This wiki has undergone a migration to Confluence found Here
November 4th 2008 Security Conference Call
==Attendees== (expected)
- Bernd Blobel Security Co-chair, absent
- Mike Davis Security Co-chair
- Frank Din
- Suzanne Gonzales-Webb CBCC Co-chair
- Patty Greim
- Bob Horn
- Glen Marshall Security Co-chair, absent
- Sarah Maulden
- Rob McClure
- John Moehrke
- Tanya Newton, absent
- Richard Thoreson CBCC Co-chair
- Ioana Singureanu
- Tony Weida
- Craig Winter
Agenda & Meeting Minutes
- (05 min) Roll Call
- (05 min) Approve Minutes & Accept Agenda (Mike D / Rob M) with updates
- (35 min) Deliverable Goal - Updating the HL7 RBAC Permission Catalog - addition of Privacy and Consent vocabulary as Constraints Role Engineering Process to create a Constraint Catalog
- Notes from Presentation :* Group is agreed in using only 'consent directive' rather than both 'consent directive and personal preference' as shown in presentation.
- Create a 'value set' from vocabulary
- Extend current RBAC Vocabulary with respect to semantic interoperability, wherein the model can be defined and is context
- (15 min) Constraint Catalog Example
- Semantic Interoperability - discussion, presentation (Rob McClure) in two weeks
- Semantic interoperability as an end goal wherein at policy level, the two systems see policy as the same thing with no confusion.
- Trigger events discussed.
Review of Constrait Catalog Example discussed
- row 2 is where there are interoperability point that security need to enforce policy
- row 3 are examples of row 2
- goal: agree on a common set of vocabularies
- ability to encode policy to a language (i.e. XACML--a policy language)
use vocabulary in the data consent and plug into consent matrix (or codes you are coming up with)
