Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K.

Slides:

Advertisements

Similar presentations

ROWLBAC – Representing Role Based Access Control in OWL

Advertisements

0 McLean, VA August 8, 2006 SOA, Semantics and Security.

2 Introduction A central issue in supporting interoperability is achieving type compatibility. Type compatibility allows (a) entities developed by various.

PASSPrivacy, Security and Access Services Don Jorgenson Introduction to Security and Privacy Educational Session HL7 WG Meeting- Sept

NRL Security Architecture: A Web Services-Based Solution

High Performance Computing Course Notes Grid Computing.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

A Successful RHIO Implementation

A Versatile Storage System for Future Networking Architecture Prof. Xiaohua Jia City University of Hong Kong 1.

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.

Network Access Protection Platform Architecture Joseph Davies Technical writer Windows Networking and Device Technologies Microsoft Corporation.

1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.

JXTA P2P Platform Denny Chen Dai CMPT 771, Spring 08.

11 DICOM Image Communication in Globus-Based Medical Grids Michal Vossberg, Thomas Tolxdorff, Associate Member, IEEE, and Dagmar Krefting Ting-Wei, Chen.

Securing Web Services Using Semantic Web Technologies Brian Shields PhD Candidate, Department of Information Technology, National University of Ireland,

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

Distributed Collaborations Using Network Mobile Agents Anand Tripathi, Tanvir Ahmed, Vineet Kakani and Shremattie Jaman Department of computer science.

Omniran IEEE 802 Scope of OmniRAN Date: Authors: NameAffiliationPhone Max RiegelNSN

Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.

Combining KMIP and XACML. What is XACML? XML language for access control Coarse or fine-grained Extremely powerful evaluation logic Ability to use any.

1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

Global Federated Identity & Privilege Management GFIPM John Ruegg, Director LA County ISAB United States Department of Justice.

● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.

CONTI’2008, 5-6 June 2008, TIMISOARA 1 Towards a digital content management system Gheorghe Sebestyen-Pal, Tünde Bálint, Bogdan Moscaliuc, Agnes Sebestyen-Pal.

Requirements for Epidemic Information Management Farrukh Najmi XML Standards Architect Sun Microsystems

Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz

1 Dr. Markus Hillenbrand, ICSY Lab, University of Kaiserslautern, Germany A Generic Database Web Service for the Venice Service Grid Michael Koch, Markus.

Identity Management Report By Jean Carreon and Marlon Gonzales.

SAML, XACML & the Terrorism Information Sharing Environment “Interoperable Trust Networks” XML Community of Practice February 16, 2005 Martin Smith Program.

Tom Clarke VP, Research & Technology National Center for State Courts.

Copyright © 2004 Pearson Education, Inc. Slide 5-1 Securing Channels of Communication Secure Sockets Layer (SSL): Most common form of securing channels.

OpenPASS Open Privacy, Access and Security Services “Quis custodiet ipsos custodes?”

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

A Pervasive Architectural Framework for Providing Remote Medical Treatment Author:D. Vassis, P. Belsis, C.Skourlas,G.Pantziou 1.

The Grid System Design Liu Xiangrui Beijing Institute of Technology.

Serving society Stimulating innovation Supporting legislation Danny Vandenbroucke & Ann Crabbé KU Leuven (SADL) AAA-architecture for.

United States Department of Justice Implementing Privacy Policy in Justice Information Sharing: A Technical Framework John Ruegg,

1 Networking Chapter Distributed Capabilities Communications architectures –Software that supports a group of networked computers Network operating.

XML Web Services Architecture Siddharth Ruchandani CS 6362 – SW Architecture & Design Summer /11/05.

Key Issues of Interoperability in eHealth Asuman Dogac, Marco Eichelberg, Tuncay Namli, Ozgur Kilic, Gokce B. Laleci IST RIDE Project.

11 Usage policies for end point access control  XACML is Oasis standard to express enterprise security policies with a common XML based policy language.

Security Protection on Trust Delegated Medical Data in Public Mobile Networks Dasun Weerasinghe, Muttukrishnan Rajarajan and Veselin Rakocevic Mobile Networks.

1 Policy-based architecture. 2 Policy management view of the architecture IP MMed domain is a converged services domain where voice, video, data are provided.

SEMANTIC AGENT SYSTEMS Towards a Reference Architecture for Semantic Agent Systems Applied to Symposium Planning Usman Ali.

Extensible Access Control Framework for Cloud Applications KTH-SEECS Applied Information Security Lab SEECS NUST Implementation Perspective.

Proposal for RBAC Features for SDD James Falkner Sun Microsystems October 11, 2006.

A Standards-Based Approach for Supporting Dynamic Access Policies for a Federated Digital Library K. Bhoopalam, K. Maly, F. McCown, R. Mukkamala, M. Zubair.

David Smiley SOA Technology Evangelist Software AG Lead, follow or get out of the way Here Comes SOA.

Authorization GGF-6 Grid Authorization Concepts Proposed work item of Authorization WG Chicago, IL - Oct 15 th 2002 Leon Gommans Advanced Internet.

University of the Aegean - EGEE Enabling Grids for E-science in Europe UNIVERSITY OF THE AEGEAN Telecommunications Laboratory Department of Information.

Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.

1 IHE ITI White Paper on Access Control Outline of Chapter 4 Jörg Caumanns, Raik Kuhlisch, Olaf Rode TCon,

1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.

Globus: A Report. Introduction What is Globus? Need for Globus. Goal of Globus Approach used by Globus: –Develop High level tools and basic technologies.

XACML Showcase RSA Conference What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation logic n.

Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.

Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.

WSO2 Identity Server 4.0 Fall WSO2 Carbon Enterprise Middleware Platform 2.

A Semi-Automated Digital Preservation System based on Semantic Web Services Jane Hunter Sharmin Choudhury DSTC PTY LTD, Brisbane, Australia Slides by Ananta.

Presented By: Smriti Bhatt

Internet and Distributed Application Services

XACML and the Cloud.

University of Technology

HL7 Security Working Group Plenary Working Group Meeting 9-14 September 2012 Baltimore, Maryland Access Control.

Business Process Management

AAA: A Survey and a Policy- Based Architecture and Framework

InfiNET Solutions 5/21/

Presentation transcript:

Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K. Gritzalis, S.Belsis, P.Katsikas, S.K. This paper appears in: Engineering in Medicine and Biology Magazine, IEEE Issue Date : Sept.-Oct Engineering in Medicine and Biology Magazine, IEEEEngineering in Medicine and Biology Magazine, IEEE

Access Control Models Group-oriented rather than individual-oriented access control makes the process more easily manageable role based access control (RBAC) model

Policy-Based Management XACML standardized and open, allowing extensions that enable interoperation between various platforms it is codified in XML, which tends to dominate as a codification standard and is operating-system independent it allows extensions so as to support the needs for a variety of environments it allows context-based authorization Policy enforcement point (PEP) grants access after receiving an appropriate message from the PDP Policy decision point (PDP) reasons over a specific access request after evaluating both the requestor ’ s credentials and the request according to the policy in force Policy information point (PIP) responsible for retrieving environmental attributes

Multidomain Access Control Enforcement Access to data should be regulated by specific generic guidelines, applicable for all the cooperating medical environments. Free. Enforcement points should be autonomous and should have freedom in managing their IT infrastructure. Dynamic. Healthcare units can join or leave at any time, increasing the complexity of the overall management. No centralized authorization architecture. Security policies can be defined locally Transparency. The procedures for accessing medical data, whether these are stored locally or in a remote domain, should be identical.

Interoperability Issues in Multidomain Environments Exchanging HL7 messages can be made through cost-effective channels such as the Internet Secure information transfer over networks is realized via the secure file transfer protocol (SFTP) All the inter-domain communications are encrypted using the secure sockets layer protocol

Virtual Ontology Networks In order to avoid irrelevant queries to a specific domain, we create an appropriate ontology that can be considered as a set of metadata and meta-knowledge that provides a set of concepts and terms to describe the information content of the specific domain Each request for specific medical information will be directed to an appropriate (in terms of stored medical content) domain

Conclusions and Future Directions Enabling multi-domain infrastructures to communicate and exchange medical information