Child pages
  • UMA telecon 2020-07-23

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Last week, folks concentrated on the ASCII "spiral" diagram and draft spec text. Alec has a new draft diagram to try on us.

Image Added

In the original UMA diagram, "manage" and "control" are out of scope. Alec is proposing that we bring these functions in scope. He states this explicitly by saying that he's specifying the "management and control interfaces". In UMA1 we used to call this Phase 1 vs. Phase 2. Now we think of this as the grant mechanism and the federated authorization mechanism, which is modular and optional with respect to grant. Is the wallet extension/profile modular and optional with respect to federated authorization? Alec illustrated it with a concentric Venn.


Here is info on the video structure (original here):

Overview of fine-grained authorization approaches in FHIRJosh Mandel15minSlides here
Access control in aidboxNikolai Ryzhikov15minSlides here
XYZJustin Richer15minSlides here
An ABAC Architecture ApproachMatthew Tyler15minYes, can't share yet
Classification and LocalityChris Grenz15minSlides here
FHIR Data Segmentation for Privacy IGKathleen Connor15min
Parameterized compartmentsMichael Hansen15minSlides here

AI: Nancy: Find out how we get onto the agenda of the next HL7 meetup or the next appropriate gathering. Adrian also suggests reaching out to Josh. Nancy suggests also John Moehrke, Kathleen, and Graham.