Difference between revisions of "Product Sec RBAC"
(New page: =Product Brief - Role-based Access Control Healthcare Permission Catalog (RBAC) = __TOC__ back to Main_Page<br/>back to Product_List ==Product Name== Role-based Access Control Heal...) |
|||
| (3 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
back to [[Main_Page]]<br/>back to [[Product_List]] | back to [[Main_Page]]<br/>back to [[Product_List]] | ||
==Product Name== | ==Product Name== | ||
| − | Role-based Access Control Healthcare Permission Catalog, Release | + | Role-based Access Control Healthcare Permission Catalog, Release 2 |
===Topics=== | ===Topics=== | ||
| Line 15: | Line 15: | ||
===Releases=== | ===Releases=== | ||
| − | ANSI/HL7 V3 RBAC, R1-2008; R2- | + | ANSI/HL7 V3 RBAC, R1-2008; |
| + | ANSI/HL7 V3 RBAC, R2-2010 | ||
| + | |||
===Summary=== | ===Summary=== | ||
| Line 36: | Line 38: | ||
====Work Groups==== | ====Work Groups==== | ||
| − | [http://www.hl7.org/Special/committees/secure/index.cfm Security WG] | + | *[http://www.hl7.org/Special/committees/secure/index.cfm Security WG] |
| + | *[http://www.hl7.org/Special/committees/homehealth/index.cfm CBCC WG] | ||
| + | |||
====Education==== | ====Education==== | ||
* See more at http://www.hl7.org/implement/training.cfm | * See more at http://www.hl7.org/implement/training.cfm | ||
| Line 50: | Line 54: | ||
*[http://www.hl7.org/special/Committees/projman/searchableProjectIndex.cfm?action=edit&ProjectNumber=xxx Project Insight ID # xxx], | *[http://www.hl7.org/special/Committees/projman/searchableProjectIndex.cfm?action=edit&ProjectNumber=xxx Project Insight ID # xxx], | ||
--> | --> | ||
| + | [[Category:Products]] | ||
Latest revision as of 14:19, 30 September 2010
Product Brief - Role-based Access Control Healthcare Permission Catalog (RBAC)
Contents
back to Main_Page
back to Product_List
Product Name
Role-based Access Control Healthcare Permission Catalog, Release 2
Topics
Standard Category
- Health Information Exchange Standards
Integration Paradigm
- Foundation
Type
Normative, ANSI Standard
Releases
ANSI/HL7 V3 RBAC, R1-2008; ANSI/HL7 V3 RBAC, R2-2010
Summary
This document is an overview of the five documents that together comprise the HL7 Security Work Group's Role Based Access Control project work products.
Description
This document presents normative language to the HL7 permission vocabulary in constructing permissions {operation, object} pairs. The vocabulary contained in this permission catalog provides information supporting access control decision and enforcement functions as defined by ISO 10181-3. Other forms of access control information are possible including entity based access control and context based access control outside the scope of these definitions. This vocabulary does not presume or prevent organizations from executing these controls or other local constraints used for other purposes (e.g., cardinality constraints regarding the number of persons asserting a role with a specific permission at a particular time). Specifically, this vocabulary does not prohibit use of logical rules and policies that an entity may choose to execute. This vocabulary is consistent with OASIS XACML and ANSI INCITS RBAC standards allowing entities to integrate RBAC into their total access management solution. This vocabulary is appropriate for RBAC only and may not be appropriate for use by other security services. There is nothing in these definitions to suggest that RBAC completely defines all aspects of access control information, only that which is necessary for interoperability defined by roles.
The HL7 Security WG has future plans to consider situations that reflect the policies of specific domains. These domain specific considerations are out of scope of the current permission definitions.
Resources
Work Groups
Education
- See more at http://www.hl7.org/implement/training.cfm
