This wiki has undergone a migration to Confluence found Here
Difference between revisions of "November 4th 2008 Security Conference Call"
Jump to navigation
Jump to search
| Line 17: | Line 17: | ||
* [mailto:craig.winter@va.gov Craig Winter] | * [mailto:craig.winter@va.gov Craig Winter] | ||
| − | ==Agenda & Meeting Minutes== | + | ==Agenda & Meeting Minutes== |
#''(05 min)'' Roll Call | #''(05 min)'' Roll Call | ||
| − | #''(05 min)'' Approve Minutes & Accept Agenda | + | #''(05 min)'' Approve Minutes & Accept Agenda (Mike D / Rob M) with updates |
| + | |||
#''(35 min)'' Deliverable Goal - '''Updating the HL7 RBAC Permission Catalog''' - addition of Privacy and Consent vocabulary as Constraints [http://hl7projects.hl7.nscee.edu/docman/view.php/59/409/Case%20for%20SNOMED%20Presentation%20DRAFT.pptx Role Engineering Process to create a Constraint Catalog] | #''(35 min)'' Deliverable Goal - '''Updating the HL7 RBAC Permission Catalog''' - addition of Privacy and Consent vocabulary as Constraints [http://hl7projects.hl7.nscee.edu/docman/view.php/59/409/Case%20for%20SNOMED%20Presentation%20DRAFT.pptx Role Engineering Process to create a Constraint Catalog] | ||
:Notes from Presentation :* Group is agreed in using only 'consent directive' rather than both 'consent directive and personal preference' as shown in presentation. | :Notes from Presentation :* Group is agreed in using only 'consent directive' rather than both 'consent directive and personal preference' as shown in presentation. | ||
| Line 25: | Line 26: | ||
:* Extend current RBAC Vocabulary with respect to semantic interoperability, wherein the model can be defined and is context | :* Extend current RBAC Vocabulary with respect to semantic interoperability, wherein the model can be defined and is context | ||
#''(15 min)'' [http://hl7projects.hl7.nscee.edu/docman/view.php/59/411/Copy%20of%20Constraint%20Catalog%20Example.%20-%20DRAFT.xlsx Constraint Catalog Example] | #''(15 min)'' [http://hl7projects.hl7.nscee.edu/docman/view.php/59/411/Copy%20of%20Constraint%20Catalog%20Example.%20-%20DRAFT.xlsx Constraint Catalog Example] | ||
| + | |||
| + | * Semantic Interoperability - discussion, presentation (Rob McClure) in two weeks | ||
| + | ** Semantic interoperability as an end goal wherein at policy level, the two systems see policy as the same thing with no confusion. | ||
| + | * Trigger events discussed. | ||
| + | Review of Constrait Catalog Example discussed | ||
| + | * row 2 is where there are interoperability point that security need to enforce policy | ||
| + | * row 3 are examples of row 2 | ||
| + | * goal: agree on a common set of vocabularies | ||
| + | ** ability to encode policy to a language (i.e. XACML--a policy language) | ||
[[Security|Back to Meetings]] | [[Security|Back to Meetings]] | ||
Revision as of 18:41, 4 November 2008
==Attendees== (expected)
- Bernd Blobel Security Co-chair, absent
- Mike Davis Security Co-chair
- Frank Din
- Suzanne Gonzales-Webb CBCC Co-chair
- Patty Greim
- Bob Horn
- Glen Marshall Security Co-chair, absent
- Sarah Maulden
- Rob McClure
- John Moehrke
- Tanya Newton, absent
- Richard Thoreson CBCC Co-chair
- Ioana Singureanu
- Tony Weida
- Craig Winter
Agenda & Meeting Minutes
- (05 min) Roll Call
- (05 min) Approve Minutes & Accept Agenda (Mike D / Rob M) with updates
- (35 min) Deliverable Goal - Updating the HL7 RBAC Permission Catalog - addition of Privacy and Consent vocabulary as Constraints Role Engineering Process to create a Constraint Catalog
- Notes from Presentation :* Group is agreed in using only 'consent directive' rather than both 'consent directive and personal preference' as shown in presentation.
- Create a 'value set' from vocabulary
- Extend current RBAC Vocabulary with respect to semantic interoperability, wherein the model can be defined and is context
- (15 min) Constraint Catalog Example
- Semantic Interoperability - discussion, presentation (Rob McClure) in two weeks
- Semantic interoperability as an end goal wherein at policy level, the two systems see policy as the same thing with no confusion.
- Trigger events discussed.
Review of Constrait Catalog Example discussed
- row 2 is where there are interoperability point that security need to enforce policy
- row 3 are examples of row 2
- goal: agree on a common set of vocabularies
- ability to encode policy to a language (i.e. XACML--a policy language)
