Identity and Privacy the New OASIS Privacy Management

Identity and Privacy: the New OASIS Privacy Management Reference Model Technical Committee John Sabo, Director Global Government Relations, CA Technologies

Fair Information Principles/Practices — Accountability — Data Quality — Notice — Enforcement — Consent — Openness — Collection Limitation — Use Limitation − Anonymity — Disclosure − Data Flow — Access & Correction − Sensitivity — Security/Safeguards 2

Global Privacy Principles/Practices - similarities…but no standardization Analysis of Privacy Principles: An Operational Study” - 2007 International Security Trust and Privacy Alliance (ISTPA) OECD Guidelines – 1980 l l l l 3 Collection Limitation Data Quality Purpose Specification Use Limitation Security Safeguards Openness Individual Participation Accountability CSA Model Code for Protection of Personal Information – 1996 − Accountability − Identifying Purposes − Consent − Limiting Collection − Limiting Use, Disclosure and Retention − Accuracy − Safeguards − Openness − Individual Access − Challenging Compliance Used with Permission, International Security Trust and Privacy Alliance (ISTPA) APEC Privacy Framework – 2005 n n n n n Preventing Harm Notice Collection Limitation Uses of Personal Information Choice Integrity of Personal Information Security Safeguard Access and Correction Accountability

Many Identity-Related Security Mechanisms Support Privacy… — Identity Lifecycle Management and Compliance − critical to privacy – authorized people and systems should have policy-based access to the correct information in a well defined identity system — Web access management, federation, SOA security − Trust among multiple entities to facilitate controlled sharing of information – strengthens security in complex infrastructures — Resource Protection − Privileged users are high risk and must be controlled and monitored — Data Protection − Data (at rest, in motion) must be monitored for access policy compliance — Log management − provides the ability to watch what is happening -monitoring is key to maintaining privacy 4

…with Support from Compliance Infrastructure Models Multiple and distinct resources controlled and managed, providing common model of roles and policies Help Desk HR System Identity Lifecycle Management Access Management Information Protection & Control Privileged User Management Auditing/ Reporting Common roles, policies, reporting, workflow Directory Enterprise Infrastructure Information Content Repositories Files Data in transit 5 Platform Systems System Services Mainframes System files Applications Web ERP CRM Custom Event Logs

Privacy Management Challenges: Networked Health IT 6

Business Intelligence 7 Health Information Exchange Functional and Roles Diagram

Emerging, Complex Privacy Management Challenges: Smart Grid 8

NIST Smart Grid Conceptual Model 9 Source: 27 NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1. 0

Volumes 2 -3 – NISTIR 7628 — NIST Smart Grid Report – Smart Grid Interoperability Panel – Cybersecurity Working Group — Volume 2 – Privacy and the Smart Grid • Chapter 5 – Privacy and the Smart Grid includes • a privacy impact assessment for the Smart Grid with a discussion of mitigating factors. • potential privacy issues that may occur as new capabilities are included in the Smart Grid. − Appendix C – State Laws – Smart Grid and Electricity Delivery − Appendix D – Privacy Use Cases − Appendix E – Privacy Related Definitions

Novel Smart Grid Risk Exposures 30. Elias Leake Quinn, Smart Metering & Privacy: Existing Law and Competing Policies, Spring 2009, at page 3

Smart Grid Privacy Risk Areas

A Reference Model Is Needed 13 Copyright © 1999 -2010 International Security Trust and Privacy Alliance (ISTPA)

14 Copyright © 1999 -2010 International Security Trust and Privacy Alliance (ISTPA)

Privacy Management Reference Model Services — Core Policy Services − Agreement - agreements, options, permissions − Control - policy instantiation, data management — Presentation and Lifecycle Services − Interaction - manages data/preferences/notice − Agent - software that carries out processes − Usage - lifecycle data use, aggregation, anonymity − Access - individual review/updates to PI — Privacy Assurance Services − Certification - credentials, trusted processes − Audit - verifiable lifecycle accountability − Validation - quality and suitability of PI − Enforcement - including redress for violations Copyright © 1999 -2010 International Security Trust and Privacy Alliance (ISTPA)

New OASIS PMRM Technical Committee — OASIS PMRM TC formally announced June 27 – first meeting September 8 – Face to Face Informal Meeting September 29 — Open to OASIS members — ISTPA contributed its PMRM v 2. 0 to the TC — Deliverables include − the Reference Model − one or more use cases utilizing the PMRM − one or more formal methodologies for expressing use cases − profiles of the PMRM applied to selected specific environments (such as Cloud Computing, Health IT, e-Gov, and/or the Smart Grid) — Actively seeking more participation by current and new OASIS members 16

John Sabo, Co-Chair, OASIS PMRM Technical Committee Contact: John. t. sabo@ca. com 17