• Shopping Cart
    There are no items in your cart

CEN/TR 15300:2006

Current

Current

The latest, up-to-date edition.

Health informatics - Framework for formal modelling of healthcare security policies

Published date

11-10-2006

Sorry this product is not available in your region.

Foreword
Introduction
1 Scope
2 Normative References
3 Terms and definitions
4 Symbols and abbreviations
5 Introduction to FM_HSP
6 Historical security policies
7 A generic formal modelling approach
8 Healthcare current needs & future trends
9 Healthcare applications of FM_HSP
Annex A Bell LaPadula's and Biba's models
Annex B Non-deduction/Non-inference models
Annex C HRU/Take-Grant/TAM-ATAM models
Annex D Chinese Wall model
Annex E Modal logic-based models
Annex F Deontic logic-based models
Bibliography

This CEN report specifies the starting point for working on some formalising tools that could be used by the healthcare actors to express, compare and validate local and/or network security policies.Defining and validating a correct security policy encompass different activities such as expressing correctly(i.e. without any ambiguity), formulating correctly (i.e. without any misinterpretation) and proving the correctness (i.e. without known failures or major lack) of the [to be formally modelled] security policy.This CEN report does NOT intend at all to specify a UNIQUE or UNIVERSAL formal model that need to be used by the European healthcare community: it only indicates, as a first working step, some ways that could be followed to help that healthcare community to correctly and fruitfully manipulate the security policy concept(s) and the formal modelling techniques.This CEN report does NOT intend to indicate an EXHAUSTIVE spectrum of all the published formal security policy models: it only gives a readable and understandable flavour of the most well-known formal models and also of the [maybe] most interesting ones from the healthcare activity and needs point of view. This CEN report is, in this very first version, divided in five parts:oPart #1 - Introduction to formal modelling: this clause summarises and justifies the following needs:i.need for policies, in general and for any context;ii.need for security policies, in any data processing context;iii.need for models (or modelling facilities) of security policies, in some generic system environments;iv.need for formal models (or formal modelling facilities) of security policies, in some sensitive areas;v.need for healthcare-oriented formal models of security policies, specialized to healthcare specificities.oPart #2 - Historical security policies and models: this clause explains and introduces the main objectives and concepts of the security policy modelling activity that seems to be of

Committee
CEN/TC 251
DocumentType
Technical Report
PublisherName
Comite Europeen de Normalisation
Status
Current

Standards Relationship
I.S. CEN TR 15300:2006 Identical
NEN NPR CEN/TR 15300 : 2006 Identical

ENV 13606-3 : DRAFT 2000 HEALTH INFORMATICS - ELECTRONIC HEALTHCARE RECORD COMMUNICATION - PART 3: DISTRIBUTION RULES
ECMA/TR 46 : 1ED 88 SECURITY IN OPEN SYSTEMS - A SECURITY FRAMEWORK
ISO/IEC 10181-1:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Overview
ISO/IEC 9594-8:2017 Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks
ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO/IEC 2382-8:1998 Information technology Vocabulary Part 8: Security
ENV 12924 : DRAFT 1997 MEDICAL INFORMATICS - SECURITY CATEGORISATION AND PROTECTION FOR HEALTHCARE INFORMATION SYSTEMS
ENV 13608-1:2000 Health informatics - Security for healthcare communication - Part 1: Concepts and terminology

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.