Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trust Profiling for Adaptive Trust Negotiation

Published byMoris Hawkins Modified over 7 years ago

Similar presentations

Presentation on theme: "Trust Profiling for Adaptive Trust Negotiation"— Presentation transcript:

1 Trust Profiling for Adaptive Trust Negotiation
Eugene Sanzi 1

2 Problem Many healthcare stakeholders want easy access to new systems
Physicians need to access patient data, no matter where it may be Researchers want access to de-identified data repositories Data may be needed quickly Emergency medical situations leave little time to gain proper authorization Method needed to authorize healthcare professionals to access private data, even if the data holder has no previous knowledge of them 2

3 Requirements Need a way to authorize any physician to healthcare data located at unknown providers Users must possess digital credentials that they can present for authorization Provide a method for verifying that presented credentials are legitimate Allow systems to automatically allow or deny different levels of access based on the presented credentials

4 Solution Overview A physician gains access to different systems over the course of a career Ex. - Access to their local hospital's data Access may happen under different roles Use the physician's healthcare data access history as a set of credentials Each healthcare system grants a new credential if access is allowed Physicians create a collection of these credentials, called a trust profile into a digital wallet Healthcare systems can see who else have granted access to the physician Past handling of secure data informs future behavior

5 Background Authentication vs. Authorization
Authentication – verification of the user’s identity Authorization – determining whether a user is allowed to take a specified action (ex. read/write data) Trust – the ability of two entities to believe one another Participants must be able to verify credentials Participants must have assurance that each will handle sensitive data safely and correctly Trust may be required before some credentials can be disclosed Utilize Trust Negotiation to establish a baseline of trust and exchange credentials

6 Trust Negotiation Method for establishing trust between two participants Past contact not required Exchange sets of credentials until trust is established The requestor initiates trust negotiation to gain access to a service or data The controller receives the request and uses trust negotiation to decide whether access is granted The controller may decide to modify the data or perform other actions (ex. dispatch auditor notifications)

7 Trust Negotiation Example
Controller HIT System Medical System Certification Security Certification Medical License Role Affiliation Requestor (Physician)

8 Trust Negotiation Example
Controller HIT System Medical System Certification Medical License Role Affiliation Requestor (Physician) Security Certification

9 Trust Negotiation Example
Medical License Controller HIT System Medical System Certification Role Affiliation Requestor (Physician) Security Certification

10 Trust Negotiation Example
Medical License Controller HIT System Role Medical System Certification Affiliation Requestor (Physician) Security Certification

11 Trust Negotiation Example
Medical License Controller HIT System Role Affiliation Medical System Certification Requestor (Physician) Security Certification

12 Trust Negotiation Example
Medical License Controller HIT System Role Affiliation Medical System Certification Requestor (Physician) Security Certification

13 Trust Negotiation Example
Medical License Controller HIT System Role Affiliation Health Data Medical System Certification Requestor (Physician) Security Certification

14 Certificates Identity certificates are used to establish a user's identity Public key cryptography is used to ensure that you are communicating with the certificate's owner Certificates are issued by Certificate Authorities (CAs) Certificate authorities establish user's identity by other means before issuing a certificate Ex. Driver's license, SSN, sent from administrator account on a domain You trust any valid certificate issued by a certificate authority that you trust Certificate authorities digitally sign the certificates The signature is inspected, a valid signature proves it was issued by the certificate authority

15 Certificate Hierarchy

16 Attribute Certificates
A specialized certificate that stores data describing the holder Attribute certificates are signed by an attribute authority rather than a certificate authority Attribute certificates are attached to one identity certificate An identity certificate may be associated with multiple attribute certificates We will use this ability to store information related to user access Save information on user role and access history Identity certificates provide the ability for a user to prove ownership of an attribute certificate Identity itself is not useful since the requestor and controller are unknown to each other

17 Infrastructure Root Medical Authority Local Hospital
(Hartford Hospital) Authority Local Hospital (St. Francis) Authority

18 Defining An Access Policy
Each system defines a security policy that specifies constraints based on: The user role The type of data being requested The presented trust profile The user role and type of data being requested influence the requirements imposed on the trust profile Other actions may be taken based on the level of trust established Some accesses may result in notification being dispatched to auditors Some data may be denied to the user while access to other data is allowed

19 Making a Data Request When Dr. Smith wants to obtain access to a new system, he will: Create a secure connection to the system Decide which credentials he will send to gain access Send the relevant identity and attribute certificates along with the request If access is granted, Dr. Smith will generate a new public/private key pair and receive a new identity and attribute certificate issued by the controller's certificate and attribute authorities

20 Example Dr. Smith wants to access his patient’s electronic health record from Day Kimball Hospital He does not have any kind of affiliation with Day Kimball Hospital He does have his trust profile proving his successful access to his patient’s data

21 Dr. Smith's Wallet Access History

22 Choose Relevant Credentials
Access History

23 Send Request With Credentials
X.509 Hartford Hosptial X.509 St. Francis Physician Physician Trust Profile

24 Generate Certificates
X.509 Day Kimball Physician X.509 Day Kimball Physician Physician Health Data

25 John Smith's New Wallet Access History

26 John Smith's New Wallet John Smith adds the identity and attribute certificates issued to him to his digital wallet He can now use the certificate issued to him by Day Kimball hospital to gain access to other new systems Day Kimball Hospital can now identify him with his new identity certificate Over the course of his career, Dr. Smith builds a trust profile consisting of these credentials that can be utilized in attempts at data access

Download ppt "Trust Profiling for Adaptive Trust Negotiation"

Similar presentations

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Directory and Trust Services (D&TS) Define an Abstract Model Purpose: Document a common terminology that the group can use between the various tracks Identify.

Directory and Trust Services (D&TS) Define an Abstract Model Purpose: Document a common terminology that the group can use between the various tracks Identify.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
SCENARIO Suppose the presenter wants the students to access a file Supply Credenti -als Grant Access Is it efficient? How can we make this negotiation.

SCENARIO Suppose the presenter wants the students to access a file Supply Credenti -als Grant Access Is it efficient? How can we make this negotiation.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Remote User Authentication. Module Objectives By the end of this module participants will be able to: Describe the methods available for authenticating.

Remote User Authentication. Module Objectives By the end of this module participants will be able to: Describe the methods available for authenticating.
Security Management.

Security Management.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
11 CERTIFICATE SERVICES AND SECURE AUTHENTICATION Chapter 10.

11 CERTIFICATE SERVICES AND SECURE AUTHENTICATION Chapter 10.

Similar presentations

Ads by Google