johnsabo.per John Sabo
OASIS Idtrust

John Sabo is an independent consultant on data privacy and cyber security, with a multi-faceted career in government, the IT industry and standards development.

In his standards work, John co-chairs the OASIS “Privacy Management Reference Model (PMRM)” Technical Committee. He is also a member of the OASIS “Privacy by Design Documentation for Software Engineers (PbD-SE)” Technical Committee, and chairs the OASIS IDtrust Member Section Steering Committee. In that capacity, John was an OASIS representative to the Internet Technical Advisory Committee, providing advice on communications policy issues to the Organization for Economic Co-operation and Development (OECD). In June 2011, John spoke on the role of standards organizations in fostering data privacy at the OECD’s High Level Meeting on the Internet Economy in Paris. He has also represented OASIS in ISO/IEC and ITU-T technical meetings. In July 2011, John was named an OASIS Distinguished Contributor at the annual OASIS member’s meeting.

In his industry career, John was Senior Director, Global Government Relations, CA Technologies, from 2000 to 2012, where he focused on trusted infrastructure technologies, policies, and practices. He provided technology policy leadership in industry and government-led data security, privacy, and critical infrastructure protection initiatives and in standards development. Prior to working at CA Technologies, John was Business Development Director in IBM’s Network Computing Software Division, representing IBM’s security product division as a board member in external business alliances such as the PKI Forum and the International Security Trust and Privacy Alliance (ISTPA).

Before working in the private sector, John was Director of the U.S. Social Security Administration’s Electronic Services Staff where he founded the agency’s Web-based online services program and represented the agency in cross-government committees developing policies and implementations for e-government services and privacy-compliant identity systems.

At the ISTPA, John co-authored the “ISTPA Privacy Management Reference Model v2.0” and edited the ISTPA “Analysis of Privacy Principles: Making Privacy Operational.” He served as a board member of the Information Technology- Information Sharing and Analysis Center (IT-ISAC) from 2002 to 2012, and was a member of the IT Sector Coordinating Council, both organizations focusing on critical infrastructure protection. John also served as one of the original members of the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee and was a long-time member of the NIST Information Security and Privacy Advisory Board.

Contributing to formal consultations and expert panels, John is an invited speaker at international security and privacy conferences, has authored published journal articles, and contributes to technical studies on security, privacy and trust issues. He holds degrees from King’s College (Pennsylvania) and the University of Notre Dame and holds a CISSP certification.


European Identity & Cloud Conference 2015
05/07/2015 14:30-15:30 IoT/OT Privacy & Security
IoT Privacy Risks, Legislation and Solutions
European Identity & Cloud Conference 2013
05/15/2013 10:30-12:30 PbD – Stronger than the Big Data Players?
Privacy-by-Design in the Era of Big Data
05/16/2013 15:00-16:00 Mobile Standards
OASIS Panel: Leveraging Standards to Combat Threats in Mobile Environments
European Identity & Cloud Conference 2012
04/17/2012 09:00-13:00 OASIS: Identity, Privacy, and Data Protection in the Cloud – What is Being Done? Is it Enough? More
European Identity Conference 2011
05/11/2011 10:30-11:30 Harnessing the Impact of Cloud Computing More
European Identity Conference 2009
05/05/2009 09:00-13:00 OASIS Roundtable: From 30,000 Feet – The Landscape of Identity Management Standards from the Public and Private Perspectives More
05/08/2009 09:00-12:00 OASIS Workshop (I)
Exploring the Risks & Solutions Involved in Securing Identity and Access Management
05/08/2009 13:30-16:00 OASIS Workshop (II)
Exploring the Risks & Solutions Involved in Securing Identity and Access Management


European Identity & Cloud Conference 2015
Securing Operational Technology (OT) and the Internet of Things (IoT) More
Seraphinite AcceleratorBannerText_Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.