ACWP Methodology Introduction

From IHE Wiki
Jump to navigation Jump to search

IHE White Paper on Access Control

Introduction

This section investigates a pattern for the realization of authorization solutions. It does not make assumptions on the authorization model (e.g. DAC, MAC, RBAC...) that is preferred in modeling an authorization solution and can be used with any approach of constructing the (conceptual vehicle) of an access control matrix. It does also not make assumptions on architectural entities involved in an authorization system (e.g. classical [requestor, identity provider, resource provider], considered health care scenario [classical entities plus user consent provider]) and can be used with a variety of architectural approaches. It does make the assumption that the underlying subject, resource, partient, application, context and action abstractions can be represented in form of attributes i.e. characteristics.

This assumption refers to the semantics of the underlying authorization problem. It does not constrain the attribute syntax which could be expressed as e.g. LDAP attributes, SAML attributes, XACML attributes and so on. It is also not limited to attributes defined in standards documents (e.g. IETF, OASIS) and can be used with arbitrary, custom attributes.

Discussion

place issues to be discussed among the editorial team here...

Change Requests

place your change requests here...

Retrieved from "http://wiki.ihe.net/index.php?title=ACWP_Methodology_Introduction&oldid=28918"