1、 Reference numberISO/TS 21298:2008(E)ISO 2008TECHNICAL SPECIFICATION ISO/TS21298First edition2008-12-01Health informatics Functional and structural roles Informatique de sant Rles fonctionnel et structurel ISO/TS 21298:2008(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordanc
2、e with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licens
3、ing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing.
4、 Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO 2008 All rights reserved. Unless otherwise spe
5、cified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office
6、Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO 2008 All rights reservedISO/TS 21298:2008(E) ISO 2008 All rights reserved iiiContents Page Foreword iv Introduction.v 1 Scope1 2 Normative references
7、1 3 Terms and definitions .1 4 Abbreviations.4 5 Modelling roles in an architectural context 4 5.1 Roles within the generic component model.4 5.2 Roles and policy aspects5 5.3 Roles in privilege management .6 5.4 Structural roles 7 5.5 Functional roles.12 6 Formally modelling roles14 6.1 Roles withi
8、n the generic component model.14 6.2 Developing the role model14 6.3 Relationships between structural and functional roles 17 7 Use cases for the use of structural and functional roles in an interregional or international context .17 Annex A (informative) ISCO-08 Sample mapping19 Annex B (informativ
9、e) Sample certificate profile for regulated healthcare professional 26 Bibliography28 ISO/TS 21298:2008(E) iv ISO 2008 All rights reservedForeword ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparin
10、g International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liai
11、son with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of t
12、echnical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote. In other circu
13、mstances, particularly when there is an urgent market requirement for such documents, a technical committee may decide to publish other types of document: an ISO Publicly Available Specification (ISO/PAS) represents an agreement between technical experts in an ISO working group and is accepted for p
14、ublication if it is approved by more than 50 % of the members of the parent committee casting a vote; an ISO Technical Specification (ISO/TS) represents an agreement between the members of a technical committee and is accepted for publication if it is approved by 2/3 of the members of the committee
15、casting a vote. An ISO/PAS or ISO/TS is reviewed after three years in order to decide whether it will be confirmed for a further three years, revised to become an International Standard, or withdrawn. If the ISO/PAS or ISO/TS is confirmed, it is reviewed again after a further three years, at which t
16、ime it must either be transformed into an International Standard or be withdrawn. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. ISO/TS 21298 was pr
17、epared by Technical Committee ISO/TC 215, Health informatics. ISO/TS 21298:2008(E) ISO 2008 All rights reserved vIntroduction This Technical Specification contains a specification for encoding information related to roles for health professionals and consumers. At least four areas have been identifi
18、ed where a model for encoding role information is needed. a) Privilege management and access control: role-based access control is not possible without an effective means of recording role information for healthcare actors. b) Directory services: structural roles are usefully recorded within directo
19、ries of health care providers (see, for example, ISO/TS 21091). c) Audit trails: functional roles are usefully recorded within audit trails for health information applications. d) Public key infrastructure (PKI): The three-part International Standard ISO 170909, 10allows for the encoding of healthca
20、re roles in certificate extensions, but no structured vocabulary for such roles is specified. This Technical Specification identifies such a coded vocabulary. In addition to these security related applications there are several other possible applications of this Technical Specification, such as: e)
21、 Search and retrieval: finding and identifying the right professional for a health service. f) Administration: billing of health care services. g) Messaging: directing healthcare related messages by means of a specific role. This Technical Specification is complemetary to other relevant standards th
22、at also describe and define roles for the purpose of access control. Backward compatibility with ANSI INCITS and HL7 RBAC is provided through simplification by combining the policy and role into a single construct. This Technical Specification extends the model through the separation of the role and
23、 policy. This separation allows for a richer and more flexible capability to instantiate business rules across multiple domains and jurisdictions. TECHNICAL SPECIFICATION ISO/TS 21298:2008(E) ISO 2008 All rights reserved 1Health informatics Functional and structural roles 1 Scope This Technical Spec
24、ification defines a model for expressing functional and structural roles and populates it with a basic set of roles for international use in health applications. Roles are generally assigned to entities that are actors. This will focus on roles of persons (e.g. the roles of health professionals) and
25、 their roles in the context of the provision of care (e.g. subject of care). Roles can be structural (e.g. licensed general practitioner, non-licensed transcriptionist) or functional (e.g. a provider who is a member of a therapeutic team, an attending physician, etc). Structural roles are relatively
26、 static, often lasting for many years. They deal with relationships between entities expressed at a level of complex concepts. Functional roles are bound to the realization of actions and are highly dynamic. They are normally expressed at a decomposed level of fine-grained concepts. Roles addressed
27、in this Technical Specification are not restricted to privilege management purposes, though privilege management is one of the applications of this Technical Specification as well as access control. This Technical Specification does not address specifications related to permissions. This Technical S
28、pecification treats the role and the permission as separate constructs. Further details regarding the relationship with permissions, policy and access control are provided in ISO/TS 22600-1. 2 Normative references The following referenced documents are indispensable for the application of this docum
29、ent. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO 17090-2, Health informatics Public key infrastructure Part 2: Certificate profile ISO/HL7 21731, Health informatics HL7 version 3 R
30、eference information model Release 1 ISO 22600-1, Health informatics Privilege management and access control Part 1: Overview and policy management International Labour Organization: International Standard Classification of Occupations 2008 (ISCO-08) 3 Terms and definitions For the purposes of this
31、document the following terms and definitions apply. 3.1 access control means of ensuring that the resources of a data processing system can be accessed only by authorized entities in authorized ways ISO/IEC 2382-8, definition 08.04 ISO/TS 21298:2008(E) 2 ISO 2008 All rights reserved3.2 attribute aut
32、hority AA authority that assigns privileges by issuing attribute certificates NOTE Adapted from X.509. 3.3 attribute certificate data structure, digitally signed by an attribute authority, which binds some attribute values with identification about its holder NOTE Adapted from X.509. 3.4 authority e
33、ntity that is responsible for the issuance of certificates NOTE Two types are distinguished in this Technical Specification: certification authority which issues public-key certificates and attribute authority which issues attribute certificates. 3.5 authorization granting of rights, which includes
34、the granting of access based on access rights ISO 7498-2, definition 3.3.10 3.6 delegation conveyance of privilege from one entity that holds such privilege, to another entity 3.7 delegation path ordered sequence of certificates which, together with authentication of a privilege asserters identity,
35、can be processed to verify the authenticity of a privilege asserters privilege 3.8 entity any concrete or abstract thing of interest ISO/IEC 10746-2, definition 6.1 NOTE While in general the word entity can be used to refer to anything, in the context of modelling it is reserved to refer to things i
36、n the universe of discourse being modelled. 3.9 identification performance of tests to enable a data processing system to recognise entities ISO/IEC 2382-8, definition 08.04.12 (as identitiy authentication, identity validation) 3.10 non-regulated health professional person employed by a healthcare o
37、rganization, but who is not a health professional ISO/IEC 17090-1, definition 3.1.5 EXAMPLES Receptionist or secretary who organizes appointments, or a business manager who is responsible for validating patient health insurance. ISO/TS 21298:2008(E) ISO 2008 All rights reserved 3NOTE The fact that t
38、he employee is not authorized by a body independent of the employer in his professional capacity does not, of course, imply that the employee is not professional in conducting his services. 3.11 policy set of legal, political, organizational, functional and technical obligations for communication an
39、d cooperation 3.12 policy agreement written agreement in which all involved parties commit themselves to a specified set of policies 3.13 principal actor able to realize specific scenarios (user, organization, system, device, application, component, object) 3.14 privilege capacity assigned to an ent
40、ity by an authority according to the entitys attribute NOTE Per OASIS Extensible Access Control Markup Language (XACML) V2.0, privilege, permissions, authorization, entitlement and rights are replaced by the term “rule”. 3.15 regulated health professional person who is authorized by a nationally rec
41、ognized body to be qualified to perform certain health services ISO/IEC 17090-1, definition 3.1.8 EXAMPLES Physicians, registered nurses and pharmacists. NOTE 1 The types of registering or accrediting bodies differ in different countries and for different professions. Nationally recognised bodies in
42、clude local or regional governmental agencies, independent professional associations and other formally and nationally recognised organizations. They may be exclusive or non-exclusive in their territory. NOTE 2 A nationally recognized body in this definition does not imply one nationally controlled
43、system of professional registration but, in order to facilitate international communication, it would be preferable for one nationwide directory of recognised health professional registration bodies to exist. 3.16 role set of competences and/or performances that are associated with a task 3.17 role
44、assignment certificate certificate that contains the role attribute, assigning one or more roles to the certificate holder 3.18 role certificate certificate that assigns privileges to a role rather than directly to individuals NOTE Individuals assigned to that role, through an attribute certificate
45、or public-key certificate with a subject directory attributes extension containing that assignment, are indirectly assigned the privileges contained in the role certificate. 3.19 role specification certificate certificate that contains the assignment of privileges to a role ISO/TS 21298:2008(E) 4 IS
46、O 2008 All rights reserved4 Abbreviations AA Attribute Authority XML eXtensible Markup Language ILO International Labour Organization PKI Public Key Infrastructure PMI Privilege Management Infrastructure UML Unified Modelling Language 5 Modelling roles in an architectural context 5.1 Roles within th
47、e generic component model For embedding components meeting functional requirements and services needed in a system, the components of that system have to be managed in its architectural context. Therefore, requirements analysis, design, and deployment of those components shall be developed and manag
48、ed based on a reference architecture following a unified process. With the generic component model, such reference architecture in conformance with essential standards for distributed, component-based, service-oriented and semantically interoperable information systems has been developed in the mid-
49、nineties (see, e.g. References 1, 2, 3) and used in the context of several ISO/TC 215 and CEN/TC 251 specifications. The model specifies a component-based and service oriented architecture for any domain. While this Technical Specification goes beyond security and privacy issues, functional and structural roles are also used to manage privileges and access control. In this restricted context, functional and structural roles have been specified and modelled in ISO/TS 22600-2. This Technical Specification
