[COAS-List] RE: HRAC submeeting team meeting July 30, 1998: minutes

["V. Juggy Jagannathan" <juggy@careflow.com>]

Comment on proposed resource management scheme from the meeting minutes:

> Access to the resource is granted if
>  access is granted to every node in the path to the resource. For
>  example, in order to have access to resource identified by
>  /BHSSF/SMH/patients/JohnSmith/bloodtests/August-02/test-3 access
>  should be given to /BHSSF, to /BHSSF/SMH, to /BHSSF/SMH/patients,
>  ..., to /BHSSF/SMH/patients/JohnSmith/bloodtests/August-02/test-3.
>  The described logic is the same as in access control model of Unix
>  file system.

Agree this is a simple (Unix-file-system) model to manage access control.
But this does
have implications for COAS. The directory hierarchy example has the
following types of
contextual information about an observation (a resource in HRAC):

	owner: Bhssf
	location: SMH
	patientID: patients/JohnSmith
	conceptCode: bloodtests
	date: August 2
	instanceID: test 3

obviously there is a mapping with the contextual information that one may
record with an observation
and the tree hierarchy for resource management being considerd in HRAC. the
problem is that
given the above set of dimensions, one may construct arbitrary trees. One
can conceivably put the
patienID at the top node - given a patient info can from multiple sites, one
can put conceptCode at the
top of the tree, etc.

Also, i have no clue how you would implement the management of this really
bushy tree. As soon
as you hit the patient node, you are going to have million leaves, with each
one having potentially
hundreds (if not thousands) of items hanging off it.

i need to think about this a bit more, and these are off-the-cuff
remarks....but it appears it might
be simpler to treat them as straight dimensions and we basically have an
n-dimensional space -
and policy statements can involve one or more dimensions.

- regards
- juggy