Friday, June 04, 2010 4:58 PM
I am a student at the Universiti Teknologi Petronas, Malaysia and working on a project related to the security and privacy of health data, specifically related to architecture for security and privacy interoperability. I would be very grateful if you could answer the following questions:
- What kind of access control model is used in HealthValult system in order to restrict access to the health data? For example, Role based accessed control (RBAC), Attribute Based Access Control (ABAC) or Identity Based Access Control (IBAC).
- What kind of access control policy language HealthVault system supports? I know that HealthVault provides greater control to the user over his/her health data. The user can specify fine grained access control policy. What I don’t know is that what kind of policy language is being used by Microsoft HealthVault for the access control. Is it XACML (eXtensible Access Control Markup Language), XrML (eXtensible Rights Markup Language), Open Digital Rights Language (ODRL)?
Providing answer to the above questions could be of great help to me in validating the assumptions which I would make in my project.
Thanks in advance for your cooperation!
Sunday, June 06, 2010 9:06 PM
We have contacted the techical team on this and I request you to follow this thread, http://social.msdn.microsoft.com/Forums/en-US/healthvault/thread/aacd6499-36d2-4c6e-9dc6-ac5127e9025f
Monday, June 07, 2010 11:56 AM
Thanks for your reply. I am now following the above mentioned link and hoping for the answer :-).
- Marked As Answer by Eric GunnersonMicrosoft Employee, Owner Thursday, June 10, 2010 2:51 PM