[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xspa] RE: discussion paper on use cases for the XACML ontology work for tomorrows call (25 June 2010, 01:00pm to 02:00pm ET)
Hi John If you assume an ontology
provides a shared vocabulary, the type of objects and/or concepts that exist,
and their properties and relations in the form of a model of a domain, the
tables in ASTM E 1986-09 on data elements (Table 1) and roles (Table 2) have
the characteristics of an ontology. If you assume that the enforcement of
security and privacy in healthcare will require the power of an ontology aware
PDP (O-PDP), then we need something to exercise the O-PDP functionality so the
XACML TC can develop a standard we can use in the future. These use cases were created as a starting
point that avoids the creation of an ad hoc ontology. We may work to address tailored ontologies
in a different work item but combining that with the O-PDP work item would overwhelm
us. The XACML TC has expressed
their desire to focus on the XACML aspect; the finer points of ontologies may
be part of a different effort. Future use of ontologies may be unique to
providers and might be exchanged between providers. But creating the “correct”
ontology for an enterprise is predicated on the ability to comprehend an ontology, so I wanted to have a few simple use cases that
would encourage its development. Regards, David David Staggs, JD, CISSP
(SAIC) From: Moehrke, John
(GE Healthcare) [mailto:John.Moehrke@med.ge.com] I very much agree with the question. And
would say that the hierarchy found in ASTM E1986-09 is a nice hierarchy for
organizing roles; but is not necessarly going to be agreed by all organizations
as the correct hierarchy for ‘rights’ inheritance. Some
‘rights’ should stay with the low (more specific) role and not be
inherited upward. Some roles may be organizationally grouping roles from one
perspective, but not from another. John From: Staggs, David
(SAIC) [mailto:David.Staggs@va.gov] Mike That’s a very good
observation. I’ll try to explain my perspective. The first
use case (1.2.1.1.1) requires the PDP to understand the hierarchy of the ASTM
E1986-09 to understand the credentials presented “Nurse’s
Aide” (1.2.840.10065.1986.7.053) is under “non-licensed health care
providers” category of “aides” and does not fall under the
category of physicians and nurses only. Does that make sense? So can you give us some ideas on a use
case directed to the issue of ontology-aware PDP. Regards, David David Staggs, JD, CISSP (SAIC) From: Michael Dufel
[mailto:michael.dufel@jerichosystems.com] The one thing that jumps out at me
when reading, is that there is no explanation of why we need an ontology aware
PDP, and how the technology enables the use cases. From: "Staggs,
David (SAIC)" <David.Staggs@va.gov> |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]