FDS presentation_v2.0

Document Sample
FDS presentation_v2.0 Powered By Docstoc
					Federated [Organization] Registry

          Brief Profile Proposal for 2008/09
                    presented to the
        IT Infrastructure Planning Committee

     J. Caumanns (eCR, Fraunhofer ISST, IHE-D)
                 16 October 2008
                                                               Use Case

Mr. A has been to hospital B for a surgery. After his stay he gets a
discharge letter for his PCP where the follow-up medication is determined.
On the way to his PCP Mr. A lost the letter in the bus. He asks the PCP to
call the hospital for copy.
PCP is calling the directory assistance.

PCP A:     Hi, this is PCP A: Can you please provide me the number of the
           cardiological dept. of hospital B?
DirAssist: We do not have the numbers of the departments listed. But the
           number of the hospital’s central office is 12345. Should I connect
PCP:       Yes please.
Hospital: Hospital B. What can I do for you?
PCP:       Could you please give me the number of the cardiological dept.?

                        IT Infrastructure Planning Committee
                                                                Use Case

Hospital: The phone number is 123456. But for technical reasons I cannot
          connect you.
PCP is dialing 123456.

CardDept: Hospital B. Cardiological dept. Can I help you?
PCP:     Yes please. My name is PCP X and I’m here with Mr. A who lost
         his discharge letter in the bus. Could you please send me a copy
         by fax?
CardDept:No Problem. Please give me your name and fax number.
PCP:     My name is PCP X and my fax number is 444. Thank you.

2 minutes later the discharge letter arrives by fax.
The PCP prescribes the medicine as stated in the discharge letter.

                         IT Infrastructure Planning Committee
                                                             The Problem

• Directory lookups and identity information exchanged in the
  use case:
   – PCP X calling the directory assistance
   – Directory assistance looking up the phone number [identity
     attribute] of Hospital B
   – Hospital B looking up the phone number [identity attribute] of the
     cardiologic department.
   – Cardiologic department asking for name and fax number [identity
     attributes] of PCP X
• Shifting this scenario into the digital age would require
  comparable lookup services and mechanisms for the
  exchange of identity information

                      IT Infrastructure Planning Committee
                                          Use Case (continued)

Two days later Mr. A dies from a contraindication caused by
the medicine PCP X gave him. During their investigation the
police finds out that the cardiologic department of hospital B
never sent a fax to PCP X.

It is possible for an intruder to do a man-in-the-middle attack
with this scenario because PCP X had no easy way to
authenticate his communication partners and to verify the
accuracy of the identity and directory information exchanged.

                    IT Infrastructure Planning Committee

• Incompliant directory services using different trust models
  make it hard to verify the authenticity of the service and the
  data provided.
• Missing directory services make it impossible to establish a
  trusted communication with partners only known by name.

• -> a unique model for trust establishment is required
• -> an operational model is needed that allows for a high
  accuracy of the directory data
• -> the authenticity of the entry point for a chain of directory
  queries must be verifiable with local data only

                    IT Infrastructure Planning Committee
           Federated Directory Services

                                   Affinity Domain


Affinity Domain

        OrgDir                         ATNA,
                       FDS             WS* , ...


                               Affinity Domain

        IT Infrastructure Planning Committee
                 Proposed Standards & Systems

• The proposed profile should use existing directory
  standards (i. e. LDAP)
• RFC 2798 is a good basis for the registry data set
• Entity Identification Service (Service Functional Model
  Specification) + OMG Spec.
• The use of DSML and/or SPML should be considered
• Federation and trust establishment/brokerage should be
  based on the respective WS* standards (e. g. using the
  recommendations of the HL7 v3 transport specification)

                   IT Infrastructure Planning Committee

• Level of effort:
   – medium
• Profile Editor:
   – Ben Kraufmann, Olaf Rode (Fraunhofer ISST, eCR Consortium)
   – Members from IHE Germany, IHE Austria, and eCR industry

                     IT Infrastructure Planning Committee

Shared By: