SlideShare ist ein Scribd-Unternehmen logo

Identity 2.0, Web services and SOA in Health Care

Oliver Pfaff
Oliver Pfaff

Buzzwords such as Identity 2.0, Web services and SOA characterize the architectures of novel IT-systems. Concerning these recent trends, the stake holders of eHealth systems might ask a number of questions including: • Users: does that help us in providing a better care? • Owners: how does it change the suite of applications and services we provide? • Suppliers: what is the footprint on our software architecture? This presentation will discuss the relevance of Identity 2.0, Web services and SOA for IT-systems in health-care. It will identify and assess the value that can be added through ideas and technologies behind these trends. Regarding the fundamental concept of identity, architectural blueprints for Web services and SOA-based eHealth systems will also be investigated.

TechnologieBusiness
1 von 17
European Identity Conference 2008, Munich 2008-04-22/25 Identity 2.0, Web Services and SOA in Health-Care
Contents ,[object Object],[object Object],[object Object],[object Object],[object Object]
Setting the Scene IT-Landscape in eHealth – A Vendor’s Perspective System layer System layer System layer System layer Integration layer Integration layer Integration layer Integration layer HIS ERP … Presentation Health professionals Health care provider 1 System layer Integration layer System layer Integration layer System layer Integration layer System layer Integration layer HIS ERP … Presentation Health professionals Health care provider 2 Cooperate
Setting the Scene Medical Cases Often Involve Multiple Providers ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Benchmark Scenario The Electronic Case Records Scenario ,[object Object],[object Object],Health care provider 1 MDO 1,1 MDO 1,2 MDO 1,n … Health care provider 2 MDO 2,1 MDO 2,2 MDO 2,n … Health care provider 3 MDO 3,1 MDO 3,2 MDO 3,n … Case: John Doe’s leg fracture ECR ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Benchmark Scenario The ECR Security Challenge From 10.000 Feet ,[object Object],Column Resource provider Has: services providing resources ,[object Object],[object Object],[object Object],Has: unauthenticated user data Column Identity provider ,[object Object],[object Object],[object Object],Row Transient data Row Persisted data Clockwise or counter- clockwise? ,[object Object],[object Object],[object Object],Has: unauthenticated user data
Buzzword Scouting Identity 2.0 Has: persisted, unauthenticated user data Has: service providing resources Column Identity provider Column Resource provider Row Transient data Row Persisted data doTransfer doAuthn ,[object Object],[object Object],[object Object],doTransfer doAuthn ,[object Object],[object Object],[object Object]
Buzzword Scouting Why Identity 2.0 Is Natural But (Still) Strange? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Buzzword Scouting Web Services and SOA ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],SOA Web services School-of-thought for organizing software Means to integrate external IT-services via Web Web services- based SOA ,[object Object],[object Object],[object Object]
Identity 2.0 Becomes Default in WS-Based SOA ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identity 2.0 Support in WS-Based SOA Application logic WS stack processBusinessObject <dependsOnAuthn> WS consumer requestSecurityToken <reportsOnAuthn> WS provider Application logic WS stack Resources <RP> <IdP> Identity store STS provider STS logic WS stack <wsp:Policy …> <sp:ProtectionToken> … <sp:IssuedToken…> <sp:RequestSecurityTokenTemplate> <wst:TokenType> urn:oasis:names:tc:SAML:2.0:assertion </wst:TokenType> <wst:KeyType>…</wst:KeyType> <wst:KeySize>256</wst:KeySize> </sp:RequestSecurityTokenTemplate>… </sp:IssuedToken> </sp:ProtectionToken> </wsp:Policy> SAML assertion RAM representation
Identity 2.0 Underlying Architectural Proposition ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Identity 2.0 Addressing the ECR Challenge – eFA Business WSs client logic WS stack WS consumers RReg WS RReg logic WS stack Interceptors (PEP/PDP) processing IdT / AdT / AcT / PoT Folder/MDO relation, MDO metadata DReg WS DReg logic WS stack eFA security WSs (cf. below) FReg WS FReg logic WS stack In: IdT / AdT In: IdT / AcT / PoT In: IdT / AcT / PoT In: IdT / AcT / PoT ECR/folder relation, folder metadata Patient/ECR relation, ECR metadata DRep WS DRep logic WS stack MDOs
Identity 2.0 Addressing the ECR Challenge – eFA Security WSs Client logic WS stack WS consumers Identity store IdT STS IdT logic WS stack AdT WS AdT logic WS stack AcT WS AcT logic WS stack Policy store (DAC) Key store PoT WS PoT logic WS stack eFA business WSs (cf. above) Stub Full content GuT STS GuT logic WS stack In: IdT / AcT Out: PoT In: IdT / AdT Out: AcT In: IdT Out: AdT In: GuT (ext user) or X509Token (int user) Out: IdT In: arbitrary Out: GuT Arbitrary
Conclusions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Abbreviations ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Author ,[object Object]

Empfohlen

An Eye on the Future A Review of Data Virtualization Techniques to Improve Re...
An Eye on the Future A Review of Data Virtualization Techniques to Improve Re...An Eye on the Future A Review of Data Virtualization Techniques to Improve Re...
An Eye on the Future A Review of Data Virtualization Techniques to Improve Re...
HMO Research Network
 
A Survey: Data Leakage Detection Techniques
A Survey: Data Leakage Detection Techniques A Survey: Data Leakage Detection Techniques
A Survey: Data Leakage Detection Techniques
IJECEIAES
 
Domain Analysis Modeling Jan 2009 Wgm
Domain Analysis Modeling Jan 2009 WgmDomain Analysis Modeling Jan 2009 Wgm
Domain Analysis Modeling Jan 2009 Wgm
Abdul-Malik Shakir
 
IRJET- Data Analysis and Solution Prediction using Elasticsearch in Healt...
IRJET- Data Analysis and Solution Prediction using Elasticsearch in Healt...IRJET- Data Analysis and Solution Prediction using Elasticsearch in Healt...
IRJET- Data Analysis and Solution Prediction using Elasticsearch in Healt...
IRJET Journal
 
Hl7 & FHIR
Hl7 & FHIRHl7 & FHIR
Hl7 & FHIR
ACCESS Health Digital
 
Amia now! session one
Amia now! session oneAmia now! session one
Amia now! session one
Abdul-Malik Shakir
 
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
IRJET Journal
 
Documentation Sample 1
Documentation Sample 1Documentation Sample 1
Documentation Sample 1
Jerry Taylor
 

Empfohlen

An Eye on the Future A Review of Data Virtualization Techniques to Improve Re...
An Eye on the Future A Review of Data Virtualization Techniques to Improve Re...An Eye on the Future A Review of Data Virtualization Techniques to Improve Re...
An Eye on the Future A Review of Data Virtualization Techniques to Improve Re...
HMO Research Network
 
A Survey: Data Leakage Detection Techniques
A Survey: Data Leakage Detection Techniques A Survey: Data Leakage Detection Techniques
A Survey: Data Leakage Detection Techniques
IJECEIAES
 
Domain Analysis Modeling Jan 2009 Wgm
Domain Analysis Modeling Jan 2009 WgmDomain Analysis Modeling Jan 2009 Wgm
Domain Analysis Modeling Jan 2009 Wgm
Abdul-Malik Shakir
 
IRJET- Data Analysis and Solution Prediction using Elasticsearch in Healt...
IRJET- Data Analysis and Solution Prediction using Elasticsearch in Healt...IRJET- Data Analysis and Solution Prediction using Elasticsearch in Healt...
IRJET- Data Analysis and Solution Prediction using Elasticsearch in Healt...
IRJET Journal
 
Hl7 & FHIR
Hl7 & FHIRHl7 & FHIR
Hl7 & FHIR
ACCESS Health Digital
 
Amia now! session one
Amia now! session oneAmia now! session one
Amia now! session one
Abdul-Malik Shakir
 
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...
IRJET Journal
 
Documentation Sample 1
Documentation Sample 1Documentation Sample 1
Documentation Sample 1
Jerry Taylor
 
Hl7 vs fhir
Hl7 vs fhirHl7 vs fhir
Hl7 vs fhir
Thiyagu2
 
Rim Based Relational Database Design Tutorial September 2008
Rim Based Relational Database Design Tutorial September 2008Rim Based Relational Database Design Tutorial September 2008
Rim Based Relational Database Design Tutorial September 2008
Abdul-Malik Shakir
 
Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMAProtecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMA
Domenico Catalano
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossAS
Roger CARHUATOCTO
 
Sharing of PHR on Cloud Using Attribute Based Encryption and Access by QR-Code
Sharing of PHR on Cloud Using Attribute Based Encryption and Access by QR-CodeSharing of PHR on Cloud Using Attribute Based Encryption and Access by QR-Code
Sharing of PHR on Cloud Using Attribute Based Encryption and Access by QR-Code
IRJET Journal
 
Healthcare Exchange Interoperability
Healthcare Exchange InteroperabilityHealthcare Exchange Interoperability
Healthcare Exchange Interoperability
Tomislav Milinović
 
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...
IRJET Journal
 
Emmert_Resume
Emmert_ResumeEmmert_Resume
Emmert_Resume
Aaron Emmert
 
HL7 Version 3 Overview
HL7 Version 3 Overview HL7 Version 3 Overview
HL7 Version 3 Overview
WardTechTalent
 
Design an active verification mechanism for certificates revocation in OCSP f...
Design an active verification mechanism for certificates revocation in OCSP f...Design an active verification mechanism for certificates revocation in OCSP f...
Design an active verification mechanism for certificates revocation in OCSP f...
IJECEIAES
 
Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...
Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...
Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...
IJERA Editor
 
Cloud Compliance with Encrypted Data – Health Records
Cloud Compliance with Encrypted Data – Health RecordsCloud Compliance with Encrypted Data – Health Records
Cloud Compliance with Encrypted Data – Health Records
ijtsrd
 
A Proposed Security Architecture for Establishing Privacy Domains in Systems ...
A Proposed Security Architecture for Establishing Privacy Domains in Systems ...A Proposed Security Architecture for Establishing Privacy Domains in Systems ...
A Proposed Security Architecture for Establishing Privacy Domains in Systems ...
IJERA Editor
 
Introduction to hl7 v3
Introduction to hl7 v3Introduction to hl7 v3
Introduction to hl7 v3
Abdul-Malik Shakir
 
User-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management PlatformUser-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management Platform
Domenico Catalano
 
Hl7 v2 certification test preparation
Hl7 v2 certification test preparationHl7 v2 certification test preparation
Hl7 v2 certification test preparation
Abdul-Malik Shakir
 
Understanding clinical data exchange and cda (hl7 201)
Understanding clinical data exchange and cda (hl7 201)Understanding clinical data exchange and cda (hl7 201)
Understanding clinical data exchange and cda (hl7 201)
Edifecs Inc
 
Introduction to cda may 2019 montreal
Introduction to cda may 2019 montrealIntroduction to cda may 2019 montreal
Introduction to cda may 2019 montreal
Abdul-Malik Shakir
 
Payment Processing Automation – BancTec – Leading BPO Company whitepaper
Payment Processing Automation – BancTec – Leading BPO Company whitepaperPayment Processing Automation – BancTec – Leading BPO Company whitepaper
Payment Processing Automation – BancTec – Leading BPO Company whitepaper
james Anderson
 
The empty box
The empty boxThe empty box
The empty box
eyetech
 
CST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comCST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.com
claric240
 
CST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comCST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.com
kopiko146
 

Weitere ähnliche Inhalte

Was ist angesagt?

Rim Based Relational Database Design Tutorial September 2008
Rim Based Relational Database Design Tutorial September 2008Rim Based Relational Database Design Tutorial September 2008
Rim Based Relational Database Design Tutorial September 2008
Abdul-Malik Shakir
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossAS
Roger CARHUATOCTO
 
Design an active verification mechanism for certificates revocation in OCSP f...
Design an active verification mechanism for certificates revocation in OCSP f...Design an active verification mechanism for certificates revocation in OCSP f...
Design an active verification mechanism for certificates revocation in OCSP f...
IJECEIAES
 
Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...
Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...
Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...
IJERA Editor
 
Cloud Compliance with Encrypted Data – Health Records
Cloud Compliance with Encrypted Data – Health RecordsCloud Compliance with Encrypted Data – Health Records
Cloud Compliance with Encrypted Data – Health Records
ijtsrd
 
A Proposed Security Architecture for Establishing Privacy Domains in Systems ...
A Proposed Security Architecture for Establishing Privacy Domains in Systems ...A Proposed Security Architecture for Establishing Privacy Domains in Systems ...
A Proposed Security Architecture for Establishing Privacy Domains in Systems ...
IJERA Editor
 
The empty box
The empty boxThe empty box
The empty box
eyetech
 

Was ist angesagt? (20)

Hl7 vs fhir
Hl7 vs fhirHl7 vs fhir
Hl7 vs fhir
 
Rim Based Relational Database Design Tutorial September 2008
Rim Based Relational Database Design Tutorial September 2008Rim Based Relational Database Design Tutorial September 2008
Rim Based Relational Database Design Tutorial September 2008
 
Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMAProtecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMA
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossAS
 
Sharing of PHR on Cloud Using Attribute Based Encryption and Access by QR-Code
Sharing of PHR on Cloud Using Attribute Based Encryption and Access by QR-CodeSharing of PHR on Cloud Using Attribute Based Encryption and Access by QR-Code
Sharing of PHR on Cloud Using Attribute Based Encryption and Access by QR-Code
 
Healthcare Exchange Interoperability
Healthcare Exchange InteroperabilityHealthcare Exchange Interoperability
Healthcare Exchange Interoperability
 
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...
 
Emmert_Resume
Emmert_ResumeEmmert_Resume
Emmert_Resume
 
HL7 Version 3 Overview
HL7 Version 3 Overview HL7 Version 3 Overview
HL7 Version 3 Overview
 
Design an active verification mechanism for certificates revocation in OCSP f...
Design an active verification mechanism for certificates revocation in OCSP f...Design an active verification mechanism for certificates revocation in OCSP f...
Design an active verification mechanism for certificates revocation in OCSP f...
 
Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...
Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...
Data Hiding In Medical Images by Preserving Integrity of ROI Using Semi-Rever...
 
Cloud Compliance with Encrypted Data – Health Records
Cloud Compliance with Encrypted Data – Health RecordsCloud Compliance with Encrypted Data – Health Records
Cloud Compliance with Encrypted Data – Health Records
 
A Proposed Security Architecture for Establishing Privacy Domains in Systems ...
A Proposed Security Architecture for Establishing Privacy Domains in Systems ...A Proposed Security Architecture for Establishing Privacy Domains in Systems ...
A Proposed Security Architecture for Establishing Privacy Domains in Systems ...
 
Introduction to hl7 v3
Introduction to hl7 v3Introduction to hl7 v3
Introduction to hl7 v3
 
User-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management PlatformUser-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management Platform
 
Hl7 v2 certification test preparation
Hl7 v2 certification test preparationHl7 v2 certification test preparation
Hl7 v2 certification test preparation
 
Understanding clinical data exchange and cda (hl7 201)
Understanding clinical data exchange and cda (hl7 201)Understanding clinical data exchange and cda (hl7 201)
Understanding clinical data exchange and cda (hl7 201)
 
Introduction to cda may 2019 montreal
Introduction to cda may 2019 montrealIntroduction to cda may 2019 montreal
Introduction to cda may 2019 montreal
 
Payment Processing Automation – BancTec – Leading BPO Company whitepaper
Payment Processing Automation – BancTec – Leading BPO Company whitepaperPayment Processing Automation – BancTec – Leading BPO Company whitepaper
Payment Processing Automation – BancTec – Leading BPO Company whitepaper
 
The empty box
The empty boxThe empty box
The empty box
 

Ähnlich wie Identity 2.0, Web services and SOA in Health Care

Ähnlich wie Identity 2.0, Web services and SOA in Health Care (20)

CST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.comCST 610 RANK Redefined Education--cst610rank.com
CST 610 RANK Redefined Education--cst610rank.com
 
CST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comCST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.com
 
Cst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.comCst 610 Enhance teaching / snaptutorial.com
Cst 610 Enhance teaching / snaptutorial.com
 
Cyb 610Education Specialist / snaptutorial.com
Cyb 610Education Specialist / snaptutorial.comCyb 610Education Specialist / snaptutorial.com
Cyb 610Education Specialist / snaptutorial.com
 
CST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.comCST 610 Effective Communication/tutorialrank.com
CST 610 Effective Communication/tutorialrank.com
 
CSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.comCSEC 610 Education Specialist / snaptutorial.com
CSEC 610 Education Specialist / snaptutorial.com
 
Csec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.comCsec 610 Education Organization-snaptutorial.com
Csec 610 Education Organization-snaptutorial.com
 
Cyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comCyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.com
 
CYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comCYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.com
 
Csec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comCsec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.com
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.com
 
Cyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.comCyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.com
 
CYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.comCYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.com
 
CST 610 Effective Communication - snaptutorial.com
CST 610 Effective Communication - snaptutorial.comCST 610 Effective Communication - snaptutorial.com
CST 610 Effective Communication - snaptutorial.com
 
CST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.comCST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.com
 
CST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comCST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.com
 
CST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comCST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.com
 
CST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comCST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.com
 
CST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comCST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.com
 
Cst 610 Believe Possibilities / snaptutorial.com
Cst 610 Believe Possibilities / snaptutorial.comCst 610 Believe Possibilities / snaptutorial.com
Cst 610 Believe Possibilities / snaptutorial.com
 

Mehr von Oliver Pfaff

Trust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-SecurityTrust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-Security
Oliver Pfaff
 
Early Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpaceEarly Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpace
Oliver Pfaff
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
Oliver Pfaff
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
Oliver Pfaff
 
State-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationState-of-the-Art in Web Services Federation
State-of-the-Art in Web Services Federation
Oliver Pfaff
 
Unified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAPUnified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAP
Oliver Pfaff
 
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Oliver Pfaff
 

Mehr von Oliver Pfaff (18)

Trends in IIoT and OT Security
Trends in IIoT and OT SecurityTrends in IIoT and OT Security
Trends in IIoT and OT Security
 
Web-of-Things and Services Security
Web-of-Things and Services SecurityWeb-of-Things and Services Security
Web-of-Things and Services Security
 
Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'
 
IT-Security@Contemporary Life
IT-Security@Contemporary LifeIT-Security@Contemporary Life
IT-Security@Contemporary Life
 
OAuth Base Camp
OAuth Base CampOAuth Base Camp
OAuth Base Camp
 
New Trends in Web Security
New Trends in Web SecurityNew Trends in Web Security
New Trends in Web Security
 
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?
 
Does REST Change the Game for IAM?
Does REST Change the Game for IAM?Does REST Change the Game for IAM?
Does REST Change the Game for IAM?
 
Analyzing OAuth
Analyzing OAuthAnalyzing OAuth
Analyzing OAuth
 
Trust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-SecurityTrust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-Security
 
Identifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusinessIdentifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusiness
 
Early Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpaceEarly Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpace
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
 
State-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationState-of-the-Art in Web Services Federation
State-of-the-Art in Web Services Federation
 
Unified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAPUnified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAP
 
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
 
SOA Security - So What?
SOA Security - So What?SOA Security - So What?
SOA Security - So What?
 

Kürzlich hochgeladen

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 

Kürzlich hochgeladen (20)

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 

Identity 2.0, Web services and SOA in Health Care

  • 1. European Identity Conference 2008, Munich 2008-04-22/25 Identity 2.0, Web Services and SOA in Health-Care
  • 2.
  • 3. Setting the Scene IT-Landscape in eHealth – A Vendor’s Perspective System layer System layer System layer System layer Integration layer Integration layer Integration layer Integration layer HIS ERP … Presentation Health professionals Health care provider 1 System layer Integration layer System layer Integration layer System layer Integration layer System layer Integration layer HIS ERP … Presentation Health professionals Health care provider 2 Cooperate
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11. Identity 2.0 Support in WS-Based SOA Application logic WS stack processBusinessObject <dependsOnAuthn> WS consumer requestSecurityToken <reportsOnAuthn> WS provider Application logic WS stack Resources <RP> <IdP> Identity store STS provider STS logic WS stack <wsp:Policy …> <sp:ProtectionToken> … <sp:IssuedToken…> <sp:RequestSecurityTokenTemplate> <wst:TokenType> urn:oasis:names:tc:SAML:2.0:assertion </wst:TokenType> <wst:KeyType>…</wst:KeyType> <wst:KeySize>256</wst:KeySize> </sp:RequestSecurityTokenTemplate>… </sp:IssuedToken> </sp:ProtectionToken> </wsp:Policy> SAML assertion RAM representation
  • 12.
  • 13. Identity 2.0 Addressing the ECR Challenge – eFA Business WSs client logic WS stack WS consumers RReg WS RReg logic WS stack Interceptors (PEP/PDP) processing IdT / AdT / AcT / PoT Folder/MDO relation, MDO metadata DReg WS DReg logic WS stack eFA security WSs (cf. below) FReg WS FReg logic WS stack In: IdT / AdT In: IdT / AcT / PoT In: IdT / AcT / PoT In: IdT / AcT / PoT ECR/folder relation, folder metadata Patient/ECR relation, ECR metadata DRep WS DRep logic WS stack MDOs
  • 14. Identity 2.0 Addressing the ECR Challenge – eFA Security WSs Client logic WS stack WS consumers Identity store IdT STS IdT logic WS stack AdT WS AdT logic WS stack AcT WS AcT logic WS stack Policy store (DAC) Key store PoT WS PoT logic WS stack eFA business WSs (cf. above) Stub Full content GuT STS GuT logic WS stack In: IdT / AcT Out: PoT In: IdT / AdT Out: AcT In: IdT Out: AdT In: GuT (ext user) or X509Token (int user) Out: IdT In: arbitrary Out: GuT Arbitrary
  • 15.
  • 16.
  • 17.