OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xspa message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [xspa] RE: discussion paper on use cases for the XACML ontology work for tomorrows call (25 June 2010, 01:00pm to 02:00pm ET)

Title: Re: discussion paper on use cases for the XACML ontology work for tomorrows call (25 June 2010, 01:00pm to 02:00pm ET)

Hi John

 

If you assume an ontology provides a shared vocabulary, the type of objects and/or concepts that exist, and their properties and relations in the form of a model of a domain, the tables in ASTM E 1986-09 on data elements (Table 1) and roles (Table 2) have the characteristics of an ontology.

 

If you assume that the enforcement of security and privacy in healthcare will require the power of an ontology aware PDP (O-PDP), then we need something to exercise the O-PDP functionality so the XACML TC can develop a standard we can use in the future. 

 

These use cases were created as a starting point that avoids the creation of an ad hoc ontology.  We may work to address tailored ontologies in a different work item but combining that with the O-PDP work item would overwhelm us.  The XACML TC has expressed their desire to focus on the XACML aspect; the finer points of ontologies may be part of a different effort.

 

Future use of ontologies may be unique to providers and might be exchanged between providers.  But creating the “correct” ontology for an enterprise is predicated on the ability to comprehend an ontology, so I wanted to have a few simple use cases that would encourage its development.

 

Regards,

David

David Staggs, JD, CISSP (SAIC)
Veterans Health Administration
Chief Health Informatics Office
Standards and Interoperability
Office: 858 433 1473

From: Moehrke, John (GE Healthcare) [mailto:John.Moehrke@med.ge.com]
Sent: Friday, June 25, 2010 10:07 AM
To: Staggs, David (SAIC); Michael Dufel; xspa@lists.oasis-open.org
Cc: Coyne, Ed (SAIC); Davis, John M.
Subject: RE: [xspa] RE: discussion paper on use cases for the XACML ontology work for tomorrows call (25 June 2010, 01:00pm to 02:00pm ET)

 

I very much agree with the question. And would say that the hierarchy found in ASTM E1986-09 is a nice hierarchy for organizing roles; but is not necessarly going to be agreed by all organizations as the correct hierarchy for ‘rights’ inheritance. Some ‘rights’ should stay with the low (more specific) role and not be inherited upward. Some roles may be organizationally grouping roles from one perspective, but not from another.

 

John

 

From: Staggs, David (SAIC) [mailto:David.Staggs@va.gov]
Sent: Friday, June 25, 2010 9:57 AM
To: Michael Dufel; xspa@lists.oasis-open.org
Cc: Coyne, Ed (SAIC); Davis, John M.
Subject: [xspa] RE: discussion paper on use cases for the XACML ontology work for tomorrows call (25 June 2010, 01:00pm to 02:00pm ET)

 

Mike

 

That’s a very good observation.  I’ll try to explain my perspective.  The first use case (1.2.1.1.1) requires the PDP to understand the hierarchy of the ASTM E1986-09 to understand the credentials presented “Nurse’s Aide” (1.2.840.10065.1986.7.053) is under “non-licensed health care providers” category of “aides” and does not fall under the category of physicians and nurses only.  Does that make sense?

 

So can you give us some ideas on a use case directed to the issue of ontology-aware PDP.

 

Regards,

David

David Staggs, JD, CISSP (SAIC)
Veterans Health Administration
Chief Health Informatics Office
Standards and Interoperability
Office: 858 433 1473

From: Michael Dufel [mailto:michael.dufel@jerichosystems.com]
Sent: Friday, June 25, 2010 9:47 AM
To: Staggs, David (SAIC); xspa@lists.oasis-open.org
Cc: Coyne, Ed (SAIC); Davis, John M.
Subject: Re: discussion paper on use cases for the XACML ontology work for tomorrows call (25 June 2010, 01:00pm to 02:00pm ET)

 

The one thing that jumps out at me when reading, is that there is no explanation of why we need an ontology aware PDP, and how the technology enables the use cases.

The very last use case looks interesting. How do you define a “need to know”?

From: "Staggs, David (SAIC)" <David.Staggs@va.gov>
Date: Thu, 24 Jun 2010 18:56:41 -0400
To: <xspa@lists.oasis-open.org>
Cc: "Coyne, Ed (SAIC)" <Ed.Coyne@va.gov>, Michael Dufel <michael.dufel@jerichosystems.com>, "Davis, John M." <Mike.Davis@va.gov>
Subject: discussion paper on use cases for the XACML ontology work for tomorrows call (25 June 2010, 01:00pm to 02:00pm ET)

Colleagues
 
Attached is a discussion paper on use cases for the XACML ontology work I would like to include in our call tomorrow.  Michael Dufel and I will take notes on your comments and adjust the document for presentation to the XACML TC next Thursday (July 1).  We have a special guest, Dr. Ed Coyne, who has helped design some of these use cases joining us on the call tomorrow.  There is still plenty of time to change any of these use cases or add additional ontology-related use cases to the document.
 
Please send any suggestions for topics that should be added to the agenda.
 
Regards,
David
David Staggs, JD, CISSP (SAIC)
Veterans Health Administration
Chief Health Informatics Office
Standards and Interoperability
Office: 858 433 1473

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]