Presentation is loading. Please wait.

Presentation is loading. Please wait.

Eclipse Foundation, Inc. Eclipse Open Healthcare Framework v1.0 Interoperability Terminology HL7 v2 / v3 DICOM Archetypes Health Records Capture Storage.

Similar presentations


Presentation on theme: "Eclipse Foundation, Inc. Eclipse Open Healthcare Framework v1.0 Interoperability Terminology HL7 v2 / v3 DICOM Archetypes Health Records Capture Storage."— Presentation transcript:

1 Eclipse Foundation, Inc. Eclipse Open Healthcare Framework v1.0 Interoperability Terminology HL7 v2 / v3 DICOM Archetypes Health Records Capture Storage Access Presentation OHF Core Identity Management Patient Provider Resource User Security and Privacy Authorization Access Control Trust & PKI Audit Support User / Context Management Session Mgmt CCOW Authentication OHF Context LEGEND CCOW: HL7 Standard for Synchronizing within and between multiple applications HL7: International Health standards organization DICOM: Standard for medical imaging Archetypes: meta-level description of medical information RCP Client J2EE Server OHF Framework Extensions OHF Tools

2 Eclipse Foundation, Inc. IHE “Actors” – RHIO Use Case Support Secure Node X-Service Provider Document Source Document Consumer Patient Identity Source Digital Signature Information Source Notification Receiver Display Notification Sender X-Service Provider Secure Node Document Repository Document Registry Time Server Time Client OHF Platform Patient Data Repository Secure Node Patient Record Locator Service X-Service Provider Audit Repository Secure Node Security/Privacy Audit Service User Authentication Provider X-Identity Provider X-Service User Audit Client TLS Transport User ID Management Client Authentication Agent Actors defined within another actor

3 Eclipse Foundation, Inc. IHE Profiles  OHF will begin publishing a exemplary implementation of a number of IHE profiles. This year, we will release preliminary implementations of the following IHE profiles:  Patient Identity Source (PIX/XDS)  Patient Identifier Cross-Reference Consumer (PIX)  Patient Demographics Consumer (PDQ)  Document Source (XDS)  Document Consumer (XDS)  Secure Node (ATNA) [Record Audit Event](as Secure Node service)  Time Client (Consistent Time)  Document Digital Signature (DSG) [Content Profile] (associated with other Document Source actors) Excerpt from OHF 2006 Plan

4 Eclipse Foundation, Inc. Excerpt from OHF 2006 Plan--  Milestones  Deadline: May 30th - submit code through IP process  Milestone #1: June 30th  IHE actor implementations : Initial release - all in place  HL7 v2 conformance profile editor, Message Editor  HL7 V3 Model code.  CTS Code released  Publish revised plan for next quarter  Deadline: Aug 30 - resolve targets for IHE connectathon partnerships  Milestone #2: Sept 30th  Functionally tested IHE Profiles  Updated LexGrid Editor  WADO client initial code  publish revised plan for next quarter + resolve next milestones

5 Eclipse Foundation, Inc. OHF Core Framework 2006 priorities include:  Security: Basic framework with an IHE ATNA-compatible reference implementation and support for username/password and smart card authentication. Most OHF applications and plug-ins will be required to extend this plug-in.  Resource Manager: Provides a consistent service invocation interface to applications and other Core components. Several OHF projects planned for 2006, including CTS, Consistent Time, and Document Digital Signature, would extend this plug-in.  Messaging: Message Exchange Patterns and Semantics. This module would provide integrated support for exchanging messages with integrated security and delivery features based on emerging standards, and would use underlying transport mechanisms from other resources, such as Web Services and SMTP and file-based transport of SOAP messages. Applications or components interacting with servers or web-hosted services can use this framework and its services by extension. Proposed 2006 projects requiring messaging services include the IHE XDS, XUA, Notification and PIX actors.

6 Eclipse Foundation, Inc. Focused XUA Profile  Use SAML Assertions, probably through WS-Security, to convey “contextual” user identity to the target resource site and its SAML-enabled Policy Decision Point (PDP).  Constrain till “safe” enough  SAML Identity Provider authentication interactions at the PDP are anticipated but out of scope.  Access Control for the resource is anticipated but out of scope.  Note: OHF plans staged reference implementations of-  ACL  Basic RBAC  Policy-driven Privilege Management (e.g. XACML)  Clarify and/or extend ATNA to accommodate “user-qualified” secure nodes.

7 Eclipse Foundation, Inc.  "The WS-Security OASIS Standard was designed to be a highly extensible method. WS-SX will provide further extensions to enable functions such as policy expressions and long-running conversations. These will augment the X.509, username, SAML, and other token profiles already available for WS-Security.“ -- James Bryce Clark, director of standards development at OASIS

8 Eclipse Foundation, Inc. Proposed XUA Identity Transport Transport Envelope (http, smtp, file, …) SOAP Envelope SOAP Header SOAP Body wss:Security Encrypted (transport) Encrypted (transport, optional) Other Query Sender ID + Structural Role Sender Functional Role Policy-based (Tier 1) Target Object Access Decision Policy-based (Tier 0) Web Service Access Decision Other Digital Signature (transport) SAML Assertion: Role SAML Assertion: Other Sender Other Document Other

9 Eclipse Foundation, Inc. Basic Transport-Level Security with XUA 1. Decrypt SOAP Header. 2. Use Digital Certificate reference from Digital Signature to confirm that Sender has acceptable Trust and Structural Role attributes. (optional) 3. Use Sender’s Digital Signature to confirm integrity of message and payload. 4. Pass the message along to the SAML-enabled Policy Decision Point to apply the XDS node Access Policy and make the Target Object access decision. XUA Scope Receiver Processing


Download ppt "Eclipse Foundation, Inc. Eclipse Open Healthcare Framework v1.0 Interoperability Terminology HL7 v2 / v3 DICOM Archetypes Health Records Capture Storage."

Similar presentations


Ads by Google