Tagasi

EVS-EN ISO 22600-2:2014

Health informatics - Privilege management and access control - Part 2: Formal models (ISO 22600-2:2014)

Üldinfo
Kehtiv alates 07.11.2014
Alusdokumendid
ISO 22600-2:2014; EN ISO 22600-2:2014
Direktiivid või määrused
puuduvad

Standardi ajalugu

Staatus
Kuupäev
Tüüp
Nimetus
07.11.2014
Põhitekst
The distributed architecture of shared care information systems is increasingly based on networks. For meeting the interoperability challenge, the use of standardised user interfaces, tools and protocols, and therefore their platform independence, the number of really open information systems based on corporate networks, virtual private networks has been rapidly growing during the last couple of years. This multi part International Standard shall define privilege management and access control services required for communication and use of distributed health information across policy domain boundaries. The document introduces principles and specifies services needed for managing privileges and access control. It specifies the necessary component based concepts and is intended to support their technical implementation. It will not specify the use of these concepts in particular clinical process pathways. This International Standard is strongly related to other ISO/TC 215 work such as ISO 17090 “Health Informatics – Public Key Infrastructure”, ISO 22857 “Health Informatics – Guidelines on data protection to facilitate trans-border flows of personal health information” and ISO 21091 ”Health informatics - Directory services for security, communications and identification of professional and patient”. It is also related to ISO/TS 21298 “Health informatics – Functional and structural roles”. This International Standard is intended to support the needs of healthcare information sharing across unaffiliated providers of healthcare, healthcare organisations, health insurance companies, their patients, staff members and trading partners. This International Standard is intended to support inquiries from both individuals and application systems. This multi part International Standard defines methods for managing authorization and access control to data and/or functions. It is allowing policy bridging. It is based on a conceptual model where local authorization manager servers and a cross border directory server can assist access control in various applications (software components). This directory server provides information on rules for access to various application functions based on roles and other attributes of the individual user. The granted access will be based on following aspects: The authenticated identification of the user The rules for access to a specific information object including purpose of use The rules regarding authorization attributes linked to the user provided by the authorization manager The functions of the specific application This International Standard should be used in a perspective ranging from a local situation to a regional or national. One of the key points in these perspectives is to have organisational criteria combined with authorization profiles agreed upon from both the requesting and delivering side in a written policy agreement. The International Standard supports collaboration between several authorization managers that may operate over organisational and policy borders. The collaboration is defined in a Policy Agreement, signed by all involved organisations, which constitute the set of rules for the operation. This International Standard excludes platform-specific and implementation details. It does not specify technical communication services and protocols that have been established in other standards. It also excludes authentication techniques.
*
*
*
PDF
20,74 € koos KM-ga
Paber
20,74 € koos KM-ga
Sirvi standardit alates 2,44 € koos KM-ga
Standardi monitooring

Teised on ostnud veel

Põhitekst

EVS-EN ISO 22600-1:2014

Health informatics - Privilege management and access control - Part 1: Overview and policy management (ISO 22600-1:2014)
Uusim versioon Kehtiv alates 07.11.2014
Põhitekst

EVS-EN ISO 22600-3:2014

Health informatics - Privilege management and access control - Part 3: Implementations (ISO 22600-3:2014)
Uusim versioon Kehtiv alates 07.11.2014
Põhitekst + muudatus

EVS-EN ISO 7010:2020+A1+A2+A3:2022

Graphical symbols - Safety colours and safety signs - Registered safety signs (ISO 7010:2019, Corrected version 2020-06 + ISO 7010:2019/Amd 1:2020 + ISO 7010:2019/Amd 2:2020 + ISO 7010:2019/Amd 3:2021)
Kehtiv alates 02.05.2022