This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

April 13th, 2010 Security Conference Call

From HL7Wiki
Jump to navigation Jump to search

Security Working Group Meeting

Back to Security Main Page

Attendees

Agenda

  1. (05 min) Roll Call, Approve minutes 6 April 2010 & Accept Agenda
  2. (55 min) Security and Privacy Ontology Project

Minutes

1. Action Items

Reminder: Composite Security and Privacy Domain Analysis Model ballot is now open. Please vote!

2. Resolutions

Minutes of 6 April were approved. Motion to approve by Mike Davis, seconded by Suzanne Gonzales-Webb

3. Updates/Discussion

Security and Privacy Ontology Project

  • Mike attended the SOA Ontology project call on Monday, April 12 and reported that Protégé v.4.0.2 has been selected for use (the most recent and stable version of Protégé)
  • Mike also reported on discussions taking place within the OASISXACML committee with respect to ontologies
    • The committee approved a work item to investigate ontologioes and a follow up call took place with Jericho Systems to discuss strategies and determine how Jericho would be involved. The management of Jericho is concerned about how this work might impact their products so this needs to be resolved.
  • The Security and Privacy Ontology project will be following the OASIS XACML committee activities as well as the SOA Ontology project as there are there opportunities for us to harmonize wit those efforts
  • The focus of the rest of today’s meeting (which extended into the CBCC WG) for the next two hours was a presentation of the work underway by Tony Weida on developing an ontology for Role-based Access Control using Protégé. (The demonstration today was using the alpha version of Protégé v.4.1)
    • Tony began with an overview of Description Logic (DL), OWL and the Protégé-OWL editor plug-in. Tony then proceeded into the RBAC ontology demonstration.

Some important concepts related to ontologies that were touched on include:

  • Classes versus individuals
    • Classes: when you’re dealing with a kind-of-something (concepts) and when you want to allow further precision
    • Individuals: when you’re dealing with things that have an identity and can be counted (atoms), or you don’t need further precision.
  • Open world assumption: Anything may be true unless it is proven false.
    • This contrasts with the Closed-world assumption (e.g., database) where anything that cannot be found is assumed to be false.
  • Necessary and Sufficient Conditions:
  • Primitive classes versus Fully Defined classes
  • Subsumption
  • Disjointness: Classes are not disjoint by default; partial overlap of classes is assumed. Disjointness must be made explicit.
  • No unique name assumption: