OASIS is an Open Architecture for Securely Interworking Systems, which
grew out of Richard Hayton's 1996 PhD dissertation. The key idea is
to use role-based access control for scalability, with role names being
local to each service. Role instances are parametrised in order to
support fine-grained control through a compact specification. Services
are grouped into domains for the purpose of management, so that OASIS
can be deployed incrementally in a distributed application. The policy
for each group of services is specified at domain level, with service
level agreements between domains. The dissertation describes a scheme
of signed certificates that supports immediate fine-grained revocation
through the Cambridge Event Architecture.
In 1999 an EPSRC DIM research grant was awarded to evaluate the use
OASIS for the NHS Electronic Health Record application. Implementation
proved harder than expected, and the PhD student employed on the grant,
Walt Yao, found it necessary to develop a formal model in order to
tighten the specification. The seminar will retrace the historical
sequence of development, first motivating the problem and the approach
to its solution, then presenting the formal model, finally describing
the current state of the implementation over the Secure Socket Layer.
We shall conclude by presenting some of the outstanding theoretical
and practical problems.