Last week, folks concentrated on the ASCII "spiral" diagram and draft spec text. Alec has a new draft diagram to try on us.
In the original UMA diagram, "manage" and "control" are out of scope. Alec is proposing that we bring these functions in scope. He states this explicitly by saying that he's specifying the "management and control interfaces". In UMA1 we used to call this Phase 1 vs. Phase 2. Now we think of this as the grant mechanism and the federated authorization mechanism, which is modular and optional with respect to grant. Is the wallet extension/profile modular and optional with respect to federated authorization? Alec illustrated it with a concentric Venn.
Here is info on the video structure (original here):
|Overview of fine-grained authorization approaches in FHIR||Josh Mandel||15min||Slides here|
|Access control in aidbox||Nikolai Ryzhikov||15min||Slides here|
|XYZ||Justin Richer||15min||Slides here|
|An ABAC Architecture Approach||Matthew Tyler||15min||Yes, can't share yet|
|Classification and Locality||Chris Grenz||15min||Slides here|
|FHIR Data Segmentation for Privacy IG||Kathleen Connor||15min||http://hl7.org/fhir/uv/security-label-ds4p/2020May/|
|Parameterized compartments||Michael Hansen||15min||Slides here|
AI: Nancy: Find out how we get onto the agenda of the next HL7 meetup or the next appropriate gathering. Adrian also suggests reaching out to Josh. Nancy suggests also John Moehrke, Kathleen, and Graham.