This wiki has undergone a migration to Confluence found Here
July 08, 2014 Security WG Conference Call
Jump to navigation
Jump to search
Attendees
| x | Member Name | x | Member Name | x | Member Name | x | Member Name | ||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| x | Mike DavisSecurity Co-chair | . | John MoehrkeSecurity Co-chair | . | Trish WilliamsSecurity Co-chair | . | Bernd BlobelSecurity Co-chair | ||||
| . | Chris Clark | . | Johnathan ColemanCBCC Co-Chair | x | Kathleen Connor | x | Duane DeCouteau | ||||
| . | Reed Gelzer | x | Suzanne Gonzales-WebbCBCC Co-chair | x | Rick Grow | x | David Henkel | ||||
| . | Mohammed Jafari | . | Don Jorgenson | x | Alexander Mense | . | Amanda Nash | ||||
| . | Paul PetronelliMobile Health Security Co-chair | x | Diana Proud-Madruga | . | Harry Rhodes | , | Aaron Seib | ||||
| . | Ioana Singureanu | . | Walter Suarez | x | Tony Weida | . | Paul PetronellimHealth Co-chair | ||||
| . | . | . | . | . | . | . | . |
Agenda
- (05 min) Roll Call, Approval of Meeting Minutes
- (10 min) Update: Way with Verbs - Tony
- (10 min FHIR disposition - review/discussion
- (05 min) PSS Patient Friendly Security and Privacy
- (05 min) Other business, action items, and adjournment
Minutes Summary
- Meeting Minutes Approval for June 24, 2014; approved
FHIR disposition - review/discussion
- ID 3298; Summary Binary resources can be subverted for cross-site scripting
- assigned to Duane to provide thoughts on the implication
- assigned to Alex
Security labels in the http header that may be exposed (submitted by Kathleen) is missing
- if you put the security labels in the body of the FHIR payload, it may not necessarily be in the clear
ID 3350; Summary: Request change to Tag
- assigned to Kathleen; misspell, item should be closed.
ID 3312; Summary: Security Event for Tag modification
- from Richard Schneider
- Mike does not like the idea of modifying the information at will. There should be some provenance information--who has modified it, when, etc.
- Kathleen - this is an issue; how they can create operations and change TAGs
- security group needs to decide on how to do updates on TAGs.
- Mike - this could be a major role for Provenance
- assigned to Kathleen; with help
3318
- assigned to Mike and others
3310 Add additional notes to the RESTful API about security
- assigned to Alex Mense
RECOMMENDATION: Monitor week-to-week
- assign
