NHIN-Direct-Deployment-Models

Document Sample
NHIN-Direct-Deployment-Models Powered By Docstoc
					Deployment Models

A. e-Mail client (no S/MIME)
    » NHIN-Direct developed security agent
    » off-the-shelf S/MIME proxy
B. e-Mail client using Native S/MIME
    » Internet e-Mail Service Provider
    » Healthcare specific e-Mail Service Provider
C. Web Portal
    » to common Internet e-Mail service with S/MIME support
    » to Healthcare specific messaging service with S/MIME support
D. EHR/PHR with integrated S/MIME functionality
    » deployed inside the Provider
    » deployed as SaaS
E. NHIN Direct to/from NHIN Exchange
    » Trusted NHIN Gateway
    » End to End secure
A) e-Mail client (no S/MIME)

  Source Client            Source HISP               Destination HISP            Destination Client
 Document                    Locate
                                                                                   Document
                            Destination
    Or                      Certificate                                               Or
   XDM                                                                               XDM
                                                                    POP/IMAP +
                                                                       TLS

    Locate                    S/MIME
   Destination                                        S/MIME Verify
                                Sign
    Address                                           w/ Source Cert
                           w/ Private Key


                  SMTP +
                  MIME+                               S/MIME Decrypt
                   TLS                                 w/ Private Key


                              S/MIME
                              Encrypt                   Encrypted
                           w/ Destination                Content
                                Cert


                                            SMTP +
                               Send         S/MIME       Receive
B) e-Mail client using Native S/MIME
  Source Client                   Destination HISP           Destination Client
   Document                                                       Document
      Or                                                             Or
     XDM                                                            XDM

     Locate
    Destination                                                   S/MIME Verify
    Address +                                                     w/ Source Cert
    Certificate

      S/MIME                                                      S/MIME Decrypt
        Sign                                                       w/ Private Key
   w/ Private Key
                                                     POP/IMAP +
                                                        TLS
      S/MIME
      Encrypt
   w/ Destination                    Encrypted
        Cert                          Content




                         SMTP +
       Send                           Receive
                         S/MIME
C) Web Portal

 Source Client           Source HISP               Destination HISP           Destination Client
                            Upload                                             Document
 Document                 Document(s)
    Or                                                                            Or
   XDM                    Build XDM                                              XDM
                 HTTP                                                 HTTP
                             Find                     Download
                 + TLS                                                + TLS
                          Destination                Document(s)
                          Address +
                          Certificate
                                                    S/MIME Verify
                                                    w/ Source Cert
                            S/MIME
                              Sign
                         w/ Private Key
                                                    S/MIME Decrypt
                                                     w/ Private Key

                            S/MIME
                            Encrypt
                         w/ Destination               Encrypted
                              Cert                     Content


                                          SMTP +
                             Send         S/MIME       Receive
D) EHR/PHR with integrated S/MIME
 Source Client                 Destination HISP           Destination Client
  Document                                                     Document
     Or                                                           Or
    XDM                                                          XDM

    Locate
   Destination                                                 S/MIME Verify
   Address +                                                   w/ Source Cert
   Certificate

     S/MIME                                                    S/MIME Decrypt
       Sign                                                     w/ Private Key
  w/ Private Key
                                                  POP/IMAP +
                                                     TLS
     S/MIME
     Encrypt
  w/ Destination                  Encrypted
       Cert                        Content




                      SMTP +
      Send                         Receive
                      S/MIME
E) NHIN Direct sending to Trusted NHIN
   Exchange
                   NHIN Direct to NHIN Exchange
                        (Destination HISP)                 NHIN
                                                          Exchang
                                                             e

                   Convert XDM
                                                  XDR
                   metadata and
                                                  + TLS
                  content to XDR
                      format



                  S/MIME Verify
                  w/ Source Cert



                  S/MIME Decrypt
                   w/ Private Key
NHIN
Direct                Destination
                      Certificate is Group
                      NHIN Exchange

         SMTP +
         S/MIME      Receive
E) NHIN Direct sending to non-trusted NHIN
   Exchange (End-to-End Secure)
                  NHIN Direct to NHIN Exchange
                       (Destination HISP)                             NHIN
                                                                     Exchang
                                                                        e


                                  Place S/MIME               XDR
                                   message as                + TLS
                                  XDR content




                                   Destination Certificate
                                   is Individual or
                                   Organization
NHIN
Direct

         SMTP +
         S/MIME     Receive
E) NHIN Direct sending to NHIN Exchange
                   NHIN Direct to NHIN Exchange
                        (Destination HISP)                                       NHIN
                                                                                Exchang
                                                                                   e

                   Convert XDM
                                             Place S/MIME               XDR
                   metadata and
                                              message as                + TLS
                  content to XDR
                      format                 XDR content



                  S/MIME Verify
                  w/ Source Cert


                                              Destination Certificate
                  S/MIME Decrypt              is Individual or
                   w/ Private Key             Organization
NHIN
Direct                Destination
                      Certificate is Group
                      NHIN Exchange

         SMTP +
         S/MIME      Receive
E) NHIN-Direct receiving from Trusted NHIN
   Exchange
                                  Trusted NHIN Exchange
 NHIN                                    Gateway
                                       Convert XDR
Exchang         XDR                    Metadata and
   e            + TLS                  Documents to
          Source Certificate is        XDM Zip file
          NHIN Exchange
          Group Certificate
                                    Extract Destination
                                         Address
                                   from XDR metadata

                                     Locate Destination
                                        Certificate


                                       S/MIME Sign
                                       w/ Private Key
                                                             NHIN
                                                             Direct
                                      S/MIME Encrypt
                                       w/ Destination
                                           Cert


                                                          SMTP +
                                            Send
                                                          S/MIME
 E) NHIN-Direct receiving from non-Trusted NHIN
    Exchange (End-to-End Secure)
                                       Non Trusted NHIN
    NHIN                               Exchange Gateway
   Exchang
      e


Source Certificate is
individual or organizational

          Source Client
                                       Extract from XDM
            XDM Zip file                metadata the To
                                           and From
        Locate Destination                 addresses
           Address +
           Certificate
                                                             NHIN
           S/MIME Sign
                                        Extract S/MIME       Direct
                                        message from
           w/ Private Key
                                         XDR content
                               XDR
         S/MIME Encrypt        + TLS
          w/ Destination
              Cert                                        SMTP +
                                                          S/MIME
 E) NHIN-Direct receiving from NHIN Exchange
                                                       Non Trusted NHIN   Trusted NHIN Exchange
    NHIN                                               Exchange Gateway          Gateway
                                                                               Convert XDR
   Exchang                           XDR                                       Metadata and
      e                              + TLS                                     Documents to
                               Source Certificate is                           XDM Zip file
                               NHIN Exchange
                               Group Certificate
                                                                            Extract Destination
Source Certificate is
                                                                                 Address
individual or organizational
                                                                           from XDR metadata
          Source Client
                                                       Extract from XDM      Locate Destination
            XDM Zip file                                metadata the To         Certificate
                                                           and From
        Locate Destination                                 addresses
                                                                               S/MIME Sign
           Address +                                                           w/ Private Key
           Certificate
                                                                                                     NHIN
           S/MIME Sign
                                                        Extract S/MIME                               Direct
                                                        message from
           w/ Private Key                                                     S/MIME Encrypt
                                                         XDR content
                                         XDR                                   w/ Destination
                                         + TLS                                     Cert
         S/MIME Encrypt
          w/ Destination
              Cert                                                                                SMTP +
                                                                                    Send
                                                                                                  S/MIME

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:4
posted:11/25/2011
language:English
pages:11