See also: IRC log
Susie: HCLS has had workshop accepted at ISWC - preparations ongoing
... subject for workshop - scientific discourse
... there is also a social data workshop - should we team up?
... held in DC in October.
Susie: Eric brought up the issue of spammers on the Wiki.
... need to coordinate adding names to the contributors list
Eric: get an account, then let Eric know and he'll add you to the editor list
... also, can email Scott and/or Ivan
Susie: next F2F during TPAC in Santa Clara Nov 2-6
... emails will be coming re registration and agenda for the F2F
Presenting: Eric (W3C) and Fatih Turkmen (University of Trento)
Eric: to add credibility, we need to access access control, for real working environments
... each task force can focus on their use cases
...
Case 1: Clinical observations
Eric: used SPARQL constructs to create virtual views
... the data that comes up in a view is the only data people see - there can be more data that's hidden
... Example: access to patients' records is based on the policy graph definitions
... the protocol can then be used to identify the requestor (ex. IP address)
<wort> are you interested in making a patient record database?
Eric: Views allow for flexibility in editing various parts of the policy, and allow for custom access
... access failures can be an issue, but only for the user. On the other hand, partial access can lead to wrong data
Fatih: introducing existing tools
... XACML, Ponder2 - see the slides for complete list.
... XACML was chosen: widely used, commercial and open-source, easy to describe use cases
Fatih: profiled for healthcare, based on HL7
... endowment-based, with roles, rules and obligations
... multiple companies and organizations deploy XACML
... example architecture for composing rules, policies, and composite sets of policies (slide 11)
... slide 12 contains a simple XACML example: if the manager is from sales, and trying to modify/acces - allow access
... XSPA is a profile in XACML to use NIST guidelines and maps HL7 to XACML attributes
... SAML to be used with XACML for communications
Eric: this is relevant to the taskforces on vocabularies - need to address HL7 definitions
Fatih: slide 15 shows how to represent XACML requests in RDF
... policies can also be represented
Eric: slide 16 shows how to combine various attributes via boolean logic in SPARQL.
... slide 17 shows how to use an existing triple store and its graph functions to do this more easily
Fatih: slide 18 shows using optional filter in SPARQL that uses access control policy
... need to provide explanations and/or partial data when request is denied
Eric: various tools for proof generation exist. We can use those to justify/audit trail access decisions.
... link on 'browsing' represents some work that's being done to trail proofs (at MIT)
Fatih: slide 4 shows the UI with links to proof and number of evidences
... the system is language-independent
Eric: don't just infer - create a SPARQL update to the original store
... for our system, we can also use such feedback
... authentication doesn't just have to be IP, there are other methods
Question: SPARQL references policies. But ultimately, policies should be applied on a role-based level, upon authentication?
Eric: still not clear where and when policies should be administered.
Questions: granularity. Some policies may be graph-wide.
Lena: clarification on HL7 attributes?
... what is the granularity in HL7 on patient records: all or nothing? Or attributes?
Eric: there are 10 categories of information, and the admin can break attributes down based on that.
... person's data can be broken down based on their roles as well.
Fatih: there is a granularity that's built into HL7.
Eric: slide 20 describes which task force can use access control and how
... slide 21 discusses specific next steps for the task forces
<mscottm> http://twiki.ipaw.info/bin/view/Challenge/LocalDetailsPC3
<mscottm> http://twiki.ipaw.info/bin/view/Challenge/OPM
<mscottm> http://www.nactem.ac.uk/
<mscottm> http://www.nactem.ac.uk/seminars.php?seminar=seminar_marshall09
Scott: link above to Open Provenance Model
... gave talk at NACTEM (U Manchester). NACTEM members to join HCLS
<mscottm> https://wiki.nbic.nl/index.php/BioWiseInformationManagement2009
<mscottm> http://rdf.myexperiment.org/ontologies/
Scott: IM course recently given, link above. Includes Semantic Web.
... check out MyExperiment Ontologies, based on collab with Tim Clark
<mscottm> and David de Roure, David Newman
<ericP> mscottm, this is Wolfgang Orthuber, irc nick: wort
Wolfgang: will present on exchange of medical data
... similarity search can be performed on data represented as vectors (ex. similar patients)
Eric: Thanks to Fatih!
Scott: Pharma IT conference needs a "nutshell" summary on access control. Eric will provide slides.
<mscottm> and thanks to Julia for scribing!