AIM WG Minutes 01-May-2013

Owned by
Former user (Deleted)
Last updated: Aug 07, 2013Version comment
3 min read

Minute approved, 07-Aug-2013

Date and Time

  • Date: Wednesday, 01 May 2013
  • Time: 07:00 PT | 10:00 ET | 14:00 UTC
  • Dial-in: United States Toll +1 (805) 309-2350
    •  Alternate Toll +1 (714) 551-9842
  • Skype: +99051000000481
    • Conference code: 613-2898

Agenda

  1. Administration:
    1. Roll Call
    2. Agenda Confirmation
    3. Approval of Minutes: AIM WG Minutes 20-Mar-2013
  2. Discussion / Action Item Review

    1. Metadata and other aspects of attribute registries (Keith) - see PDF

    2. Status of the OIX work (Sal)

    3. NIST SP 800-162 - Guide to Attribute Based Access

  3. AOB
  4. Adjourn

Attendees

  • Allan Foster
  • Steve Olshansky
  • Keith Hazelton
  • Matt Tebo
  • Sal D'Agostino

As of May 1, 2013, quorum is 5 of 9

Non-Voting

  • Ken Dagg
  • Mike Grady
  • Maarten Kremers

Staff

  • Heather Flanagan
  • Andrew Hughes

Apologies

Minutes

  • Motion to approve the minutes by Keith Hazelton; confirmed by unanimous consent

Administration

Action Items

Action

Assigned To

Status

Description

Comments
20121127-06Allan Foster Review AMDG Recommendations and verify if/how they tie in to the AIMWG work 
20121211-01Group Review Attribute Design draftDetermine on next call if this is something group wants to discuss further
20130109-02Keith Hazelton create a semantic diagram that will look something at a historical perspectiveKeith to post to wiki and lead a discussion on April 3 call
20130123-01Kirk Fergusson Share the working definitions for components in their diagram 

New Action Items

Action

Assigned To

Status

Description

Comments
     

Discussion

Metadata and other aspects of attribute registries (Keith) - see PDF

  • attribute registry are one of the deliverables for Ken Klingenstein's Scalable Privacy project

  • Step one is to define attributes and their specifications

  • What kind of attribute metadata is useful to carry in an attribute registry?  what we have now is what's provided in the spec for the attribute by default

  • tool used for this is called Protégé from Stanford University

  • Discussion

    • Looking at this as a companion to the Attribute Design Draft written by Ken as a database for people to refer to to see if the attributes they might be interested in already exist, especially cross-domain; this should be considered more of an index than an encyclopedia

    • Is there an attribute that looks at source of values? no; role is particularly tricky to trace.  If there was a way to capture source and whether it is a foundational or secondary source of the values would help folks in a design of a schema (there are values out there and they can go get them).  That might be more a question for attribute providers than for the schema itself?  Still, it good be a good placeholder to capture it - the specific values would be an implementation detail.  In addition to the attribute registry, we need an interesting set of metadata that comes up between parties about to use the attributes.  (A Deployment Profile)

    • In terms of the classes identified, what is the degree of variation among the attributes in that class?  Are they usually close or are they designed differently?  it does seem to be fairly heterogeneous; at this stage in the work, the attribute classes give you a convenient place to look
    • What about triage - in a point to point transaction, where each have definitional distinctions.  They might consult a translation table to understand what's coming in on the wire and what/how they want to keep the data.
    • Is the registry going to be a superset/union of all the current registries, or do we try to single out the commonality and turn this in to a smaller set?

 

Status of the OIX work (Sal)

  • This is parallel pilot work for the Attribute Exchange network
    • there will be an exchange under a trust framework where people who want to obtain attributes about individuals could ask an attribute market for that info
    • Is this the criterion IDWeb effort?  Yes.
      • That is attribute verification more than attribute provisioning.  Note that verification is likely just the first step.  The nature/data type and how it is verified and whether it has been done recently are some of the parameters related to the verification that are being put in to play
    • Heard some things in the list above about nature/data type that could become things metadata about attributes.  Some of the people on this call are supposed to be on the attribute exchange pilot but not until year 2.

 

NIST SP 800-162 - Guide to Attribute Based Access

  • a new special publication from NIST; FYI for this group
  • more about access than defining access, but still relevant and complementary to the work of this group
  • note it is out for comment at this time

 

AOB

  • Allan - looking for a volunteer to act as Secretary for the group to help with minutes and quarterly reports

Next Call

  • Date: Wednesday, 15 May 2013
  • Time: 07:00 PT | 10:00 ET | 15:00 UTC
  • Dial-in: United States Toll +1 (805) 309-2350
    •  Alternate Toll +1 (714) 551-9842
  • Skype: +99051000000481
    • Conference code: 613-2898