This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "November 4th 2008 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
==Attendees==
+
==Attendees== (expected)
  
 
* [mailto:bernd.blobel@ehealth-cc.de Bernd Blobel] Security Co-chair, absent
 
* [mailto:bernd.blobel@ehealth-cc.de Bernd Blobel] Security Co-chair, absent
Line 5: Line 5:
 
* [mailto:fdin@apelon.com Frank Din]
 
* [mailto:fdin@apelon.com Frank Din]
 
* [mailto:gonzaleswebs@saic.com Suzanne Gonzales-Webb] CBCC Co-chair
 
* [mailto:gonzaleswebs@saic.com Suzanne Gonzales-Webb] CBCC Co-chair
* [mailto:patty.greim@va.gov Patty Greim]
 
* [mailto:robert.horn@agfa.com Bob Horn], absent
 
 
* [mailto:glen.f.marshall@siemans.com Glen Marshall] Security Co-chair, absent
 
* [mailto:glen.f.marshall@siemans.com Glen Marshall] Security Co-chair, absent
* [mailto:sarah.maulden@va.gov Sarah Maulden]
 
 
* [mailto:rmcclure@apelon.com Rob McClure]
 
* [mailto:rmcclure@apelon.com Rob McClure]
 
* [mailto:john.moehrke@med.ge.com John Moehrke]
 
* [mailto:john.moehrke@med.ge.com John Moehrke]
* [mailto:tnewton@safe-biopharma.org Tanya Newton], absent
 
 
* [mailto:richard.thoreson@samhsa.hhs.gov Richard Thoreson] CBCC Co-chair
 
* [mailto:richard.thoreson@samhsa.hhs.gov Richard Thoreson] CBCC Co-chair
 
* [mailto:ioana@eversolve.com Ioana Singureanu], absent
 
* [mailto:ioana@eversolve.com Ioana Singureanu], absent
Line 17: Line 13:
 
* [mailto:craig.winter@va.gov Craig Winter]
 
* [mailto:craig.winter@va.gov Craig Winter]
  
 +
==Agenda & Meeting Minutes==
 +
''(05 min)'' Roll Call
 +
:''(15 min)'' Approve Minutes & Accept Agenda (Mike D / Rob M) with discussed updates
 +
:''(40 min)'' Discussion
 +
* Semantic Interoperability - discussion, presentation (Rob McClure) in two weeks
 +
** Semantic interoperability as an end goal wherein at policy level, the two systems see policy as the same thing with no confusion.
 +
* Trigger events discussed.
 +
* Review, Q&A, Clarification of Constraint Catalog Example presented at last meeting discussed
 +
** Row 2 is where there are possible interoperability points where Security needs to enforce policy
 +
** Row 3 are examples from the current Permission Catalog and CBCC's Data Consent Model of Row 2
 +
* A starting vocabulary should be decided upon in order to begin work on Constraint Catalog
 +
** The ability to encode policy to a language (i.e. XACML--a policy language)
 +
:Use vocabulary in the data consent and plug into consent matrix (or codes you are coming up with)
  
==Agenda & Meeting Minutes==
+
==To Do List==
#''(05 min)'' Roll Call
+
Group Homework:  To Review the Draft Constraint Catalog [http://hl7projects.hl7.nscee.edu/docman/view.php/59/411/Copy%20of%20Constraint%20Catalog%20Example.%20-%20DRAFT.xlsx Constraint Catalog]
#''(05 min)'' Approve Minutes & Accept Agenda (10-0-0 Mike D/John M)
+
* Does this spreadsheet contain enough information?  too much information?
#''(35 min)'' Deliverable Goal - '''Updating the HL7 RBAC Permission Catalog''' - addition of Privacy and Consent vocabulary as Constraints  [http://hl7projects.hl7.nscee.edu/docman/view.php/59/409/Case%20for%20SNOMED%20Presentation%20DRAFT.pptx Role Engineering Process to create a Constraint Catalog]
+
* Confirm that the most current data is available in each column
:Notes from Presentation
+
* Prepare to give comments at next meeting
:* Group is agreed in using only 'consent directive' rather than both 'consent directive and personal preference' as shown in presentation.
 
:* Create a 'value set' from vocabulary
 
:* Extend current RBAC Vocabulary with respect to semantic interoperability, wherein the model can be defined and is context
 
#''(15 min)'' [http://hl7projects.hl7.nscee.edu/docman/view.php/59/411/Copy%20of%20Constraint%20Catalog%20Example.%20-%20DRAFT.xlsx Constraint Catalog Example]
 
 
 
  
 
[[Security|Back to Meetings]]
 
[[Security|Back to Meetings]]

Latest revision as of 03:34, 5 November 2008

==Attendees== (expected)

Agenda & Meeting Minutes

(05 min) Roll Call

(15 min) Approve Minutes & Accept Agenda (Mike D / Rob M) with discussed updates
(40 min) Discussion
  • Semantic Interoperability - discussion, presentation (Rob McClure) in two weeks
    • Semantic interoperability as an end goal wherein at policy level, the two systems see policy as the same thing with no confusion.
  • Trigger events discussed.
  • Review, Q&A, Clarification of Constraint Catalog Example presented at last meeting discussed
    • Row 2 is where there are possible interoperability points where Security needs to enforce policy
    • Row 3 are examples from the current Permission Catalog and CBCC's Data Consent Model of Row 2
  • A starting vocabulary should be decided upon in order to begin work on Constraint Catalog
    • The ability to encode policy to a language (i.e. XACML--a policy language)
Use vocabulary in the data consent and plug into consent matrix (or codes you are coming up with)

To Do List

Group Homework: To Review the Draft Constraint Catalog Constraint Catalog

  • Does this spreadsheet contain enough information? too much information?
  • Confirm that the most current data is available in each column
  • Prepare to give comments at next meeting

Back to Meetings

Retrieved from "https://wiki.hl7.org/w/index.php?title=November_4th_2008_Security_Conference_Call&oldid=20292"