The OASIS CSAF Technical Committee is chartered to make a major revision to the Common Vulnerability Reporting Framework (CVRF) under a new name for the framework that reflects the primary purpose: a Common Security Advisory Framework (CSAF). TC deliverables are designed standardize existing practice in structured machine-readable vulnerability-related advisories and further refine those standards over time.
The OASIS Context Server (CXS) TC was chartered to create specifications for a Context Server (also known as Customer Data Platforms, CDP see below) as a core technology for enabling the delivery of personalized user experiences. The goal is to assist organizations that currently struggle to create and deliver consistent personalized experiences across channels, markets, and systems. The Context Server (aka CDP) will simplify management, integration, and interoperability between solutions providing services like Web Content Management, CRM, BigData, Machine Learning, Digital Marketing, and Data Management Platforms. TC members are producing a detailed list of use cases, a domain model, a REST API, as well as a reference implementation to serve as a real world example of how the Context Server standard can be used.
Relation to Customer Data Platforms: since the OASIS Context Server TC has been established, the term Customer Data Platform (CDP) has emerged and can be interchangeably be used for the Context Server. To reflect this, the specification produced by this TC has changed its name to : the Customer Data Platform specification.
Relation to Apache Unomi : the reference implementation of the Customer Data Platform specification is produced as part of the Apache Unomi project.
The OASIS XSPA TC works to standardize the way healthcare providers, hospitals, pharmacies, and insurance companies exchange privacy policies, consent directives, and authorizations within and between healthcare organizations. The OASIS Cross-Enterprise Security and Privacy Authorization (XSPA) Technical Committee will specify healthcare profiles of existing OASIS standards to support reliable, auditable methods of confirming personal identity, official authorization status, and role attributes. This work aligns with security specifications being developed within the U.S. Healthcare Information Technology Standards Panel (HITSP).
The OASIS Cyber Threat Intelligence (CTI) TC was chartered to define a set of information representations and protocols to address the need to model, analyze, and share cyber threat intelligence. In the initial phase of TC work, three specifications will be transitioned from the US Department of Homeland Security (DHS) for development and standardization under the OASIS open standards process: STIX (Structured Threat Information Expression), TAXII (Trusted Automated Exchange of Indicator Information), and CybOX (Cyber Observable Expression).
The OASIS CTI Technical Committee will:
The purpose of the OASIS DITA Technical Committee (TC) is to define and maintain the Darwin Information Typing Architecture (DITA) and to promote the use of the architecture for creating standard information types and domain-specific markup vocabularies.
DITA is specializable, which allows for the introduction of specific semantics for specific purposes without increasing the size of other DTDs, and which allows the inheritance of shared design and behavior and interchangeability with unspecialized content.
The DSS-X TC is developing new profiles of the existing OASIS Digital Signature Services core protocol "Digital Signature Service Core Protocols, Elements, and Bindings Version 1.0" and is maintaining this specification and its existing profiles. If at a later date it becomes clear that a new version of DSS is necessary then this may be produced by the TC.
DSS-X is also working on promotion of the standard and the creation of material helping dissemination. In general terms, the TC has the goal to facilitate the processing of digital signatures and time stamps in a client server environment.
The DSS-X TC is a member of the IDtrust Member Section.
The scope of DocBook is computer hardware and software documentation. Broadly, this includes both print and online tutorial and reference documentation as well as online help, user guides, exercises and other ancillary forms of documentation.
This effort will deliver on the following goals:
Most requests for enhancement that are not motivated by a requirement in computer hardware or software documentation are considered out of scope for the committee. However, the committee may address needs in related domains through extensions or variants, and may commission sub-committees to focus on related domains. It is not a goal of the Technical Committee to expand the scope of DocBook to include additional, unrelated problem domains.
The OASIS DocBook TC is chartered to develop and maintain the DocBook family of specifications and to continue to support its ever growing user base. In particular, the XML and SGML DocBook schemas, a suite of extension modules, and a simplified authoring subset of DocBook. The Technical Committee plans to support a variety of schema languages and may develop additional modules and derived document types.
The ebXML Core TC maintains ebXML specifications transitioned from other Technical Committees. TCs eligible for maintenance by the ebXML Core TC are ebXML Messaging, ebXML CPPA, ebXML ebBP, ebXML IIC, and ebXML RegRep. The ebXML Core TC manages clarifications, modifications, and enhancements for the specifications through the OASIS standards process.
The purpose of the OASIS ebXML Messaging Services TC is to develop and recommend technology for the transport, routing and packaging of business transactions using standard Internet technologies.
The OASIS Trust Elevation TC works to define a set of standardized protocols that service providers may use to elevate the trust in an electronic identity credential presented to them for authentication. The Trust Elevation TC is intended to respond to suggestions from the public sector, including the U.S. National Strategy for Trusted Identities in Cyberspace (NSTIC). The Trust Elevation TC promotes interoperability among multiple identity providers--and among multiple identity federations and frameworks--by facilitating clear communication about common and comparable operations to present, evaluate and apply identity [data/assertions] to sets of declared authorization levels.
The EM-TC creates vendor-neutral and platform agnostic standards for organizations and agencies to more easily exchange emergency information. The EM-TC welcomes participation from members of the emergency management and response community, developers and implementers, and members of the public concerned with disaster management and response.
The Emergency Data Exchange Language (EDXL) is a broad initiative to create an integrated framework for a wide range of emergency data exchange standards to support operations, logistics, planning and finance.
Overview links below are provided for completed OASIS standards only. Non-linked items are works in progress. For most recent versions of all technical work see Technical Work Produced by the Committee
The OASIS BDXR TC advances an open standards framework to support public e-procurement and e-invoicing. The group defines specifications for a lightweight and federated messaging infrastructure that supports a 4-corner model for the secure and reliable exchange of electronic documents. Wherever possible, the TC specifications are based on profiles of existing standards from OASIS and elsewhere. BDXR TC members also coordinate the submission of new requirements as use cases for expanded functionality.
The original OASIS BDX TC was formed to advance the messaging portion of PEPPOL. Subsequently, the decision was made to broaden the scope of the TC to include global requirements and use cases from government and industry and to support an ongoing technical convergence between PEPPOL and other European Large Scale Pilots (LSPs), resulting in the rechartered OASIS BDXR TC.
All those involved in e-procurement and e-invoicing are invited to participate in the BDXR TC, including public and private sector agencies, enterprises, solution providers, consultants, and researchers. E-payment actors including financial institutions, associations and payment networks should also be represented in this work.
