This wiki has undergone a migration to Confluence found Here
August 10th, 2010 Security Conference Call
Jump to navigation
Jump to search
Contents
Security Working Group Meeting
Attendees
- Tabitha Albertson
- Bill Braithwaite
- Jon Farmer
- Suzanne Gonzales-Webb CBCC Co-chair
- Michelle Johnston
- John Moehrke Security Co-chair
- Milan Petkovic
- Pat Pyette
- David Staggs
- Cliff Thompson
- Richard Thoreson CBCC Co-chair
- Serafina Versaggi scribe
- Craig Winter
Agenda
- (05 min) Roll Call, Accept Minutes August 3rd Security Work Group, Call for additional agenda items & Accept Agenda
- (10 min) John Moehrke - Security Risk Assessment Cookbook pilot projects update
- (45 min) Security and Privacy Ontology project
Minutes
1. Action Items
- Suzanne: Follow up with TSC regarding the results of the Security Risk Assessment pilots to determine next steps in getting the Cookbook approved as part of the HL7 Development Framework, and will report back to this group.
- Jon Farmer: Email to the Security Work Group list serv with the links to references to Ontology communities and projects that may be relevant to the this Security and Privacy Ontology project
2. Resolutions
3. Updates/Discussion
Security Risk Assessment Cookbook Pilot Projects Update
John Moehrke provided an update on three Security Risk Assessment pilot projects that have been underway over the past few weeks.
- The Security Cookbook was developed by members of the Security Work Group in response to the need for HL7 to address security concerns that are often present in the electronic exchange of health care information.
- The Security Cookbook materials are being piloted by three Work Groups so the information can be refined and best practices established in advance of the tutorial that will be presented during the October Plenary Meeting in Boston. That tutorial will take place on Thursday morning that week.
- Please encourage anyone you know who is working on a project that may benefit from conducting a Security risk assessment sooner than later
- The pilot work groups have been closely involved with the Security Work Group, so the process has gone very smoothly.
- Other HL7 Work Groups, whose members may not be as versed in Security concepts or may have considered Security to be "out of scope" for their standard (assuming that Security is handled somewhere else), will benefit from this tutorial.
- It is anticipated that working through a few additional projects within more clinically-oriented Work Groups will help to further refine the materials so they can be used independently by the Work Groups themselves without the help of someone from Security.
- The ultimate goals is for each HL7 Work Group to conduct a Security Risk Assessment for each new project, and that this process becomes (at least an optional) part of the HL7 standards development framework.
- The Risk Assessment spreadsheets for the three pilot projects as of August 10th are:
| Work Group | Project | Spreadsheet | |
|---|---|---|---|
| CBCC | CDA R2 Implementation Guide for Consent Directives | Risk Assessment | |
| PASS | Health Care Audit Control Services – Patient Privacy Capabilities draft 0.6 | Risk Assessment | |
| CCOW | CCOW Support of SAML Assertions | Not yet posted |
Progress to date:
- Each Work Group has gone through two sessions so far
- The first meeting involved a brainstorming exercise where the group generated a list of security-related risks pertaining to the artifact/standard in question
- The second meeting focused on analysis of those risks.
- Duplicate risks and out-of-scope of the work item were eliminated
- Each risk was analyzed to populate the following information:
- Type of impact (description of the impact)
- Level of impact (the consequence if the adverse event occurred)
- Probability (the likelihood that the risk will occur)
- Description of the mitigation
- Mitigation Type (this is called Mitigation Strategy in the Security Cookbook white paper)
- During the second session, additional threats were identified when the original brainstorming risk was found to be broken down into two or more risks.
- A third session will be conducted in each work group to complete the mitigation analysis
- The sessions helped to identify best practices that will be incorporated into the tutorial
- Bill: Those who are not versed in Security have difficulty in classifying risks and determining their probability of occurrence. They don’t believe that something useful will come of the classification of risks into two, three or five classes. As many real-world examples as we can provide to convey the importance of performing this type of risk assessment will help to support the need for going through this.
- Suzanne questions what are the next steps in terms of these pilots. Will the output of the process be presented back to the TSC for final consideration of the process?
- John has not gone through this process before, so it is unclear as to precise next steps
- Action Item: Suzanne will follow up with TSC regarding the results of the Security Risk Assessment pilots to determine next steps in getting the Cookbook approved as part of the HL7 Development Framework, and will report back to this group
- John indicates that the tutorial is part of the approval track and that he is working with Mike Henderson, of the Educational track
- John believes that at this stage, we have enough experience and educational material to offer this as an optional process, but we don’t yet have enough experience with a work group with no prior experience in security or conducting a risk assessment to know that the materials are sufficient to bring them up to speed to conduct this on their own.
Security and Privacy Ontology Project
- Mike requested Suzanne to look into a couple of issues related to this project
- Develop a fact sheet that can be used to explain the purpose and intent for this ontology
- Going back through the minutes to document decisions that were made during the development of the Composite Security and Privacy Domain Analysis Model (DAM) which is being used to guide the development of this ontology
- This will enable us to refer to a concise list of issues and decisions and will help to facilitate discussion when new people come into the group over time and have questions
- Going back through the minutes to document decisions that were made during the development of the Composite Security and Privacy Domain Analysis Model (DAM) which is being used to guide the development of this ontology
- Pull together the material that has been proposed for a methodology for developing an ontology. Mike would like to have a document that describes the process that we use for developing this ontology. This process will ensure that it can be a repeatable process.
- David Staggs joined today’s call because he is working with the OASIS XACML committee which is looking to develop an ontology-aware policy decision point (PDP). If they could reference an ontology that would make this more efficient, that would be ideal.
- The OASIS profiles will be brought to the ITU and therefore need to be able to be internationalized. This requires a hierarchical analysis of the attributes being passed.
- Tony has started on a hierarchy of the RBAC permissions catalog and this is being expanded to include a broader range of health care objects
- Jon Farmer commented on the synergy between the OASIS needs and the work that Tony has already begun.
- What’s not there yet is how to deal with the extended care community which David described as one of the use cases that the OASIS technical committee wanted to tackle. Merging these efforts would be great synergy.
- David explained that OASIS doesn’t have the health care domain expertise, but has participated in a number of interops with health care system vendors.
- John asked whether OASIS was expecting that the ontological hierarchy was expecting to encapsulate policy, meaning that from a policy perspective, all of those that are derived from this particular branch have the same permissions. That is a huge leap of the power of an ontology, especially the power of a global ontology, because the rights and responsibilities of the different structural or functional roles is very different on a regional basis, especially when you consider all the regions across the globe.
- David agreed and recalled that John raised this issue within the OASIS TC. It is still an open question within the XACML committee.
- Another question is whether you can use ontologies to pass around to be consumed.
- Jon Farmer referred to ontology communities and projects related to RDF such as the Freebase project where you can very effectively pass references to ontologies around (rather than the ontologies themselves) and do Feed Forward Inferencing.
- At query or request time, you could intersect the patient’s consent directive with the policy of the provider and heath care organization without passing any policy around, but just references to policies.
- David agreed and recalled that John raised this issue within the OASIS TC. It is still an open question within the XACML committee.
- Jon Farmer sent an email to the Security Work Group list serv with information pertaining to Feed Forward Inferencing.
A motion was made to adjourn the meeting by Pat Pyette and seconded by Suzanne
Meeting was adjourned at 1:40 PM EDT
No significant motions or decisions were made
Back to Security Main Page
