Product Sec RBAC
Product Brief - Role-based Access Control Healthcare Permission Catalog (RBAC)
Contents
back to Main_Page
back to Product_List
Product Name
Role-based Access Control Healthcare Permission Catalog, Release 1
Topics
Standard Category
- Health Information Exchange Standards
Integration Paradigm
- Foundation
Type
Normative, ANSI Standard
Releases
ANSI/HL7 V3 RBAC, R1-2008; R2-2009
Summary
This document is an overview of the five documents that together comprise the HL7 Security Work Group's Role Based Access Control project work products.
Description
This document presents normative language to the HL7 permission vocabulary in constructing permissions {operation, object} pairs. The vocabulary contained in this permission catalog provides information supporting access control decision and enforcement functions as defined by ISO 10181-3. Other forms of access control information are possible including entity based access control and context based access control outside the scope of these definitions. This vocabulary does not presume or prevent organizations from executing these controls or other local constraints used for other purposes (e.g., cardinality constraints regarding the number of persons asserting a role with a specific permission at a particular time). Specifically, this vocabulary does not prohibit use of logical rules and policies that an entity may choose to execute. This vocabulary is consistent with OASIS XACML and ANSI INCITS RBAC standards allowing entities to integrate RBAC into their total access management solution. This vocabulary is appropriate for RBAC only and may not be appropriate for use by other security services. There is nothing in these definitions to suggest that RBAC completely defines all aspects of access control information, only that which is necessary for interoperability defined by roles.
The HL7 Security WG has future plans to consider situations that reflect the policies of specific domains. These domain specific considerations are out of scope of the current permission definitions.
Resources
Work Groups
Education
- See more at http://www.hl7.org/implement/training.cfm