Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cross-Enterprise User Authentication John F. Moehrke GE Healthcare IT Infrastructure Technical Committee.

Published byTiffany Heath Modified over 8 years ago

Similar presentations

Presentation on theme: "Cross-Enterprise User Authentication John F. Moehrke GE Healthcare IT Infrastructure Technical Committee."— Presentation transcript:

1 Cross-Enterprise User Authentication John F. Moehrke GE Healthcare IT Infrastructure Technical Committee

2 June 28-29, 2005Interoperability Strategy Workshop2 W W W. I H E. N E T Providers and Vendors Working Together to Deliver Interoperable Health Information Systems In the Enterprise and Across Care Settings

3 June 28-29, 2005Interoperability Strategy Workshop3 IT Infrastructure Profiles 2004 Patient Identifier Cross-referencing for MPI (PIX) Retrieve Information for Display (RID) Consistent Time (CT) Patient Synchronized Applications (PSA) Enterprise User Authentication (EUA) 2005 Patient Demographic Query (PDQ) Cross Enterprise Document Sharing (XDS) Audit Trail and Note Authentication (ATNA) Personnel White Pages (PWP) 2006 Cross-Enterprise User Authentication (XUA) Document Digital Signature (DSG) – Notification of Document Availability (NAV) Patient Administration/Management (PAM) Cross-Enterprise User Authentication (XUA) – User identify federation

4 June 28-29, 2005Interoperability Strategy Workshop4 Cross-Enterprise User Authentication Abstract/Scope Provide User Identity between Enterprises Provide Authentication strength knowledge Provide for optional contact information Mechanism to disclose User Identity is Profiled by IHE; controlled by Affinity Domain Policy

5 June 28-29, 2005Interoperability Strategy Workshop5 Cross-Enterprise User Authentication Value Proposition Extend User Identity to Affinity Domain –Supports any cross-enterprise transaction –Federated or Centralized Provide information necessary so that XDS actors can make Access Control decisions –Does not include Access Control mechanism Provide information necessary so that XDS actors can produce detailed and accurate Security Audit Trail

6 June 28-29, 2005Interoperability Strategy Workshop6 Cross-Enterprise User Authentication Transaction Diagram Identity Provider 2 Request Assertion (of who this user is) 1 XDS Retrieve 3 Request User ID 4 User Identity 5 Authentication Assertion Record Auditable Event ATNA Audit Repository XDS Repository

7 June 28-29, 2005Interoperability Strategy Workshop7 Cross-Enterprise User Authentication Standards Used Employs SAML 2.0 Profiles Specifies use of SAML Browser SSO Profile and Enhanced Client/Proxy Profile Specifies SAML Profile to use with XDS (ebXML Registry) –Consistent with ebXML 3.0 use of SAML Extends SAML 2.0 Profiles into HL7 –future DICOM

8 June 28-29, 2005Interoperability Strategy Workshop8 Cross-Enterprise User Authentication Actors User Authentication Provider – Not specified but required. Could be EUA or other authentication system X-Identity Provider – SAML Identity Provider X-Service User – Any IHE Actor that interacts with the user, has authenticated the user using the “User Authentication Provider” X-Service Provider – Any IHE Actor requiring XUA Dash Line – Existing Transactions Solid Line – XUA User Authentication Provider X-Identity Provider X-Service User X-Service Provider

9 June 28-29, 2005Interoperability Strategy Workshop9 Key: Original Transaction XUA Assertion TLS Protections EHR Patient Data XDS Consumer XDS Registry X-Service User user auth provider X-Identity Provider Cross-Enterprise User Authentication Implementation Example User Auth (ATNA Secure Node) Audit Log

10 June 28-29, 2005Interoperability Strategy Workshop10 Cross-Enterprise User Authentication SAML Resources OASIS Security Services (SAML) TC –http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=securityhttp://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security SAML V2.0 slides from Eve Maler (Sun) –http://www.oasis- open.org/committees/download.php/12958/SAMLV2.0-basics.pdfhttp://www.oasis- open.org/committees/download.php/12958/SAMLV2.0-basics.pdf SAML V2.0 slides from Prateek Mishra –http://lists.oasis-open.org/archives/security- services/200504/ppt00000.ppthttp://lists.oasis-open.org/archives/security- services/200504/ppt00000.ppt SAML V2.0 slides from Hal Lockhart –http://lists.oasis-open.org/archives/security- services/200506/msg00031.htmlhttp://lists.oasis-open.org/archives/security- services/200506/msg00031.html

11 June 28-29, 2005Interoperability Strategy Workshop11 More information…. IHE Web sites: www.ihe.net www.ihe.net Technical Frameworks, Supplements –Fill in relevant supplements and frameworks Non-Technical Brochures : Calls for Participation IHE Fact Sheet and FAQ IHE Integration Profiles: Guidelines for Buyers IHE Connect-a-thon Results Vendor Products Integration Statements

Download ppt "Cross-Enterprise User Authentication John F. Moehrke GE Healthcare IT Infrastructure Technical Committee."

Similar presentations

IT Infrastructure Glen Marshall Siemens Health Solutions IHE IT Infrastructure Committee Co-chair.

IT Infrastructure Glen Marshall Siemens Health Solutions IHE IT Infrastructure Committee Co-chair.
September, 2005What IHE Delivers 1 Key Image Notes Evidence Documents Simple Image & Numeric Report Access to Radiology Information IHE Vendors Workshop.

September, 2005What IHE Delivers 1 Key Image Notes Evidence Documents Simple Image & Numeric Report Access to Radiology Information IHE Vendors Workshop.
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Patient Identifier Cross-referencing for MPI (PIX) Profile Mike Henderson.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Patient Identifier Cross-referencing for MPI (PIX) Profile Mike Henderson.
June 28-29, 2005IHE Interoperability Workshop Keith W. Boone Dictaphone Corporation IHE ITI Technical Comittee Notification of Document Availability (NAV)

June 28-29, 2005IHE Interoperability Workshop Keith W. Boone Dictaphone Corporation IHE ITI Technical Comittee Notification of Document Availability (NAV)
IHE IT Infrastructure Domain Update

IHE IT Infrastructure Domain Update
IHE IT Infrastructure Outreach to Patient Care Coordination Domain Michael Nusbaum IT Infrastructure Planning Committee December 13 th, 2010.

IHE IT Infrastructure Outreach to Patient Care Coordination Domain Michael Nusbaum IT Infrastructure Planning Committee December 13 th, 2010.
September, 2005What IHE Delivers 1 Basic Patient Privacy Consents (BPPC) IHE Vendors Workshop 2006 IHE Patient Care Coordination Education

September, 2005What IHE Delivers 1 Basic Patient Privacy Consents (BPPC) IHE Vendors Workshop 2006 IHE Patient Care Coordination Education
PRESENTATION TITLE Name of Presenter Company Affiliation IHE Affiliation.

PRESENTATION TITLE Name of Presenter Company Affiliation IHE Affiliation.
June 28-29, 2005IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Cross-enterprise Document Sharing for Imaging (XDS-I) Rita Noumeir.

June 28-29, 2005IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Cross-enterprise Document Sharing for Imaging (XDS-I) Rita Noumeir.
Audit Trail and Node Authentication / Consistent Time

Audit Trail and Node Authentication / Consistent Time
Document Digital Signature (DSG) Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical.

Document Digital Signature (DSG) Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical.
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT, EUA, PWP, DSIG IHE Vendors Workshop 2006 IHE IT Infrastructure Education Robert Horn,

September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT, EUA, PWP, DSIG IHE Vendors Workshop 2006 IHE IT Infrastructure Education Robert Horn,
Pathfinding Session: IT Infrastructure for Intra-Enterprise IHE North America Webinar Series 2008 Charles Parisot IT Infrastructure GE Healthcare.

Pathfinding Session: IT Infrastructure for Intra-Enterprise IHE North America Webinar Series 2008 Charles Parisot IT Infrastructure GE Healthcare.
Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.

Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.
EbXML Registry Technical Committee n Defining and managing interoperable registries and repositories n The OASIS ebXML Registry TC develops specifications.

EbXML Registry Technical Committee n Defining and managing interoperable registries and repositories n The OASIS ebXML Registry TC develops specifications.
Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.

Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.
Slide 1 Sharing Images without CDs, The Next Imaging Sea Change GE Healthcare Chris Lindop GE Healthcare Interoperability & Standards.

Slide 1 Sharing Images without CDs, The Next Imaging Sea Change GE Healthcare Chris Lindop GE Healthcare Interoperability & Standards.
Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.

Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.
What IHE Delivers Healthcare Provider Directories IHE IT Infrastructure Planning Committee Eric Heflin – Medicity/THSA.

What IHE Delivers Healthcare Provider Directories IHE IT Infrastructure Planning Committee Eric Heflin – Medicity/THSA.
Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.

Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.

Similar presentations

Ads by Google