Security, Privacy Access openPASS Open Privacy, Access and Security Services Project Status Report...
-
Upload
diane-jenkins -
Category
Documents
-
view
214 -
download
0
Transcript of Security, Privacy Access openPASS Open Privacy, Access and Security Services Project Status Report...
Security, Privacy AccessopenPASS
Open Privacy, Access and Security Services
Project Status ReportJuly 1, 2008
openPASS Boca Chart3Q2008
-Successful recruitment
-HL7 SOA PASS Service Functional and Platform Independent Models
-Consensus Reference Architecture
-Healthcare document/message standards
-Jurisdictional standards
-Jurisdictional laws and regulations
Dependencies
Packaging Editions
-Recruit project/subproject leadership
-Prioritized Use Cases
-Service inventory prioritization
-Alignment with Reference Architecture
-Initial implementation priorities --Audit (basic) --Secure transport --Security context --Policy-driven access control (basic)
-Migration of Eclipse OHF code base -IHE ATNA
-Work out service orchestration strategy
Content-Resource constraints
-Several services required to be useful
-Composition required to be useful
-Requires domain expert engagement
-Divergence of related standards efforts
-Delays in emerging standards
-Jurisdictional standards differences
-Jurisdictional regulatory differences
Pressures/Exposures-Identity Resolution (in support of basic user/patient context coordination)
Added
None—new project
Deleted & Changed
July 08 -2008/09 Plan published -OHF ATNA code migratedQ4 08 -Initial PASS-Audit code release complying with ATNA profile
Milestones
openPASS Roadmap
4Q 2008
Guiding Principles:
•Align with HL7-SOA PASS Service Functional Models
•Build service inventory of composable components
•Support OHT Reference Architecture requirements
Developerrecruiting
Project Site LiveJuly 2008
3Q20081H 2009
1st Milestone Release
PASS-Audit,MessagingInitial ATNA client component releases
PASS-Identity, AccessInitial component releases
PASS Service Candidate Prioritization
Aug 2008
Sept 2008
2008-09 Plan Published
Development begins
openPASS Service Candidates
Consent Group
Consent Directive Provisioning
Consent Directive Query
Credentials Group
Credential Validation
Credential Assertion
Identity Group
Audit Record Generator
Authentication
Identity Assertion
Patient Registry Query
Patient Resolution
Identity Provisioning
Context Management
Identity Registry
Directory
PKI Management
Provider Resolution
De-Identification
Utility Services
Digital Signature Encryption
Access Group
Authorization
Resource Proxy
Decision Factor Processing
Access Policy Processing
Access Enforcement
Message Services
Channel Transport
Message Transport
Packaging
Audit Group
Audit Record Generator
Audit Monitor
Audit Record Generator
Audit
Audit Alert
Audit Archive
Audit Event Catalog
Audit Repository
Audit AnalysisAudit Report
Audit Logger
Audit Policy
Tooling
Access Policy Editor/Translator
Consent Form Editor
Entity Registry Editor
openPASS Services in Architectural Context
Health Service Bus
PASS Common Service
Patient Identifier Service
Protected ResourceWorkstation
UIServices
TerminologyServices
HL7 V3Services
Admin SupportServices
Clinical SupportServices
Process
EHR Registry
EHR Repository
Runtime Platform Messages
PASS Services PASS Services PASS Services
Infrastructure Service
Terminology Service
openPASS Services
Phase 1 openPASS Services are intended to provide the basic capabilities that allow a patient or provider to request access to patient health information from a protected resource and, based upon the security and privacy policies applied by the resource, have that access either be granted or denied.To accomplish this objective, Phase 1 openPASS Services must provide at least basic functionality for
Patient Identity ResolutionProvider Identity Authentication, Assertion and ValidationProvider Credential AssertionPoint-to-Point and Message-based Document/Message TransportPolicy-driven Access Control Decisions and EnforcementAudit Event Record Generation and Submission to Audit Logging Services
openPASS Phase 1 Proposed Scope
openPASS Service Candidates
Consent Group
Consent Directive Provisioning
Consent Directive Query
Credentials Group
Credential Validation
Credential Assertion
Identity Group
Audit Record Generator
Authentication
Identity Assertion
Patient Registry Query
Patient Resolution
Identity Provisioning
Context Management
Identity Registry
Directory
PKI Management
Provider Resolution
De-Identification
Utility Services
Digital Signature Encryption
Access Group
Authorization
Resource Proxy
Decision Factor Processing
Access Policy Processing
Access
Enforcement
Message Services
Channel Transport
Message Transport
Packaging
Audit Group
Audit Record Generator
Audit Monitor
Audit Record Generator
Audit
Audit Alert
Audit Archive
Audit Event Catalog
Audit Repository
Audit AnalysisAudit Report
Audit Logger
Audit Policy
Tooling
Access Policy Editor/Translator
Consent Form Editor
Entity Registry Editor
- Phase 1 Dependency
Identity Group
Audit Record Generator
Authentication
Identity Assertion
Patient Registry Query
Patient Resolution
Identity Provisioning
Context Management
Identity Registry
Directory
PKI Management
Provider Resolution
De-Identification