Difference between revisions of "ACWP Objective and Outline"
| Line 26: | Line 26: | ||
== Change Requests == | == Change Requests == | ||
| − | + | :TC090213 (change): WP is ''aligned to SOA'' | |
| + | |||
| + | :TC090213 (consensus): the focus of the WP is on how to use an AC architecture in the context of cross-enterprise scenarios based on XDS. Nevertheless the AC framework can easily be downscaled to be applicable intra-enterprise, too. | ||
Revision as of 15:39, 13 February 2009
IHE White Paper on Access Control
Objective and Outline of this White Paper
This document looks at the issues of how to define and implement access control in healthcare networks that might even span multiple affinity domains. The focus is mainly on issues that relate to the IT architecture and the flow of messages that are required for a destributed access control sceanrio. Therefore this paper will deal with the problems of
- how to apply established principles of secure design and SOA security on the design of access control systems,
- how to model an access control solution in a way that is well suited for reasoning and evaluation, and
- how to deploy an access control solution using well understood patterns and interoperable system components.
Given the strong focus on models and methodologies for designing access control solutions for cross-enterprise data exchange in healthcare the primarly intended audience are system architects and developers who are involved in the planning, design, and realization of regional healthcare networks and compareable infrastructures where the secure exchange of patient related data among enterprises is an issue.
The concepts presented in this paper are evolving rapidly and are subject to manifold national and international standardization efforts. The goal is to expose the common concepts from all of these activities, match them with experiences from existing healthcare networks, and define common design mehodologies and technological building blocks which allow for a variety of strategies and policies to be used. The building blocks are described on a conceptual level and on an integration level based on current state-of-the-art in security token handling.
Is is assumed that the design of the overall healthcare data exchange infrastructure is oriented towards the principles of a service-oriented architectiure (SOA). It is further more assumed that a dedicated security architecture is set up which provides a circle-of-trust among the security and business services which are deployed among independend affinity domains.
The rest of this white paper is organized as follows:
As the ToC is still subject of discussion the outline will be added later
Discussion
- Is the intended audience to narrow? If other user groups are to be addressed, how would this affect the ToC and the level of detail? Joerg.caumanns 16:47, 27 January 2009 (UTC)
- the definition of the audience is agreed upon (TCon 090213) Joerg.caumanns 20:27, 13 February 2009 (UTC)
Change Requests
- TC090213 (change): WP is aligned to SOA
- TC090213 (consensus): the focus of the WP is on how to use an AC architecture in the context of cross-enterprise scenarios based on XDS. Nevertheless the AC framework can easily be downscaled to be applicable intra-enterprise, too.