This wiki has undergone a migration to Confluence found Here
Difference between revisions of "October 18, 2016 Security Conference Call"
Jump to navigation
Jump to search
m (→Minutes) |
|||
(5 intermediate revisions by 2 users not shown) | |||
Line 25: | Line 25: | ||
||||.|| [mailto:serafina.versaggi@gmail.com Serafina Versaggi ] | ||||.|| [mailto:serafina.versaggi@gmail.com Serafina Versaggi ] | ||
||||.|| [mailto:joe.lamy@aegis.net Joe Lamy] | ||||.|| [mailto:joe.lamy@aegis.net Joe Lamy] | ||
− | |||| | + | ||||x|| [mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney] |
|- | |- | ||
|| .|| [mailto:duane.decouteau@gmail.com Duane DeCouteau] | || .|| [mailto:duane.decouteau@gmail.com Duane DeCouteau] | ||
Line 40: | Line 40: | ||
||||.|| [mailto:bkinsley@nextgen.com William Kinsley] | ||||.|| [mailto:bkinsley@nextgen.com William Kinsley] | ||
||||.|| [mailto:pknapp@pknapp.com Paul Knapp] | ||||.|| [mailto:pknapp@pknapp.com Paul Knapp] | ||
− | |||| | + | ||||x|| [mailto:Mayada.Abdulmannan@va.gov Mayada Abdulmannan] |
|- | |- | ||
|| .|| [mailto:kamalinivaidya@systemsmadesimple.com Kamalini Vaidya] | || .|| [mailto:kamalinivaidya@systemsmadesimple.com Kamalini Vaidya] | ||
Line 59: | Line 59: | ||
# ''(5 min)'' '''Approve [http://wiki.hl7.org/index.php?title=October_11,_2016_Security_Conference_Call Security WG October 11, 2016 call minutes] and [http://wiki.hl7.org/index.php?title=September_13,_2016_Security_Conference_Call Security WG September 13, 2016 Minutes]. | # ''(5 min)'' '''Approve [http://wiki.hl7.org/index.php?title=October_11,_2016_Security_Conference_Call Security WG October 11, 2016 call minutes] and [http://wiki.hl7.org/index.php?title=September_13,_2016_Security_Conference_Call Security WG September 13, 2016 Minutes]. | ||
# ''(15 min)'' '''PSAF Ballot v.next''' Mike to discuss proposed NIB submission by 10-31. See below for details. | # ''(15 min)'' '''PSAF Ballot v.next''' Mike to discuss proposed NIB submission by 10-31. See below for details. | ||
− | #''(5 min)'' John recommended that the Security WG consider FHIR discussion about two very different role models for Practitioner, which have a Security impact. Please read and react so that we can help with the decision. [https://brianpos.wordpress.com/2016/10/16/practitioner-role-vs-practitionerrole/ Practitioner.Role vs PractitionerRole] blog by Brian Postlethwaite | + | #''(5 min)'' John recommended that the Security WG consider FHIR discussion about two very different role models for Practitioner, which have a Security impact. Please read and react so that we can help with the decision. [https://brianpos.wordpress.com/2016/10/16/practitioner-role-vs-practitionerrole/ Practitioner.Role vs PractitionerRole] blog by Brian Postlethwaite. See Notes below. |
# ''(5 min)'' '''PASS Audit Conceptual Model''' – Diana | # ''(5 min)'' '''PASS Audit Conceptual Model''' – Diana | ||
# ''(5 min)'' '''FHIR AuditEvent and Provenance ballot comments & FHIR Security Call reminder''' - John | # ''(5 min)'' '''FHIR AuditEvent and Provenance ballot comments & FHIR Security Call reminder''' - John | ||
Line 69: | Line 69: | ||
*HL7 Security Work Group is continuing development of an overarching Privacy and Security Framework Architecture[PSAF] based on foundational authorization standards: ISO/IEC 10181-3; Information Technology – Open Systems Interconnection – Security Frameworks for Open Systems: Access Control Framework and ISO/TS 22600 Privilege Management and Access Control (PMAC). PSAF builds on the HL7 Composite Security and Privacy Domain Analysis Model as the unifying framework for all of HL7 Privacy and Security standards, and now includes a policy-based Trust Framework for Federated Authorization [TF4FA]. | *HL7 Security Work Group is continuing development of an overarching Privacy and Security Framework Architecture[PSAF] based on foundational authorization standards: ISO/IEC 10181-3; Information Technology – Open Systems Interconnection – Security Frameworks for Open Systems: Access Control Framework and ISO/TS 22600 Privilege Management and Access Control (PMAC). PSAF builds on the HL7 Composite Security and Privacy Domain Analysis Model as the unifying framework for all of HL7 Privacy and Security standards, and now includes a policy-based Trust Framework for Federated Authorization [TF4FA]. | ||
*PSAF/TF4FA conceptual information and behavioral model is intended to align with the approach taken in the draft NIST Internal Report (NISTIR) 8149: Developing Trust Frameworks to Support Identity Federation [NISTR 8149] for federated identities but for federated authorization. The September 2016 ballot version of TF4FA includes a high-level conceptual information model, which represents the privacy, security, and trust policies within each domain that is party to a Trust Framework contract. In this ballot document, the focal Trust Framework contract is an agreement among policy domains on federated authorization policies. | *PSAF/TF4FA conceptual information and behavioral model is intended to align with the approach taken in the draft NIST Internal Report (NISTIR) 8149: Developing Trust Frameworks to Support Identity Federation [NISTR 8149] for federated identities but for federated authorization. The September 2016 ballot version of TF4FA includes a high-level conceptual information model, which represents the privacy, security, and trust policies within each domain that is party to a Trust Framework contract. In this ballot document, the focal Trust Framework contract is an agreement among policy domains on federated authorization policies. | ||
− | *The January 2017 ballot version includes a Security Label Service with Trust Access Control Decision Information (ADI) behavioral model collaboration model diagram from the HL7 Security Labeling Service specification[http://www.hl7.org/implement/standards/product_brief.cfm?product_id=360 HL7 Version 3 Standard: Privacy, Access and Security Services; Security Labeling Service, Release 1 (SLS)] to specify the use of (1) discoverable encoded Trust Policies for run-time negotiation of a Trust Framework among parties considering exchange of information or valuables; and (2) discoverable verification of a party's capability to support required trust parameters such as levels of assurance, active trust certification status, support for privacy, security, provenance, and integrity policies, and trust technologies. | + | *The January 2017 ballot version includes a Security Label Service with Trust Access Control Decision Information (ADI) behavioral model collaboration model diagram from the HL7 Security Labeling Service specification [http://www.hl7.org/implement/standards/product_brief.cfm?product_id=360 HL7 Version 3 Standard: Privacy, Access and Security Services; Security Labeling Service, Release 1 (SLS)] to specify the use of (1) discoverable encoded Trust Policies for run-time negotiation of a Trust Framework among parties considering exchange of information or valuables; and (2) discoverable verification of a party's capability to support required trust parameters such as levels of assurance, active trust certification status, support for privacy, security, provenance, and integrity policies, and trust technologies. |
+ | |||
===Revisions from September 2016 Ballot=== | ===Revisions from September 2016 Ballot=== | ||
*Revisions after September 2016 ballot reconciliation include clarification that this model is about the federation of policy domains regarding negotiated trust framework for cross domain authorization. Additions include behavioral model extending the PASS HL7 Security labeling Service to include determination of participation in a trust framework with shared approach to federated authorization and claims verification. | *Revisions after September 2016 ballot reconciliation include clarification that this model is about the federation of policy domains regarding negotiated trust framework for cross domain authorization. Additions include behavioral model extending the PASS HL7 Security labeling Service to include determination of participation in a trust framework with shared approach to federated authorization and claims verification. | ||
+ | ==Notes on Practitioner.Role vs PractitionerRole Resource== | ||
+ | *Brian and John point out security consequences of Practitioner.Role: "Security cannot easily filter some roles from the record for privacy reasons." | ||
+ | *Brian argues for the PractitionerRole Resource rather Practitioner.Role, because the latter won't scale if we wish to record provider affiliations over time because every Practitioner request would need to return all of this history, and it would bloat the result. | ||
+ | ==Minutes== | ||
+ | *Chaired by Kahtleen | ||
+ | |||
+ | * Approved Security WG October 11, 2016 (Unanimous approval) | ||
+ | * Approved call minutes and Security WG September 13, 2016 Minutes (Unanimous approval) | ||
+ | * Approved Minutes Security WG September 14, 2016 (Unanimous approval) | ||
− | + | *PSAF Ballot v.next Mike to discuss proposed NIB submission by 10-31. See below for details. (Mike) | |
+ | ** The direction of our model should be Trust Framework for Access Control | ||
+ | ** Our direction should focus on Authorization with several models (Ex: Domain, Authorization model etc.) | ||
+ | ** Going forward we should focus on a specific representation of Trust Framework example: | ||
+ | *** FHIR Security Model which has standards, international standards, and vocabulary | ||
+ | *** The focus on Security FHIR Information Model which will allow us to create a profile contract and legal framework | ||
+ | *** Output would be the contract | ||
+ | *** the next submission will be Trust Framework Federated Authorization for information only ballot | ||
+ | *** Kathleen will add a paragraph on the potential FHIR Security Policy information file | ||
+ | *** The focus will be on the security domain model along with FHIR | ||
+ | *** On the SLS guide we are to bring in the Trust ADI for verification of claims as part of the PSAF commitment | ||
+ | *** Kathleen will include the Publication of the SLS Guide link | ||
+ | **** Motion approved (Mike, John) | ||
+ | *John recommended that the Security WG consider FHIR discussion about two very different role models for Practitioner, which have a Security impact. Please read and react so that we can help with the decision. Practitioner.Role vs PractitionerRole blog by Brian Postlethwaite. | ||
+ | ** PractitionerRole Resource allows us to apply labels, and filters | ||
+ | ** Question (Diana): From a Security point of view are there problems that can be created moving forward with PractitionerRole? | ||
+ | ** Answer Kathleen: The query returns all locations and the query is overwhelmed. | ||
+ | ** Any comments should go to John | ||
+ | * PASS Audit Conceptual Model – (Diana) | ||
+ | ** The Pass Audit Conceptual Model at WKG meeting proposed to ballet Jan 17th | ||
+ | ** Will send out the the document to group | ||
+ | ** Security is active in the development of the document for comments | ||
+ | ** NIB is due Oct 30th | ||
+ | *PASS ACS (Diana) | ||
+ | ** Publication request is going into e-vote today | ||
+ | ** Diana will post the description into agenda | ||
+ | **Call Adjourned** |
Latest revision as of 18:55, 25 October 2016
Back to Security Work Group Main Page
Contents
Attendees
x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|---|---|
x | John MoehrkeSecurity Co-chair | x | Kathleen ConnorSecurity Co-chair | . | Alexander Mense Security Co-chair | . | Trish WilliamsSecurity Co-chair | |||
x | Mike Davis | x | Suzanne Gonzales-Webb | x | David Staggs | x | Mohammed Jafari | |||
x | Glen Marshall, SRS | . | Beth Pumo | . | Ioana Singureanu | . | Rob Horn | |||
x | Diana Proud-Madruga | . | Serafina Versaggi | . | Joe Lamy | x | Galen Mulrooney | |||
. | Duane DeCouteau | . | Chris Clark | . | Johnathan Coleman | . | Aaron Seib | |||
. | Ken Salyards | . | Christopher D Brown TX | . | Gary Dickinson | . | Dave Silver | |||
x | Rick Grow | . | William Kinsley | . | Paul Knapp | x | Mayada Abdulmannan | |||
. | Kamalini Vaidya | . | Bill Kleinebecker | x | Christopher Shawn | . | Grahame Grieve | |||
. | Oliver Lawless | . | Ken Rubin | . | Paul Petronelli , Mobile Health | . | Russell McDonell |
Agenda DRAFT
- (2 min) Roll Call, Agenda Approval
- (5 min) Approve Security WG October 11, 2016 call minutes and Security WG September 13, 2016 Minutes.
- (15 min) PSAF Ballot v.next Mike to discuss proposed NIB submission by 10-31. See below for details.
- (5 min) John recommended that the Security WG consider FHIR discussion about two very different role models for Practitioner, which have a Security impact. Please read and react so that we can help with the decision. Practitioner.Role vs PractitionerRole blog by Brian Postlethwaite. See Notes below.
- (5 min) PASS Audit Conceptual Model – Diana
- (5 min) FHIR AuditEvent and Provenance ballot comments & FHIR Security Call reminder - John
FHIR Security Ballot comment and CP review and FHIM modeling of PSAF - See agenda at FHIR Security Agenda
Proposed PSAF/TF4FA January NIB
Description
- HL7 Security Work Group is continuing development of an overarching Privacy and Security Framework Architecture[PSAF] based on foundational authorization standards: ISO/IEC 10181-3; Information Technology – Open Systems Interconnection – Security Frameworks for Open Systems: Access Control Framework and ISO/TS 22600 Privilege Management and Access Control (PMAC). PSAF builds on the HL7 Composite Security and Privacy Domain Analysis Model as the unifying framework for all of HL7 Privacy and Security standards, and now includes a policy-based Trust Framework for Federated Authorization [TF4FA].
- PSAF/TF4FA conceptual information and behavioral model is intended to align with the approach taken in the draft NIST Internal Report (NISTIR) 8149: Developing Trust Frameworks to Support Identity Federation [NISTR 8149] for federated identities but for federated authorization. The September 2016 ballot version of TF4FA includes a high-level conceptual information model, which represents the privacy, security, and trust policies within each domain that is party to a Trust Framework contract. In this ballot document, the focal Trust Framework contract is an agreement among policy domains on federated authorization policies.
- The January 2017 ballot version includes a Security Label Service with Trust Access Control Decision Information (ADI) behavioral model collaboration model diagram from the HL7 Security Labeling Service specification HL7 Version 3 Standard: Privacy, Access and Security Services; Security Labeling Service, Release 1 (SLS) to specify the use of (1) discoverable encoded Trust Policies for run-time negotiation of a Trust Framework among parties considering exchange of information or valuables; and (2) discoverable verification of a party's capability to support required trust parameters such as levels of assurance, active trust certification status, support for privacy, security, provenance, and integrity policies, and trust technologies.
Revisions from September 2016 Ballot
- Revisions after September 2016 ballot reconciliation include clarification that this model is about the federation of policy domains regarding negotiated trust framework for cross domain authorization. Additions include behavioral model extending the PASS HL7 Security labeling Service to include determination of participation in a trust framework with shared approach to federated authorization and claims verification.
Notes on Practitioner.Role vs PractitionerRole Resource
- Brian and John point out security consequences of Practitioner.Role: "Security cannot easily filter some roles from the record for privacy reasons."
- Brian argues for the PractitionerRole Resource rather Practitioner.Role, because the latter won't scale if we wish to record provider affiliations over time because every Practitioner request would need to return all of this history, and it would bloat the result.
Minutes
- Chaired by Kahtleen
- Approved Security WG October 11, 2016 (Unanimous approval)
- Approved call minutes and Security WG September 13, 2016 Minutes (Unanimous approval)
- Approved Minutes Security WG September 14, 2016 (Unanimous approval)
- PSAF Ballot v.next Mike to discuss proposed NIB submission by 10-31. See below for details. (Mike)
- The direction of our model should be Trust Framework for Access Control
- Our direction should focus on Authorization with several models (Ex: Domain, Authorization model etc.)
- Going forward we should focus on a specific representation of Trust Framework example:
- FHIR Security Model which has standards, international standards, and vocabulary
- The focus on Security FHIR Information Model which will allow us to create a profile contract and legal framework
- Output would be the contract
- the next submission will be Trust Framework Federated Authorization for information only ballot
- Kathleen will add a paragraph on the potential FHIR Security Policy information file
- The focus will be on the security domain model along with FHIR
- On the SLS guide we are to bring in the Trust ADI for verification of claims as part of the PSAF commitment
- Kathleen will include the Publication of the SLS Guide link
- Motion approved (Mike, John)
- John recommended that the Security WG consider FHIR discussion about two very different role models for Practitioner, which have a Security impact. Please read and react so that we can help with the decision. Practitioner.Role vs PractitionerRole blog by Brian Postlethwaite.
- PractitionerRole Resource allows us to apply labels, and filters
- Question (Diana): From a Security point of view are there problems that can be created moving forward with PractitionerRole?
- Answer Kathleen: The query returns all locations and the query is overwhelmed.
- Any comments should go to John
- PASS Audit Conceptual Model – (Diana)
- The Pass Audit Conceptual Model at WKG meeting proposed to ballet Jan 17th
- Will send out the the document to group
- Security is active in the development of the document for comments
- NIB is due Oct 30th
- PASS ACS (Diana)
- Publication request is going into e-vote today
- Diana will post the description into agenda
- Call Adjourned**