AIM WG Minutes 01-May-2013
Minute approved, 07-Aug-2013
Date and Time
- Date:Â Wednesday, 01 May 2013
- Time:Â 07:00 PT | 10:00 ET | 14:00 UTC
- Dial-in: United States Toll +1 (805) 309-2350
- Â Alternate Toll +1 (714) 551-9842
- Skype: +99051000000481
- Conference code:Â 613-2898
Agenda
- Administration:
- Roll Call
- Agenda Confirmation
- Approval of Minutes: AIM WG Minutes 20-Mar-2013
- Discussion / Action Item Review
Metadata and other aspects of attribute registries (Keith) - see PDF
- Status of the OIX work (Sal)
NIST SP 800-162 - Guide to Attribute Based Access
- AOB
- Adjourn
Attendees
- Allan Foster
- Steve Olshansky
- Keith Hazelton
- Matt Tebo
- Sal D'Agostino
As of May 1, 2013, quorum is 5 of 9
Non-Voting
- Ken Dagg
- Mike Grady
- Maarten Kremers
Staff
- Heather Flanagan
- Andrew Hughes
Apologies
Minutes
- Motion to approve the minutes by Keith Hazelton; confirmed by unanimous consent
Administration
Action Items
Action | Assigned To | Status | Description | Comments |
---|---|---|---|---|
20121127-06 | Allan Foster | Â | Review AMDG Recommendations and verify if/how they tie in to the AIMWG work | Â |
20121211-01 | Group | Â | Review Attribute Design draft | Determine on next call if this is something group wants to discuss further |
20130109-02 | Keith Hazelton | Â | create a semantic diagram that will look something at a historical perspective | Keith to post to wiki and lead a discussion on April 3 call |
20130123-01 | Kirk Fergusson | Â | Share the working definitions for components in their diagram | Â |
New Action Items
Action | Assigned To | Status | Description | Comments |
---|---|---|---|---|
 |  |  |  |  |
Discussion
Metadata and other aspects of attribute registries (Keith) - see PDF
attribute registry are one of the deliverables for Ken Klingenstein's Scalable Privacy project
Step one is to define attributes and their specifications
What kind of attribute metadata is useful to carry in an attribute registry? what we have now is what's provided in the spec for the attribute by default
tool used for this is called Protégé from Stanford University
Discussion
Looking at this as a companion to the Attribute Design Draft written by Ken as a database for people to refer to to see if the attributes they might be interested in already exist, especially cross-domain; this should be considered more of an index than an encyclopedia
Is there an attribute that looks at source of values? no; role is particularly tricky to trace. If there was a way to capture source and whether it is a foundational or secondary source of the values would help folks in a design of a schema (there are values out there and they can go get them). That might be more a question for attribute providers than for the schema itself? Still, it good be a good placeholder to capture it - the specific values would be an implementation detail. In addition to the attribute registry, we need an interesting set of metadata that comes up between parties about to use the attributes. (A Deployment Profile)
- In terms of the classes identified, what is the degree of variation among the attributes in that class? Are they usually close or are they designed differently? it does seem to be fairly heterogeneous; at this stage in the work, the attribute classes give you a convenient place to look
- What about triage - in a point to point transaction, where each have definitional distinctions. They might consult a translation table to understand what's coming in on the wire and what/how they want to keep the data.
- Is the registry going to be a superset/union of all the current registries, or do we try to single out the commonality and turn this in to a smaller set?
Â
Status of the OIX work (Sal)
- This is parallel pilot work for the Attribute Exchange network
- there will be an exchange under a trust framework where people who want to obtain attributes about individuals could ask an attribute market for that info
- Is this the criterion IDWeb effort? Yes.
- That is attribute verification more than attribute provisioning. Note that verification is likely just the first step. The nature/data type and how it is verified and whether it has been done recently are some of the parameters related to the verification that are being put in to play
- Heard some things in the list above about nature/data type that could become things metadata about attributes. Some of the people on this call are supposed to be on the attribute exchange pilot but not until year 2.
Â
NIST SP 800-162 - Guide to Attribute Based Access
- a new special publication from NIST; FYI for this group
- more about access than defining access, but still relevant and complementary to the work of this group
- note it is out for comment at this time
Â
AOB
Allan - looking for a volunteer to act as Secretary for the group to help with minutes and quarterly reports
Next Call
- Date: Wednesday, 15 May 2013
- Time: 07:00 PT | 10:00 ET | 15:00 UTC
- Dial-in: United States Toll +1Â (805) 309-2350
- Â Alternate Toll +1 (714) 551-9842
- Skype: +99051000000481
- Conference code: 613-2898