This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "November 4th 2008 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(3 intermediate revisions by the same user not shown)
Line 5: Line 5:
 
* [mailto:fdin@apelon.com Frank Din]
 
* [mailto:fdin@apelon.com Frank Din]
 
* [mailto:gonzaleswebs@saic.com Suzanne Gonzales-Webb] CBCC Co-chair
 
* [mailto:gonzaleswebs@saic.com Suzanne Gonzales-Webb] CBCC Co-chair
* [mailto:patty.greim@va.gov Patty Greim]
 
* [mailto:robert.horn@agfa.com Bob Horn]
 
 
* [mailto:glen.f.marshall@siemans.com Glen Marshall] Security Co-chair, absent
 
* [mailto:glen.f.marshall@siemans.com Glen Marshall] Security Co-chair, absent
* [mailto:sarah.maulden@va.gov Sarah Maulden]
 
 
* [mailto:rmcclure@apelon.com Rob McClure]
 
* [mailto:rmcclure@apelon.com Rob McClure]
 
* [mailto:john.moehrke@med.ge.com John Moehrke]
 
* [mailto:john.moehrke@med.ge.com John Moehrke]
* [mailto:tnewton@safe-biopharma.org Tanya Newton], absent
 
 
* [mailto:richard.thoreson@samhsa.hhs.gov Richard Thoreson] CBCC Co-chair
 
* [mailto:richard.thoreson@samhsa.hhs.gov Richard Thoreson] CBCC Co-chair
* [mailto:ioana@eversolve.com Ioana Singureanu]
+
* [mailto:ioana@eversolve.com Ioana Singureanu], absent
 
* [mailto:weida@apelon.com Tony Weida]
 
* [mailto:weida@apelon.com Tony Weida]
 
* [mailto:craig.winter@va.gov Craig Winter]
 
* [mailto:craig.winter@va.gov Craig Winter]
  
 
==Agenda & Meeting Minutes==  
 
==Agenda & Meeting Minutes==  
#''(05 min)'' Roll Call
+
''(05 min)'' Roll Call
#''(05 min)'' Approve Minutes & Accept Agenda (Mike D / Rob M) with updates
+
:''(15 min)'' Approve Minutes & Accept Agenda (Mike D / Rob M) with discussed updates  
 
+
:''(40 min)'' Discussion
#''(35 min)'' Deliverable Goal - '''Updating the HL7 RBAC Permission Catalog''' - addition of Privacy and Consent vocabulary as Constraints [http://hl7projects.hl7.nscee.edu/docman/view.php/59/409/Case%20for%20SNOMED%20Presentation%20DRAFT.pptx Role Engineering Process to create a Constraint Catalog]
 
:Notes from Presentation :* Group is agreed in using only 'consent directive' rather than both 'consent directive and personal preference' as shown in presentation.
 
:* Create a 'value set' from vocabulary
 
:* Extend current RBAC Vocabulary with respect to semantic interoperability, wherein the model can be defined and is context
 
#''(15 min)'' [http://hl7projects.hl7.nscee.edu/docman/view.php/59/411/Copy%20of%20Constraint%20Catalog%20Example.%20-%20DRAFT.xlsx Constraint Catalog Example]
 
 
 
 
* Semantic Interoperability - discussion, presentation (Rob McClure) in two weeks
 
* Semantic Interoperability - discussion, presentation (Rob McClure) in two weeks
 
** Semantic interoperability as an end goal wherein at policy level, the two systems see policy as the same thing with no confusion.
 
** Semantic interoperability as an end goal wherein at policy level, the two systems see policy as the same thing with no confusion.
 
* Trigger events discussed.
 
* Trigger events discussed.
Review of Constrait Catalog Example discussed
+
* Review, Q&A, Clarification of Constraint Catalog Example presented at last meeting discussed
* row 2 is where there are interoperability point that security need to enforce policy
+
** Row 2 is where there are possible interoperability points where Security needs to enforce policy
* row 3 are examples of row 2
+
** Row 3 are examples from the current Permission Catalog and CBCC's Data Consent Model of Row 2
* goal: agree on a common set of vocabularies
+
* A starting vocabulary should be decided upon in order to begin work on Constraint Catalog
** ability to encode policy to a language (i.e. XACML--a policy language)
+
** The ability to encode policy to a language (i.e. XACML--a policy language)
use vocabulary in the data consent and plug into consent matrix (or codes you are coming up with)
+
:Use vocabulary in the data consent and plug into consent matrix (or codes you are coming up with)
 +
 
 +
==To Do List==
 +
Group Homework:  To Review the Draft Constraint Catalog [http://hl7projects.hl7.nscee.edu/docman/view.php/59/411/Copy%20of%20Constraint%20Catalog%20Example.%20-%20DRAFT.xlsx  Constraint Catalog]
 +
* Does this spreadsheet contain enough information?  too much information?
 +
* Confirm that the most current data is available in each column
 +
* Prepare to give comments at next meeting
  
 
[[Security|Back to Meetings]]
 
[[Security|Back to Meetings]]

Latest revision as of 03:34, 5 November 2008

==Attendees== (expected)

Agenda & Meeting Minutes

(05 min) Roll Call

(15 min) Approve Minutes & Accept Agenda (Mike D / Rob M) with discussed updates
(40 min) Discussion
  • Semantic Interoperability - discussion, presentation (Rob McClure) in two weeks
    • Semantic interoperability as an end goal wherein at policy level, the two systems see policy as the same thing with no confusion.
  • Trigger events discussed.
  • Review, Q&A, Clarification of Constraint Catalog Example presented at last meeting discussed
    • Row 2 is where there are possible interoperability points where Security needs to enforce policy
    • Row 3 are examples from the current Permission Catalog and CBCC's Data Consent Model of Row 2
  • A starting vocabulary should be decided upon in order to begin work on Constraint Catalog
    • The ability to encode policy to a language (i.e. XACML--a policy language)
Use vocabulary in the data consent and plug into consent matrix (or codes you are coming up with)

To Do List

Group Homework: To Review the Draft Constraint Catalog Constraint Catalog

  • Does this spreadsheet contain enough information? too much information?
  • Confirm that the most current data is available in each column
  • Prepare to give comments at next meeting

Back to Meetings

Retrieved from "https://wiki.hl7.org/w/index.php?title=November_4th_2008_Security_Conference_Call&oldid=20292"