NIH | National Cancer Institute | NCI Wiki  

Error rendering macro 'rw-search'

null

  • Created by Unknown User (digret), last modified on Sep 04, 2010

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Access Control Policies Functional Profile

Service policies help establish constraints on the service specifications and mandate an approach. Policies can be specified around access control constraints.

Access Control Policies include the following capabilities:

  • creation, deletion, edit, maintenance of policy models
  • descriptions to enable the policy modules to be visible, where the description includes a unique identifier for the policy and a sufficient, and preferably a machine processible, representation of the meaning of terms used to describe the policy, its functions, and its effects;
  • one or more discovery mechanisms that enable searching for policies that best meet the search criteria specified by the service participant; where the discovery mechanism will have access to the individual policy descriptions, possibly through some repository mechanism;
  • accessible storage of policies and policy descriptions, so service participants can access, examine, and use the policies as defined.

This Functional Profile includes, but is not limited to, the following capability elaborations:

Derived From Requirements

  • Gap Analysis::HL7 CIC::CIC-4 -  Provide controlled, secured access to stored data There is a need to manage access control and other applicable types of control for the repository; Note that “other applicable types of control” is to be defined later in the PIM and PSM. 
  • Semantic Infrastructure Requirements::Service Discovery and Governance::Service Policies Service policies help establish constraints on the service specifications and mandate an approach. Policies can be specified around governance, access control and other design and runtime constraints.
  • Semantic Infrastructure Requirements::Artifact Management::Specification Content to be done

accessContolPolicyModel

Access Control Policy Model with capabilities to create, destroy, edit, maintain service descriptions.

The Access Control Policy Model implementation includes the following capabilities

  • descriptions to enable the policy modules to be visible, where the description includes a unique identifier for the policy and the metamodel representation of the meaning of terms used to describe the policy, its functions, and its effects;
  • one or more discovery mechanisms that enable searching for policies that best meet the search criteria specified by the service participant; where the discovery mechanism will have access to the individual policy descriptions through some repository mechanism;
  • accessible storage of policies and policy descriptions, so service participants can access, examine, and use the policies as defined.
  • No labels