Presentation is loading. Please wait.

Presentation is loading. Please wait.

Integrating the Healthcare Enterprise Improving Clinical Care: Enterprise User Authentication For IT Infrastructure Robert Horn Agfa Healthcare.

Published byFrederick McKinney Modified over 8 years ago

Similar presentations

Presentation on theme: "Integrating the Healthcare Enterprise Improving Clinical Care: Enterprise User Authentication For IT Infrastructure Robert Horn Agfa Healthcare."— Presentation transcript:

1 Integrating the Healthcare Enterprise Improving Clinical Care: Enterprise User Authentication For IT Infrastructure Robert Horn Agfa Healthcare

2 Vendor Webex – October 2003 IHE Integration Profiles B The IHE Process – Integration Profiles IHE Integration Profiles: – Detailed selection of standards and options each solving a specific integration problem – A growing set of effective provider/vendor agreed solutions – Vendors can implement with ROI – Providers can deploy with stability Standards Easy to Integrate Products IHE Integration Profile A IHE Demonstration IHE Connectathon Product With IHE User Site RFP IHE Technical Framework

3 Vendor Webex – October 2003 Enterprise User Authentication (EUA) Profile Kerberos based support for single sign on Multi-year role out – This year: Kerberos Server Initial Login (username/password), Local system facilities HTTP Authentication – Next year: DICOM HL7 CCOW Connectathon focus

4 Vendor Webex – October 2003 Single Signon EUA contributes to creating a Single Signon Solution: EUA establishes a well known and trustable user identity mechanism EUA establishes a mechanism to extend the user identity to network messages, network transactions, and network connections. Only part of this is ready in the first year. EUA is being integrated with CCOW for application integration. EUA can be extended to a variety of user identification mechanisms.

5 Vendor Webex – October 2003 IHE Security Plans & Context future Basic Security DICOM TLS Basic Security Audit Trail EUA – HTTP Protocol EUA - CCOW EUA – HL7 EUA – DICOM Protocol EUA – Kerberos Server EUA – Initial Login TBD – IETF Audit TBD – Reliable Syslog EUA – other protocol? Kerberized Smart Cards Local Node Security Current IHE Plan IHE Activity, presently not scheduled Outside the SCOPE of IHE IHE supports, enhances, And coexists with these IHE Assumes that these have been provided IHE does not specify User Authorization Systems 2002200320042005 Basic Security HL7 TLS Legend: Private Network Security Node Authentication

6 Synergy between IHE IT Int. Profiles RID with EUA/CT & PIX Display Information Source Time Client Time Server Patient Identitifier Consumer Patient Identifier X-ref Manager Kerberos Authentication Server Client Authentication Agent Example of support of multiple actors/profiles 6

7 Vendor Webex – October 2003 Kerberos Authentication Kerberos Server “kinit” Cache Request TGT Response (contains TGT) application TGT Request Service ticket Response with Service Ticket Application server Protocol specific communication, using Service Ticket as authenticator Communication Initiated Initial username, password Single System Environment

8 Vendor Webex – October 2003 Kerberos Documentation Online – “Moron’s Guide”, http://www.isi.edu/gost/brian/security/kerberos.html – MIT Site http://web.mit.edu/kerberos/www/ – Various Microsoft support documents Hardcopy – Kerberos, Brian Tung, Addison Wesley – Various vendor manuals Configuration and API documentation – See Microsoft, Unix, or other vendor documentation.

9 Vendor Webex – October 2003 HTTP Authentication Client Authentication Agent HTTP Client HTTP Kerberized ServerKerberos Authentication Server Start HTTP Session HTTP Get – with no authentication. 401 response (WWW Authenticate: Negotiate) Get Kerberos Service Ticket Service Ticket HTTP Get – Kerberized Communication HTTP Response

10 Vendor Webex – October 2003 HTTP Documentation Standard (still in draft stage) – http://www.ietf.org/internet-drafts/draft- brezak-spnego-http-04.txt) http://www.ietf.org/internet-drafts/draft- brezak-spnego-http-04.txt Other documentation – http://support.microsoft.com/default.aspx?s cid=kb;ben-us;326985) http://support.microsoft.com/default.aspx?s cid=kb;ben-us;326985

11 Vendor Webex – October 2003 Protocols - DICOM DICOM Associations will convey user identification. User identified associations enables: – Better Audit logs – User specific customizations – User specific authorization Work Item approved, work underway

12 Vendor Webex – October 2003 Protocols - HL7 HL7 transactions will convey user identification. User identified associations enables: – Better Audit logs – User specific customizations – User specific authorization Work Item approved, work underway

13 Vendor Webex – October 2003 Protocols - CCOW EUA defines a CCOW identity space: – User.Id.Logon.Kerberos – This enables some single signon capabilities. CCOW exchange of service ticket information is a work item that is underway

14 Vendor Webex – October 2003 Fast User Switch First year, limited to single system Motivation: High startup times for system services, database connections, and other application services during normal system login. Customer requirement for fast user switching Solution: Initiate applications as a “null user” during system startup Utilize Context Manager and Kerberos Authentication Server to authenticate actual users Utilize Follow Context to switch user identities without incurring the high startup costs.

15 Vendor Webex – October 2003 Fast User Switch Kerberos Authentication Server Device with Fast User Switching User Context Participant Context ManagerClient Authentication Agent Join Context Switch to User A Change ContextUser A LoginFollow ContextUser B LoginChange ContextFollow Context Switch to User B

16 Vendor Webex – October 2003 Connectathon vs Demonstration The focus will be on using the connectathon to verify functionality. These features do not demonstrate very well, because when working properly they are invisible to the user.

Download ppt "Integrating the Healthcare Enterprise Improving Clinical Care: Enterprise User Authentication For IT Infrastructure Robert Horn Agfa Healthcare."

Similar presentations

IT Infrastructure Glen Marshall Siemens Health Solutions IHE IT Infrastructure Committee Co-chair.

IT Infrastructure Glen Marshall Siemens Health Solutions IHE IT Infrastructure Committee Co-chair.
PRESENTATION TITLE Name of Presenter Company Affiliation IHE Affiliation.

PRESENTATION TITLE Name of Presenter Company Affiliation IHE Affiliation.
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
IHE Profile Proposal: Dynamic Configuration Management October, 2013.

IHE Profile Proposal: Dynamic Configuration Management October, 2013.
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT, EUA, PWP, DSIG IHE Vendors Workshop 2006 IHE IT Infrastructure Education Robert Horn,

September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT, EUA, PWP, DSIG IHE Vendors Workshop 2006 IHE IT Infrastructure Education Robert Horn,
Overview of IHE IT Infrastructure Integration Profiles IHE IT Infrastructure Technical Committee Charles Parisot, GE Medical Systems Information Technologies.

Overview of IHE IT Infrastructure Integration Profiles IHE IT Infrastructure Technical Committee Charles Parisot, GE Medical Systems Information Technologies.
Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.

Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.
DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.

DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.
DICOM and Integrating the Healthcare Enterprise: Five years of cooperation and mutual influence Charles Parisot Chair, NEMA Committee for advancement of.

DICOM and Integrating the Healthcare Enterprise: Five years of cooperation and mutual influence Charles Parisot Chair, NEMA Committee for advancement of.
The HITCH project: Cooperation between EuroRec and IHE Pascal Coorevits EuroRec 2010 Annual Conference June 18 th 2010.

The HITCH project: Cooperation between EuroRec and IHE Pascal Coorevits EuroRec 2010 Annual Conference June 18 th 2010.
Configuration Management Supplement 67 Robert Horn, Agfa Healthcare.

Configuration Management Supplement 67 Robert Horn, Agfa Healthcare.
September, 2005What IHE Delivers Introduction to IHE ACCA IHE Workshop 2007 Jon Elion MD, FACC Associate Professor of Medicine, Brown University Co-Chair,

September, 2005What IHE Delivers Introduction to IHE ACCA IHE Workshop 2007 Jon Elion MD, FACC Associate Professor of Medicine, Brown University Co-Chair,
Overview of IHE IT Infrastructure Integration Profiles 2003-2004 Charles Parisot, GE Healthcare IT IHE IT Infrastructure Technical Committee co-chair.

Overview of IHE IT Infrastructure Integration Profiles Charles Parisot, GE Healthcare IT IHE IT Infrastructure Technical Committee co-chair.
OAuth option for mHealth Brief Profile Proposal for 2013/14 presented to the IT Infrastructure Planning Committee R Horn (Agfa Healthcare)

OAuth option for mHealth Brief Profile Proposal for 2013/14 presented to the IT Infrastructure Planning Committee R Horn (Agfa Healthcare)
Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.

Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.
Security and DICOM Lawrence Tarbox, Ph.D. Chair, DICOM Working Group 14 Siemens Corporate Research.

Security and DICOM Lawrence Tarbox, Ph.D. Chair, DICOM Working Group 14 Siemens Corporate Research.
S New Security Developments in DICOM Lawrence Tarbox, Ph.D Chair, DICOM WG 14 (Security) Siemens Corporate Research.

S New Security Developments in DICOM Lawrence Tarbox, Ph.D Chair, DICOM WG 14 (Security) Siemens Corporate Research.
Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.

Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.
Desktop Integration Rhidian Bramley PACS & Teleradiology Group Meeting November 2005.

Desktop Integration Rhidian Bramley PACS & Teleradiology Group Meeting November 2005.
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Audit Trail and Node Authentication Robert Horn Agfa Healthcare.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Audit Trail and Node Authentication Robert Horn Agfa Healthcare.

Similar presentations

Ads by Google