On Wed, 2004-03-10 at 19:10, Thomas Clark wrote: > Hi Tim, > > Might want to add: > > Computer Security Basics > http://www.oreilly.de/catalog/csb/toc.html > > IEEE; Compartmented Mode Workstation: Prototype Highlights > http://csdl.computer.org/comp/trans/ts/1990/06/e0608abs.htm > > CMU; Trusted Operating Systems > http://www.sei.cmu.edu/str/descriptions/trusted_body.html > > Operating System Security > http://www.cs.ucd.ie/staff/tahar/home/courses/4thyear/chapter4/ppframe.htm > > From Security protocols to System Security > http://www.hpl.hp.com/techreports/2003/HPL-2003-147.html > > Trusted Computing Platforms > http://www.hpl.hp.com/techreports/2002/HPL-2002-221.html > > ASPECT - a tool for checking protocol security > http://www.hpl.hp.com/techreports/2002/HPL-2002-246.html > > Resilient Infrastructure for Network Security > http://www.hpl.hp.com/techreports/2002/HPL-2002-273.html > > Security Infrastructure for A Web Service Based Resource Management System > http://www.hpl.hp.com/techreports/2002/HPL-2002-297.html > > Trusted Solaris Developers Guide > http://docs.sun.com/db/doc/805-8060?q=compartmented+mode+workstation > > Trusted Network Environment > http://www.tinfosol.com/lab/lab.html > > RFC 1825 - Security Architecture for the Internet Protocol > http://www.faqs.org/rfcs/rfc1825.html > > RFC 1827 - IP Encapsulating Security Payload (ESP) > http://www.faqs.org/rfcs/rfc1827.html > > Secure Trusted Operating System (STOS) Consortium > http://www.stosdarwin.org/ > > The Blue Book > http://secinf.net/info/rainbow/tg29.txt > > UK Security Citations Bibliography > http://chacs.nrl.navy.mil/xtp1/uksecbib.html
All of those deal with security implementation issues i.e. how you achieve certain objectives. The BMA security policy sets out what those objectives ought to be. Defining the security objectives, which in turn ought be be informed by specific threat models, needs to be done before you can consider which security technologies are appropriate. But yes, most of those are appropriate. Tim c > > Regards! > > -Thomas Clark > > > Tim Churches wrote: > > >On Tue, 2004-03-09 at 23:20, Thompson, Ken wrote: > > > > > >>2) A mechanism on the patient record itself that displays a list of all > >>users that have accessed the record (with date and time). This will probably > >>be made available to the patient at some point, so they will actually > >>provide a critical part of the checks and balances in the system. > >> > >> > > > >This is similar to the mechanisms envisaged under the "Consent and > >notification" secion of the now-famous BMA Security Policy, developed by > >Ross Anderson - see > >http://www.cl.cam.ac.uk/users/rja14/policy11/policy11.html > > > >This is still the gold standard for EHR security policies, IMHO, yet > >most people I have met who are involved in EHR work and who know of it > >(curiously many seem ignorant of it) tend to dismiss it, not because the > >policies are unsound (although they do need minor tweaking here and > >there), but because implementing them is very difficult in practice - > >particularly the multilateral as opposed to multilevel access control > >policy. In fact you need both, but of the two, the former is more > >important. In other words, role-based access control, where the "roles" > >are specific to each patient, as well as to each health professional. > > > > > > > > > > > - > If you have any questions about using this list, > please send a message to d.lloyd at openehr.org -- Tim C PGP/GnuPG Key 1024D/EAF993D0 available from keyservers everywhere or at http://members.optushome.com.au/tchur/pubkey.asc Key fingerprint = 8C22 BF76 33BA B3B5 1D5B EB37 7891 46A9 EAF9 93D0 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.openehr.org/mailman/private/openehr-technical_lists.openehr.org/attachments/20040310/89eea19d/attachment.asc>
