• Shopping Cart
    There are no items in your cart

BS EN ISO 22600-2:2014

Current

Current

The latest, up-to-date edition.

Health informatics. Privilege management and access control Formal models

Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

31-10-2014

€271.12
Excluding VAT

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 Component paradigm
6 Generic models
Annex A (informative) - Functional and structural roles
Bibliography

Describes principles and also specifies services needed for managing privileges and access control to data and/or functions.

Committee
IST/35
DevelopmentNote
Supersedes DD ISO/TS 22600-2 & 12/30271004 DC. (11/2014)
DocumentType
Standard
Pages
38
PublisherName
British Standards Institution
Status
Current
Supersedes
UnderRevision

This multi-part International Standard defines principles and specifies services needed for managing privileges and access control to data and/or functions.

It focuses on communication and use of health information distributed across policy domain boundaries. This includes healthcare information sharing across unaffiliated providers of healthcare, healthcare organizations, health insurance companies, their patients, staff members, and trading partners by both individuals and application systems ranging from a local situation to a regional or even national situation.

It specifies the necessary component-based concepts and is intended to support their technical implementation. It will not specify the use of these concepts in particular clinical process pathways.

This part of ISO22600 introduces the underlying paradigm of formal high-level models for architectural components. It is based on ISO/IEC10746 (all parts) and introduces the domain model, the document model, the policy model, the role model, the authorization model, the delegation model, the control model, and the access control model.

The specifications are provided using the meta-languages Unified Modelling Language (UML) and Extensible Markup Language (XML). Additional diagrams are used for explaining the principles. The attributes used have been referenced to the HL7 reference information model (see ISO21731:2006) and the HL7 data type definitions.

The role model has been roughly introduced referring to ISO21298.

Standards Relationship
ISO 22600-2:2014 Identical
EN ISO 22600-2:2014 Identical

ENV 13606-3 : DRAFT 2000 HEALTH INFORMATICS - ELECTRONIC HEALTHCARE RECORD COMMUNICATION - PART 3: DISTRIBUTION RULES
ISO/IEC 9798-3:1998 Information technology Security techniques Entity authentication Part 3: Mechanisms using digital signature techniques
ISO/IEC TR 14516:2002 Information technology Security techniques Guidelines for the use and management of Trusted Third Party services
ISO/IEC 15945:2002 Information technology — Security techniques — Specification of TTP services to support the application of digital signatures
ISO/IEC 27002:2013 Information technology Security techniques Code of practice for information security controls
ISO/IEC 10181-1:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Overview
ISO/IEC 9594-8:2017 Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks
ISO 21091:2013 Health informatics — Directory services for healthcare providers, subjects of care and other entities
ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO/IEC 2382-8:1998 Information technology Vocabulary Part 8: Security
ISO/IEC 8824-1:2015 Information technology Abstract Syntax Notation One (ASN.1): Specification of basic notation Part 1:
ENV 13608-1:2000 Health informatics - Security for healthcare communication - Part 1: Concepts and terminology
ENV 13729 : DRAFT 2000 HEALTH INFORMATICS - SECURE USER IDENTIFICATION - STRONG AUTHENTICATION USING MICROPROCESSOR CARDS
ISO/IEC TR 13335-1:1996 Information technology — Guidelines for the management of IT Security — Part 1: Concepts and models for IT Security

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.