This wiki has undergone a migration to Confluence found Here
Difference between revisions of "January 10, 2017 Security Conference Call"
Jump to navigation
Jump to search
| Line 82: | Line 82: | ||
** The two domains would be one initiating domain and one responding domain | ** The two domains would be one initiating domain and one responding domain | ||
** The trusted policy federation services exposes | ** The trusted policy federation services exposes | ||
| − | ** | + | ** Assertions are also independently validated |
| + | ** Attribute and Role based access control policies | ||
| + | ** Kathleen requested for Ioana to look at different levels of assurances mechanisms within the HL7 vocabulary such as Trust Marks | ||
| + | ** Identity Management and Proofing is not covered, only asserting authorization level federation | ||
| + | ** Level of identity proofing can be asserted | ||
| + | ** A domain by definition has defined set Users, Data accessed by user, and Policy; The negotiation is about the negotiating the data in the contract. The level of assurance is Domain wise. | ||
| + | ** We use minimal identity proofing, we don't use two faze authentication, which allows each domain to apply its own policies | ||
| + | ** The operation for trust services is operation complete contract, with authorization policy, handling instructions, security label's functionality to deal with authorizations | ||
| + | ** Multiple level of assurances can occur within one domain | ||
| + | ** Between two organizations you can have hundreds of Domains depending on the two users; it is fluid and flexible | ||
| + | |||
| + | |||
| + | * Below Agenda Items will be carried forward to next Work Group call: | ||
| + | |||
| + | |||
* Bernd Blobel comments - Kathleen | * Bernd Blobel comments - Kathleen | ||
| + | |||
* John Moehrke's TF4FA comments - Kathleen | * John Moehrke's TF4FA comments - Kathleen | ||
* gforge ballot spreadsheet - HL7 PASS Audit Ballot outcome] - Diane | * gforge ballot spreadsheet - HL7 PASS Audit Ballot outcome] - Diane | ||
Revision as of 19:58, 31 January 2017
Back to Security Work Group Main Page
Attendees
| x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|---|---|
| . | John MoehrkeSecurity Co-chair | x | Kathleen ConnorSecurity Co-chair | x | Alexander Mense Security Co-chair | . | Trish WilliamsSecurity Co-chair | |||
| x | Mike Davis | x | Suzanne Gonzales-Webb | x | David Staggs | . | Mohammed Jafari | |||
| x | Glen Marshall, SRS | x | Beth Pumo | . | Ioana Singureanu | . | Rob Horn | |||
| x | Diana Proud-Madruga | . | Serafina Versaggi | . | Joe Lamy | . | Galen Mulrooney | |||
| . | Duane DeCouteau | . | Chris Clark | . | Johnathan Coleman | . | Aaron Seib | |||
| . | Ken Salyards | . | Christopher D Brown TX | . | Gary Dickinson | x | Dave Silver | |||
| x | Rick Grow | . | William Kinsley | . | Paul Knapp | . | Mayada Abdulmannan | |||
| . | Kamalini Vaidya | . | Bill Kleinebecker | . | Christopher Shawn | . | Grahame Grieve | |||
| . | Oliver Lawless | . | Ken Rubin | . | David Tao | . | Nathan Botts |
Agenda
- (2 min) Roll Call, Agenda Approval
- (2 min) Security WG Call Minutes December 20, 2016
- (15 min) TF4FA Behavioral Model Elaboration - Ioana Singureanu
- (5 min) Bernd Blobel TF4FA comments - Kathleen
- (5 min) John Moehrke's TF4FA comments - Kathleen
- (10 min) [gforge ballot spreadsheet - HL7 PASS Audit Ballot outcome] - Diane
- (10 min) SLSv2 PSS - Diana
- (3 min) WGM Prep
- (5 min) FHIR AuditEvent and Provenance ballot comments & FHIR Security Call
Minutes
- Chaired by Alex
- Agenda Approved (Kathleen, Ioana)
- Security WG Call Minutes December 20, 2016-deferred to next meeting
- TF4FA Behavioral Model Elaboration - Ioana Singureanu
- Kathleen present Ioana who is tasked to move from conceptual model to background independent model showing services
- Will present at connectathon
- Ioana presented the source model:
- The document is out for review shows high level concepts of trust framework
- Trust contract, federated security policy negotiated between the two domains
- Negotiation between domains results a signed agreed upon trust contract
- Results in making authorization decision between the two federated domains
- The Security token based on the trust contract and initiated an exchange flow between resources
- All the systems will have trust marks with the capabilities
- The two domains would be one initiating domain and one responding domain
- The trusted policy federation services exposes
- Assertions are also independently validated
- Attribute and Role based access control policies
- Kathleen requested for Ioana to look at different levels of assurances mechanisms within the HL7 vocabulary such as Trust Marks
- Identity Management and Proofing is not covered, only asserting authorization level federation
- Level of identity proofing can be asserted
- A domain by definition has defined set Users, Data accessed by user, and Policy; The negotiation is about the negotiating the data in the contract. The level of assurance is Domain wise.
- We use minimal identity proofing, we don't use two faze authentication, which allows each domain to apply its own policies
- The operation for trust services is operation complete contract, with authorization policy, handling instructions, security label's functionality to deal with authorizations
- Multiple level of assurances can occur within one domain
- Between two organizations you can have hundreds of Domains depending on the two users; it is fluid and flexible
- Below Agenda Items will be carried forward to next Work Group call:
- Bernd Blobel comments - Kathleen
- John Moehrke's TF4FA comments - Kathleen
- gforge ballot spreadsheet - HL7 PASS Audit Ballot outcome] - Diane
- SLSv2 PSS - Diana
- WGM Prep
- FHIR AuditEvent and Provenance ballot comments & FHIR Security Call2 min) Roll Call, Agenda Approval
- Security WG Call Minutes December 20, 2016
- TF4FA Behavioral Model Elaboration - Ioana Singureanu
- Bernd Blobel TF4FA comments - Kathleen
- John Moehrke's TF4FA comments - Kathleen
- gforge ballot spreadsheet - HL7 PASS Audit Ballot outcome] - Diane
- SLSv2 PSS - Diana
- WGM Prep
- FHIR AuditEvent and Provenance ballot comments & FHIR Security Call
