[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Two comments to the XACML profile
All, I have two concerns about the XACML profile. I have had these on my mind for a long time, from the RSA interop itself, but I haven't had time to work out concrete proposals yet, so I haven't posted about them to the list. But I'll post these concerns anyway now, since the profile is moving forward. 1. The manner by which content based filtering is done, that is, the "do not show radiology reports" use case, is probably not done in a scalable way. It means implementing special case treatment in the PEP/application for each type of resource which can be filtered out. It might be better to increase the granularity of the requests instead, ideally using the multiple resource profile of XACML. Then there is no need for filtering in the PEP/application. 2. I have concerns about the way HL7 based attributes are used in the requests. The problem is that if the application is producing these attributes, then the application will be tied to the current HL7 authorization model, and you get stuck with a legacy problem if/when HL7 changes or something new is done. I have some early ideas for how it should be done instead, but I haven't worked out the details yet. I think what is needed is an architecture which differentiates between different kinds of attributes which are derived from different sources. This architecture could contain metadata repositories for security model specific attributes and perhaps attribute translation/inheritance. I would prefer the profile to have such an architecture explicitly visible so people don't hardcode HL7 into their applications. (Perhaps the architecture could be a specification by itself, on which the HL7 profile can be based on.) However, doing so would mean more technical work and would delay the profile. Maybe the current approach could be a good first iteration? Note that I am not saying the the HL7 attriributes are wrong as they are, just that the profile should elaborate on how the attributes are produced and distributed, to provide guidance to implementors. Best regards, Erik
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]