OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xspa message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Policy scope

A question came up today in discussion on Access Control white paper in IHE. How is it known when all applicable policies have been gathered? Specifically in an environment like the USA NHIN, how does the NHIN know when they have done sufficient gathering of policies in order to make the specific-access-control-decision?

 

I have heard discussions where the access control decision logic simply is happy making a positive response based on the knowledge it has, but how does it not know that there is a ‘new’ policy declaration available that indicates that the patient has revoked authorization?

 

The same can be said for a decision of NO could have been rather a YES because of a new authorization.

 

But the most concerning is how does the system understand that there is a policy available to be gathered/retrieved that is simply not applicable.

 

In the ‘old days’ under BPPC, this is handled simply because each policy identifier is either understood by the access-control-service (meaning the policy logic was configured into the ACS) or it is NOT. Therefore a query for all policies that have been acknowledged results in a list of unique identifiers to enable, therefore the decision is made based on the cross-section of those that are acknowledged vs those that are understood.  This results in a self limited set of policies.

 

In the XACML world, it is possible for the ACS to pull down the computable policy and make it known to my ACS… so how do I determine which I SHOULD incorporate vs which ones should I continue to ignore?

 

I presume that much of this is simply encoded into the policy as the scope of the policy. For example which organizations does this policy affect. If a policy indicates that it is scoped to a set of organizations that are not involved in a transaction, then that policy is not applicable. Is this already built into XACML core?

 

 

 

John Moehrke
Principal Engineer: Interoperability and Security
GE Healthcare

 

M +1 920 912 8451

John.Moehrke@med.ge.com
www.gehealthcare.com

 

9900 Innovation Drive

Mailstop 2142 

Wauwatosa, WI  53226

 

GE imagination at work

 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]