security Assertion Markup Language (SAML) V1.x
Defines a profile of the OASIS SAML V2.0 metadata specification for use in describing SAML V1.0 and V1.1 entities. Readers should be familiar with the SAML V2.0 metadata specification [SAML2Meta] before reading this document.
No results with the selected filters