Presentation is loading. Please wait.

Presentation is loading. Please wait.

Deployment Models A.e-Mail client (no S/MIME) »NHIN-Direct developed security agent »off-the-shelf S/MIME proxy B.e-Mail client using Native S/MIME »Internet.

Similar presentations


Presentation on theme: "Deployment Models A.e-Mail client (no S/MIME) »NHIN-Direct developed security agent »off-the-shelf S/MIME proxy B.e-Mail client using Native S/MIME »Internet."— Presentation transcript:

1 Deployment Models A.e-Mail client (no S/MIME) »NHIN-Direct developed security agent »off-the-shelf S/MIME proxy B.e-Mail client using Native S/MIME »Internet e-Mail Service Provider »Healthcare specific e-Mail Service Provider C.Web Portal »to common Internet e-Mail service with S/MIME support »to Healthcare specific messaging service with S/MIME support D.EHR/PHR with integrated S/MIME functionality »deployed inside the Provider »deployed as SaaS E.NHIN Direct to/from NHIN Exchange »Trusted NHIN Gateway »End to End secure

2 Source Client Destination Client Source Full Service HISP Source Full Service HISP Destination Full Service HISP Destination Full Service HISP Send Locate Destination Certificate POP/IMAP + TLS Receive S/MIME Encrypt w/ Destination Cert S/MIME Encrypt w/ Destination Cert S/MIME Verify w/ Source Cert S/MIME Verify w/ Source Cert S/MIME Decrypt w/ Private Key S/MIME Decrypt w/ Private Key A) e-Mail client with Full Service HISP SMTP + S/MIME Locate Destination Address Locate Destination Address SMTP + MIME+ TLS SMTP + MIME+ TLS Document Or XDM Document Or XDM S/MIME Sign w/ Private Key S/MIME Sign w/ Private Key Encrypted Content A.1 A.2 A.3 A.4 A.5 A.6 A.7 A.8 A.9 A.10 A.11 Private Key Store

3 Destination Client Source Client Destination HISP Send Document Or XDM Receive B) e-Mail client using Native S/MIME Locate Destination Address + Certificate Locate Destination Address + Certificate POP/IMAP + TLS SMTP + S/MIME Document Or XDM S/MIME Encrypt w/ Destination Cert S/MIME Encrypt w/ Destination Cert S/MIME Sign w/ Private Key S/MIME Sign w/ Private Key S/MIME Decrypt w/ Private Key S/MIME Decrypt w/ Private Key Encrypted Content B.1 B.2 B.3 B.4 B.5 B.6 B.7 S/MIME Verify w/ Source Cert S/MIME Verify w/ Source Cert B.8 B.9 Private Key Store

4 Destination Client Source Client Source web HISP Destination web HISP Send Upload Document(s) HTTP + TLS HTTP + TLS Receive S/MIME Encrypt w/ Destination Cert S/MIME Encrypt w/ Destination Cert S/MIME Verify w/ Source Cert S/MIME Verify w/ Source Cert S/MIME Decrypt w/ Private Key S/MIME Decrypt w/ Private Key C) Web Portal HTTP + TLS HTTP + TLS Document Or XDM Document Or XDM Download Document(s) S/MIME Sign w/ Private Key S/MIME Sign w/ Private Key Find Destination Address + Certificate Find Destination Address + Certificate Build XDM SMTP + S/MIME Encrypted Content C.1 C.2 C.3 C.4 C.5 C.6 C.7 C.8 C.9 C.10 C.11 C.12 Private Key Store

5 Destination Client Source Client Destination HISP Send Document Or XDM Receive D) EHR/PHR with integrated S/MIME Locate Destination Address + Certificate Locate Destination Address + Certificate POP/IMAP + TLS SMTP + S/MIME Document Or XDM S/MIME Encrypt w/ Destination Cert S/MIME Encrypt w/ Destination Cert S/MIME Sign w/ Private Key S/MIME Sign w/ Private Key S/MIME Decrypt w/ Private Key S/MIME Decrypt w/ Private Key Encrypted Content D.1 Private Key Store D.2 Private Key Store S/MIME Verify w/ Source Cert S/MIME Verify w/ Source Cert D.3 D.4D.5 D.6 D.7 D.8 D.9

6 Gateway: Direct Project to XDR (Destination HISP) Gateway: Direct Project to XDR (Destination HISP) Receive S/MIME Verify w/ Source Cert S/MIME Verify w/ Source Cert S/MIME Decrypt w/ Private Key S/MIME Decrypt w/ Private Key E) Direct Project sending to XDR with Trusted Service Provider (e.g. NHIN Exchange) Convert XDM metadata and content to XDR format SMTP + S/MIME Direct Project Sender XDR + TLS XDR + TLS Destination Certificate is shared with all XDR destinations in XDR Exchange Endpoint in XDR Exchange E.1.1 E.1.2 E.1.4 E.1.6 E.1.7 Private Key Store Address Book w/ Certs E.1.3 E.1.5

7 Gateway: Direct Project from XDR (Source HISP) Gateway: Direct Project from XDR (Source HISP) Send S/MIME Encrypt w/ Destination Cert S/MIME Encrypt w/ Destination Cert E) Direct Project receiving from XDR with Trusted Service Provider (e.g. NHIN Exchange) XDR + TLS XDR + TLS S/MIME Sign w/ Private Key S/MIME Sign w/ Private Key Extract Destination Address from XDR metadata Extract Destination Address from XDR metadata Convert XDR Metadata and Documents to XDM Zip file Direct Project Recipient Endpoint in XDR Exchange Locate Destination Certificate SMTP + S/MIME Private Key Store Address Book w/ Certs E.2.6 E.2.4 E.2.1 E.2.2 E.2.3 E.2.5 E.2.7 E.2.9 E.2.8

8 NHIN Direct to NHIN Exchange (Destination HISP) NHIN Direct to NHIN Exchange (Destination HISP) Receive E) NHIN Direct sending to non-trusted NHIN Exchange (End-to-End Secure) SMTP + S/MIME NHIN Direct Place S/MIME message as XDR content XDR + TLS XDR + TLS Destination Certificate is Individual or Organization NHIN Exchang e

9 NHIN Direct to NHIN Exchange (Destination HISP) NHIN Direct to NHIN Exchange (Destination HISP) Receive S/MIME Verify w/ Source Cert S/MIME Verify w/ Source Cert S/MIME Decrypt w/ Private Key S/MIME Decrypt w/ Private Key E) NHIN Direct sending to NHIN Exchange Convert XDM metadata and content to XDR format SMTP + S/MIME NHIN Direct Place S/MIME message as XDR content XDR + TLS XDR + TLS Destination Certificate is Group NHIN Exchange Destination Certificate is Individual or Organization NHIN Exchang e

10 Non Trusted NHIN Exchange Gateway E) NHIN-Direct receiving from non-Trusted NHIN Exchange (End-to-End Secure) NHIN Direct NHIN Exchang e Source Certificate is individual or organizational Source Client S/MIME Encrypt w/ Destination Cert S/MIME Encrypt w/ Destination Cert XDM Zip file S/MIME Sign w/ Private Key S/MIME Sign w/ Private Key Locate Destination Address + Certificate Locate Destination Address + Certificate XDR + TLS XDR + TLS Extract from XDM metadata the To and From addresses Extract S/MIME message from XDR content SMTP + S/MIME

11 Trusted NHIN Exchange Gateway Non Trusted NHIN Exchange Gateway Send S/MIME Encrypt w/ Destination Cert S/MIME Encrypt w/ Destination Cert E) NHIN-Direct receiving from NHIN Exchange XDR + TLS XDR + TLS S/MIME Sign w/ Private Key S/MIME Sign w/ Private Key Extract Destination Address from XDR metadata Extract Destination Address from XDR metadata Convert XDR Metadata and Documents to XDM Zip file NHIN Direct NHIN Exchang e Locate Destination Certificate Source Certificate is NHIN Exchange Group Certificate Source Certificate is individual or organizational Source Client S/MIME Encrypt w/ Destination Cert S/MIME Encrypt w/ Destination Cert XDM Zip file S/MIME Sign w/ Private Key S/MIME Sign w/ Private Key Locate Destination Address + Certificate Locate Destination Address + Certificate XDR + TLS XDR + TLS Extract from XDM metadata the To and From addresses Extract S/MIME message from XDR content SMTP + S/MIME


Download ppt "Deployment Models A.e-Mail client (no S/MIME) »NHIN-Direct developed security agent »off-the-shelf S/MIME proxy B.e-Mail client using Native S/MIME »Internet."

Similar presentations


Ads by Google