标准号:ISO/TS 22600-2-2006
实施状态:作废
中文名称:医用信息.权限管理和入口控制.第2部分:形式模型
英文名称:Health informatics - Privilege management and access control - Part 2: Formal models
发布日期:2006-08
被替代标准:ISO 22600-2-2014
采用标准:BS DD ISO/TS 22600-2-2008,IDT;GOST R ISO/TC 22600-2-2009,IDT
起草单位:ISO/TC 215
标准简介:This part of ISO/TS 22600 is intended to support the needs of healthcare information sharing across
unaffiliated providers of healthcare, healthcare organizations, health insurance companies, their patients, staff
members and trading partners. It is also intended to support inquiries from both individuals and application
systems.
ISO/TS 22600 defines methods for managing authorization and access control to data and/or functions. It
accommodates policy bridging. It is based on a conceptual model where local authorization servers and crossborder
directory and policy repository services can assist access control in various applications (software
components). The policy repository provides information on rules for access to various application functions
based on roles and other attributes. The directory service enables identification of the individual user. The
granted access will be based on four aspects:
the authenticated identification of the user;
the rules for access connected with a specific information object;
the rules regarding authorization attributes linked to the user provided by the authorization manager;
the functions of the specific application.
This part of ISO/TS 22600 should be used in a perspective ranging from a local situation to a regional or
national one. One of the key points in these perspectives is to have organizational criteria combined with
authorization profiles agreed upon from both the requesting and delivering side in a written policy agreement.
This part of ISO/TS 22600 supports collaboration between several authorization managers that may operate
over organizational and policy borders.
The collaboration is defined in a policy agreement, signed by all involved organizations, and constitutes the
basic platform for the operation.
A documentation format is proposed, as a platform for the policy agreement, which makes it possible to obtain
comparable documentation from all parties involved in the information exchange of information.
This part of ISO/TS 22600 excludes platform-specific and implementation details. It does not specify technical
communication security services and protocols that have been established in other standards,
e.g. ENV 13608. It also excludes authentication techniques.
This part of ISO/TS 22600 introduces the underlying paradigm of formal high level models for architectural
components based on ISO/IEC 10746. In that context, the Domain Model, the Document Model, the Policy
Model, the Role Model, the Authorization Model, the Delegation Model, the Control Model and the Access
Control Model are introduced.
The specifications are provided using the meta-languages Unified Modelling Language (UML) and Extensible
Markup Language (XML). Additional diagrams are used for explaining the principles. The attributes used have
been referenced to the HL7 Reference Information Model and the HL7 datatype definitions.
文件格式:PDF
文件大小:1.11MB
文件页数:34
(以上信息更新时间为:2019-11-22)
ISO_TS 22600-2-2006 医用信息.权限管理和入口控制.第2部分_形式模型.pdf
(1.11 MB)
|
|
