SlideShare una empresa de Scribd logo

20110706 PIDSプロジェクト中間報告

Descargar como PPTX, PDF
Nat Sakimura
Nat Sakimura

OpeniDファウンデーション・ジャパン主催で2011/7/6に行われたPIDSプロジェクトの中間報告資料 途中のビデオは、こちらで → http://www.sakimura.org/2011/07/1149/

TecnologíaSalud y medicina
1 de 44
2011-07-06 PIDSプロジェクト中間報告 崎村夏彦 (@_nat) http://www.sakimura.org/ 1
NHINって、何? 2
NHINとは 3 2004 に開始された、米国全土にまたがる健康情報交換インフラプロジェクト Health Information Exchange (HIE) 及び他の期間との間での健康情報の発見と取得を可能にする 患者情報のサマリーを提供して、患者ケアや患者の健康増進に役立てる 情報交換は安全に行う すべての参加者が同意し遵守する、信頼の基となる契約書を作成する 国民背番号無くして患者とデータをひもづけることを可能にする ステークホルダーが任意で同意する標準のハーモニゼーションをサポートする
主なユースケース 4 Emergency Responder-Electronic Health Record Electronic Health Record – Lab Results Medication Management Consumer Empowerment-Consumer Access to Clinical Information Consumer Empowerment- Registration and Medication History Quality Biosurveillance
5 Data Use and Reciprocal Support Agreement (出所) (NHIN) Architecture Overview v.1.0 1/29/2010
Architecture Principles 分散 自立・自治 ローカル・アカウンタビリティ 標準準拠 SOA Webサービスの利用 仕様ドリブン 認可フレームワーク メッセージング・プラットフォーム 患者ディスカバリ ドキュメント発見 ドキュメント取得 Health Information Event Messaging (HIEM) Document Submission Access Consent Policies Geocoded Interoperable Population Summary Exchange (GIPSE) Profile CARE (Continuity Assessment Record and Evaluation) Profile PKIをセキュリティのベースとして利用 6 (出所) (NHIN) Architecture Overview v.1.0 1/29/2010 を基にOIDF-J
Architecture Requirements 7 参加者間での健康データの交換 背番号なしで患者をかれらの情報にマッピング データ交換に関して、患者の希望を尊重できること 安全なデータ交換 標準準拠 多くの機関や技術、アプローチ方法をサポート 参加者全員がサインできる Trust Agreement (出所) (NHIN) Architecture Overview v.1.0 1/29/2010 を基にOIDF-J
NHIN Network Zones 8 HIO: Health Information Org (出所) (NHIN) Architecture Overview v.1.0 1/29/2010
NHIN Architecture Layers 9 HIO zone NHIN zone Infrastructure zone (出所) (NHIN) Architecture Overview v.1.0 1/29/2010 を基にOIDF-J
NHIN Operational Infrastructure Components 10 (出所)Puscas, “NHIN Operational Infrastructure Architecture Document”, 2009 をもとにOIDF-J
NHIN Messaging, Security & Privacy Foundation 11 Messaging Platform Spec. WS-I Basic v.2.0 WS-I Security v.1.1 Authorization Framework 個人の認証はSAML2.0ベースで。 Requester, Date and Time 属性 Authorized Decision Statement Authorization Framework
NHIN Discovery and Information Services 12 NHIN Discovery and Information Services UDDIでEnd Pointを検索 患者の発見(Patient Discovery) 2つのNodeが、患者の名寄せを行うためのシステム UDDI 一意に特定出来なかった場合には、属性を追加して再問合せ 1. End Point候補ください 2. 候補一覧 node1 3.氏名・生年月日・他 MPI node2 4.Patient ID, 属性 Master Person Index
NHIN Discovery and Information Services 13 ドキュメントIDとドキュメントの取得 Health Information Event Messaging (Pub/Sub) Document Submission (Push) Node 1 1. Patient ID Node 2 2. Doc ID 3. Doc ID HIO 5. Document 4. Authz
NHIN Specs 14 Access Consent Policies Production Specification - v1.0 [PDF - 176 KB] Administrative Distribution Production Specification - v2.0 [PDF - 157 KB] Authorization Framework Production Specification v2.0 [PDF - 256 KB] Document Submission Production Specification v2.0 [PDF -200 KB] Health Information Event Messaging Production Specification v2.0 [PDF - 152 KB] Messaging Platform Production Specification v2.0 [PDF - 248 KB] Patient Discovery Production Specification v1.0 [PDF - 214 KB] Query for Documents Production Specification v2.0 [PDF - 212 KB] Retrieve Documents Production Specification v2.0 [PDF - 178 KB] Web Services Registry Production Specification v2.0 [PDF - 378 KB] http://healthit.hhs.gov/portal/server.pt/community/healthit_hhs_gov__nhin_exchange/1407
Meaningful Use 15 医療データ電子提供化インセンティブ The American Recovery and Reinvestment Act of 2009 (ARRA) authorizes the Centers for Medicare & Medicaid Services (CMS) to provide reimbursement incentives for eligible professionals and hospitals who are successful in becoming “meaningful users” of certified electronic health record (EHR) technology. Beginning in January 2010, meaningful use will play a prominent role in NHIN development.
Patient IDSystem (PIDS) 16 ®
PIDSの目的 17 PIDS全体の目的 Patient ID Service (PIDS) プロジェクトは、患者が自分の健康情報にアクセスしたり処理したりすることができるようにするための、Web上の認証サービスを作ります。 PIDSプロジェクトで作られたコードは、Apacheライセンスで提供され、各ベンダーが互換性の高い実装を提供するにあたっての、有用な素材を提供します。 PIDSプロジェクトのフェーズ1では、要件定義を行い、一つないし二つのアーキテクチャ案を提示し、フェーズ2におけるモデル実装、テスト、および認定サービスの開発の用に資するものとします。 OpenIDファウンデーション・ジャパンにとっての目的 PIDSのコンテキストの中でのOpenIDの有用性の立証 上記を用いた、OpenIDプロモーションマテリアルの獲得 Ph.2 での会員企業の参加&ノウハウ獲得機会の提供
18 プロジェクト体制 Joint Steering Committee Kantara Inititative (Board Member, LC Member), eCitizen Foundation (Board Member) Project Sponsor US$20,000(Ph.1) Matthew Gardiner, President, KI (Executive Adviser) Requirements Ray Campbell, Executive Director, Mass. Health Data Consortium, eCitizens Foundation (実施責任者) Dan Combs Dazza Greenwood Daniel Bennet (出所)eCitizen_Kantara_healthidpilot v.5 を元に NRI
19 プロジェクトメンバー経歴 Ray Campbell Executive Director, Massachusetts Health Data Consortium Dan Combs CEO, eCitizen Foundation Chair, EC3 Real ID Workgroup & Program Director, MIT Real ID Forum Director, Digital Government, State of Iowa (200-2003) Dazza Greenwood Co-Founder & ED, eCitizen Foundation 弁護士、MIT Medialab 講師(1997-2007)、LegalXML E-Contract 委員会委員長(OASIS) 他 Daniel Bennet CTO, eCitizen Foundation W3C’s eGov Interest Group Invited Expert 米国 Paperwork Elimination Act 、電子署名法 共同起草者
Patient ID System Vision Video 20
21 Kantara – Patient NHIN Login Project 試験結果、課題リスト、処方薬リスト、薬剤アレルギーリスト、 予防接種、退院要約、退院後指導書 ICAM compatible/ certified Service?? Personal Health Records (un-tethered) Patient DI Federated SSO + Directory LoA2 Issues: PHRs must be trusted by NHIN (policy, legal framework) PHRs should/must support SAML? OpenID? PHRs could be run by various groups Information could exist on cell phones Patient e.g. Microsoft, Google Patient NHIN Service Gateway Patient Preferences / Authorization Service TLS NHIN Gateway Internet TLS TLS Doctor / Providers Doctor / Providers NHIN Gateway TLS NHIN Gateway TLS LoA3 LoA3 Federated SSO + Directory Federated SSO + Directory Minnesota Health Information Exchange Massachusetts Health Information Exchange VERY DRAFT – FOR DISCUSSION ONLY – 2-22-2010 (出所)Kantara Healthcare IAWG 2010-02-22資料を元にNRI
ゴール 22 PIDSプロジェクトは以下のゴールを目指しています。 Kantara Initiative の Identity Assurance Framework の適用可能性を実証する。 NSTICの目標の実現可能性を実証する。 多様なクレデンシャルを用いてユーザーが利用出来るサービスを構築し、それが「ONC Meaningful Use基準」に合致させることが可能であることを示す。 Health Information Exchange 、Helth Benefit Exchange 他のシステムの構築に資する認証システムのモデル実装を構築する。 公共・民間双方の各種ステークホルダーを引きこみ、PIDSに必要なインプットを得る。 必要とされていながら現在存在していない「ギャップ」を発見する。
23 Goal: Health care simplified authentication 【ご参考】 Health Information Exchange - HIE Health Information Systems – Clinics, Hospitals, etc Interoperability for ,[object Object]
Clinical Document Exchange
Privacy and SecurityHIE Gateway EMR Hospitals HIE Gateway Payors EMR RLS HIE Gateway HIE Gateway PHR HIE Member Users Simplified Sign Ons: to Clinics, Google Health, MS HealthVault, etc, or via iPhone or similar smartphone apps Patient Logins Simplified Sign Ons Clinics Healthcare Workers Patients (出所)Kantara Initiative Healthcare IAWG 2009-10-22資料
進捗状況と今後の予定 24 NISTとOIXで共同開催。eCitizenがStakeholderに関してプレゼン NISTとeCitizen Fで共同開催 ▲OIX総会 ▲NSTIC Governance ▲EIDカンファレンス ▲NSTIC Privacy ▲Kantara総会 ▲PIDSカンファレンス 対象を拡大 ▲ ※NSTIC正式発表に伴い、要件取り込みおよびスケジュールの調整を実施
機能要件~患者の視点 25 患者がPIDS Account作成 PIDS OpenID Identifierの発行>患者 外部のPIDS accountへの結びつけ SAFE PIV Mobile phone Smart phone 患者はRPにPIDSクレデンシャルを用いてログイン RPはより高い認証レベルを要求可能 患者はPIDS accountへのアクセス許可を設定 通常時参照許可 緊急時参照許可(特に医療関係者用) 患者はPIDSシステムから様々なレポートを生成 (activity logs, linked accounts)
HIT Policy Committee Privacy and Security Tiger Team (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
Architectural Super Structure 27 (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
Simplified Patient Log-On 28 (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
Simplified Patient Log-On 29 (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
Simplified Patient-Controlled Sharing 30 (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
Complex, Robust Back-End Rules & Policy-Based Auditable Access Control 31 (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
Open Architecture Enables Markets (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
2 – Authenticate Open ID Server 3 - Retrieve 1 – Login Additional Info Credentials display PHR login Patient X Indivo (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
Actors and Elements of PIDS The actors and elements of the PIDS component include: Patient PHR Service PIDS services Registration Authority Identity Proofing Enrollment Issuance (or adoption) of Identifier Issuance (or adoption) of Identity Credential Authentication registration, discovery and implementation service Authorization and attribute registration, discovery and implementation service (e.g. PDP with XACML) Relying Parties outside of NHIN Relying Party Registries Health care standard APIs or translation services Health care providers within NHIN Personal health and wellness devices Smart Phone health and wellness apps Other services on the web 34
Interfaces, Connectors & Adapters 35 NwHINGateway Direct Project Indivo/Dossia Personal Health Platform*1 Microsoft Health Vault Health & Wellness Apps on Android and iPhone Devices Personal Medical Devices and Appliances Back-End EMR, EHR and MPI Systems *1 インテル、ウォルマートなどの共同PHR。オープンソースPHRのIndivoを採用
Modular "Component" Approach 36 PIDS Component Contains Services and Data Stores  Legal and Policy Interoperability and Modularity  Interfaces Points With External Systems/Services  Features of ID Service Component Approach:  Capacity to Upgrade Components and Not Interfaces  Capacity to Replace Component and Not Interfaces  Capacity to Maintain Component and Replace Interfaces
General Security Requirements 37 A holistic approach to information security – Address Inspector General’s report on “Audit of Information Technology Security Included in Health Information Technology Standards” ( A-18-09-30160) HIPAA Security Rule - Examples of the weakness identified at the eight hospitals: unprotected wireless networks, lack of vendor support for OSs, inadequate system patching, outdated or missing antivirus software, lack of encryption of data on portable devices and media, lack of system event logging or review, shared user accounts,   excessive user access and administrative rights. encrypting data stored on mobile devices, such as compact disks (CD) and thumb drives; requiring two-factor authentication when remotely accessing an HIT system; patching the operating systems (OS) of computer systems that process and store EHR. Inspector General “HIPAA does not provides adequate general IT security”
List of Technical Components A simple account system with identity information from each account holding patient information, including first, last name, phone, address, etc. A URI/URL for each Patient Account A SAML 2.0 service that can send each Relying Party (Shibboleth) PIDS URI/URL or OID and either the Patient URI/URL or another OID to that Relying Party PIDS Credentials An OpenID service An Advanced Credential issuance or adoption service (enabling a patient to use, bind and/or link different identity credentials to their PIDS account) Advanced credential 1 is an X.509v3 digital certificate (optional) Advanced credential 2a is a Registered Mobile Phone for voice and/or text and/or keypad-based verification (optional) Advanced credential 2b is a Registered Smart Phone for 2a functions plus... (optional) Advanced credential 3 is an RSA Data Security Key Fob (optional) Advanced credential 4 is a PIV, PIV-I or other variations of these Cards (optional) (option) An Authentication as a Service account linkage, enabling the account credentials to be linked to KBA, crypto-based and other methods (option) An Authorization as a Service account linkage, enabling the account credential to be linked to UACS/RBAC and XACML types of services (option) An eSignature Service, enabling the use of credential to assent to or otherwise approve a document, signify consent or perform other related transactions Credential Suspension/De-linking/De-binding and Termination Service (option) Time Stamp Service and other real-time audit-friendly tools (e.g. GIS, HTTP logs, etc) Audit and Logging Service OpenID Connect and Oauth Services 38
Legal Architecture Roles and Relatioship Tbd Legal Design Spec. Federation PoV Patient PoV RP PoV IdPPoV AS PoV Multilateral Contract Operating Rules and Trust Framework Governance Dispute Resolution Recourse Records Retention and Audit Privacy and FIPPs Participation Agreements Patients Relying Party Provider Apps/Service 39
Legal Ecosystem 40 Statutes & Regulations Government Policies and Procedures Accreditation, Certification, Licensing Contracts and ToS Interest Groups and Oversight Organizations Advocacy and Internal Controls, Ombuds & Dispute Resolution
Next Steps 41 Ph.1 報告書の完成 Ph.1.5 – Ph.2 参加者の確定 LOI – Scopeの明確な定義 Ph.2 パイロットシステム Agile Development Funding Ideas MIT Media Lab と New Media Medicing group と共同で科研費を取得 NSTICパイロット予算の獲得 産業界からの参加者
42 &

Recomendados

Gynocular
GynocularGynocular
GynocularDr Raja P Pappu
 
UMA as Authorization mechanism for IoT: a healthcare scenario
UMA as Authorization mechanism for IoT: a healthcare scenarioUMA as Authorization mechanism for IoT: a healthcare scenario
UMA as Authorization mechanism for IoT: a healthcare scenarioDomenico Catalano
 
DSA/M3 Serviceofferings
DSA/M3 ServiceofferingsDSA/M3 Serviceofferings
DSA/M3 Serviceofferingsmarymaz
 
Authenticated Document/Data Exchange
Authenticated Document/Data ExchangeAuthenticated Document/Data Exchange
Authenticated Document/Data ExchangeNathaniel Palmer
 
User-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management PlatformUser-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management PlatformDomenico Catalano
 
HITCON_IM
HITCON_IMHITCON_IM
HITCON_IMRaj Shah
 
Smart card kantara pids presentation grey
Smart card kantara pids presentation greySmart card kantara pids presentation grey
Smart card kantara pids presentation greyDan Combs
 
Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMA Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMAkantarainitiative
 

Recomendados

Gynocular
GynocularGynocular
GynocularDr Raja P Pappu
 
UMA as Authorization mechanism for IoT: a healthcare scenario
UMA as Authorization mechanism for IoT: a healthcare scenarioUMA as Authorization mechanism for IoT: a healthcare scenario
UMA as Authorization mechanism for IoT: a healthcare scenarioDomenico Catalano
 
DSA/M3 Serviceofferings
DSA/M3 ServiceofferingsDSA/M3 Serviceofferings
DSA/M3 Serviceofferingsmarymaz
 
Authenticated Document/Data Exchange
Authenticated Document/Data ExchangeAuthenticated Document/Data Exchange
Authenticated Document/Data ExchangeNathaniel Palmer
 
User-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management PlatformUser-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management PlatformDomenico Catalano
 
HITCON_IM
HITCON_IMHITCON_IM
HITCON_IMRaj Shah
 
Smart card kantara pids presentation grey
Smart card kantara pids presentation greySmart card kantara pids presentation grey
Smart card kantara pids presentation greyDan Combs
 
Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMA Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMAkantarainitiative
 
SAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectSAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectUbisecure
 
Entrust Solutions Portfolio
Entrust Solutions PortfolioEntrust Solutions Portfolio
Entrust Solutions PortfolioEntrust Datacard
 
Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMAProtecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMADomenico Catalano
 
IDoT: Challenges from the IDentities of Things Landscape
IDoT: Challenges from the IDentities of Things LandscapeIDoT: Challenges from the IDentities of Things Landscape
IDoT: Challenges from the IDentities of Things Landscapekantarainitiative
 
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2dP2PSystem
 
Multi-Factor Authentication & Authorisation
Multi-Factor Authentication & AuthorisationMulti-Factor Authentication & Authorisation
Multi-Factor Authentication & AuthorisationUbisecure
 
Trabajo de economia
Trabajo de economiaTrabajo de economia
Trabajo de economiaPablo Sforza Rodríguez
 
Salta La Linda
Salta La LindaSalta La Linda
Salta La Lindaguest51210b
 
Traballo De EconomíA
Traballo De EconomíATraballo De EconomíA
Traballo De EconomíAPablo Sforza Rodríguez
 
国民ID制度とトラスト・フレームワーク
国民ID制度とトラスト・フレームワーク国民ID制度とトラスト・フレームワーク
国民ID制度とトラスト・フレームワークNat Sakimura
 
Investigacion De Mercado
Investigacion De MercadoInvestigacion De Mercado
Investigacion De Mercadomarizion
 
Vesko
VeskoVesko
Veskoguestae086d9
 
Salta La Linda
Salta La LindaSalta La Linda
Salta La Lindaguest51210b
 
Smartphone Native Application OP
Smartphone Native Application OPSmartphone Native Application OP
Smartphone Native Application OPNat Sakimura
 
final cut
final cutfinal cut
final cutmeagan hollingsworth
 
Sharing the Success of OpenID Japan Success
Sharing the Success of OpenID Japan SuccessSharing the Success of OpenID Japan Success
Sharing the Success of OpenID Japan SuccessNat Sakimura
 
Introduction to OpenID TX proposed extension
Introduction to OpenID TX proposed extensionIntroduction to OpenID TX proposed extension
Introduction to OpenID TX proposed extensionNat Sakimura
 
Open idとcyber空間
Open idとcyber空間Open idとcyber空間
Open idとcyber空間Nat Sakimura
 
OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91Nat Sakimura
 
Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011Nat Sakimura
 
Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGNat Sakimura
 

Más contenido relacionado

La actualidad más candente

SAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectSAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectUbisecure
 
Entrust Solutions Portfolio
Entrust Solutions PortfolioEntrust Solutions Portfolio
Entrust Solutions PortfolioEntrust Datacard
 
Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMAProtecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMADomenico Catalano
 
IDoT: Challenges from the IDentities of Things Landscape
IDoT: Challenges from the IDentities of Things LandscapeIDoT: Challenges from the IDentities of Things Landscape
IDoT: Challenges from the IDentities of Things Landscapekantarainitiative
 
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2dP2PSystem
 
Multi-Factor Authentication & Authorisation
Multi-Factor Authentication & AuthorisationMulti-Factor Authentication & Authorisation
Multi-Factor Authentication & AuthorisationUbisecure
 

La actualidad más candente (6)

SAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectSAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID Connect
 
Entrust Solutions Portfolio
Entrust Solutions PortfolioEntrust Solutions Portfolio
Entrust Solutions Portfolio
 
Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMAProtecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMA
 
IDoT: Challenges from the IDentities of Things Landscape
IDoT: Challenges from the IDentities of Things LandscapeIDoT: Challenges from the IDentities of Things Landscape
IDoT: Challenges from the IDentities of Things Landscape
 
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
 
Multi-Factor Authentication & Authorisation
Multi-Factor Authentication & AuthorisationMulti-Factor Authentication & Authorisation
Multi-Factor Authentication & Authorisation
 

Destacado

国民ID制度とトラスト・フレームワーク
国民ID制度とトラスト・フレームワーク国民ID制度とトラスト・フレームワーク
国民ID制度とトラスト・フレームワークNat Sakimura
 
Investigacion De Mercado
Investigacion De MercadoInvestigacion De Mercado
Investigacion De Mercadomarizion
 
Smartphone Native Application OP
Smartphone Native Application OPSmartphone Native Application OP
Smartphone Native Application OPNat Sakimura
 
Sharing the Success of OpenID Japan Success
Sharing the Success of OpenID Japan SuccessSharing the Success of OpenID Japan Success
Sharing the Success of OpenID Japan SuccessNat Sakimura
 
Introduction to OpenID TX proposed extension
Introduction to OpenID TX proposed extensionIntroduction to OpenID TX proposed extension
Introduction to OpenID TX proposed extensionNat Sakimura
 
Open idとcyber空間
Open idとcyber空間Open idとcyber空間
Open idとcyber空間Nat Sakimura
 
OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91Nat Sakimura
 
Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011Nat Sakimura
 
Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGNat Sakimura
 
Oidc how it solves your problems
Oidc how it solves your problemsOidc how it solves your problems
Oidc how it solves your problemsNat Sakimura
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectNat Sakimura
 

Destacado (18)

Trabajo de economia
Trabajo de economiaTrabajo de economia
Trabajo de economia
 
Salta La Linda
Salta La LindaSalta La Linda
Salta La Linda
 
Traballo De EconomíA
Traballo De EconomíATraballo De EconomíA
Traballo De EconomíA
 
国民ID制度とトラスト・フレームワーク
国民ID制度とトラスト・フレームワーク国民ID制度とトラスト・フレームワーク
国民ID制度とトラスト・フレームワーク
 
Investigacion De Mercado
Investigacion De MercadoInvestigacion De Mercado
Investigacion De Mercado
 
Vesko
VeskoVesko
Vesko
 
Salta La Linda
Salta La LindaSalta La Linda
Salta La Linda
 
Smartphone Native Application OP
Smartphone Native Application OPSmartphone Native Application OP
Smartphone Native Application OP
 
final cut
final cutfinal cut
final cut
 
Sharing the Success of OpenID Japan Success
Sharing the Success of OpenID Japan SuccessSharing the Success of OpenID Japan Success
Sharing the Success of OpenID Japan Success
 
Introduction to OpenID TX proposed extension
Introduction to OpenID TX proposed extensionIntroduction to OpenID TX proposed extension
Introduction to OpenID TX proposed extension
 
Open idとcyber空間
Open idとcyber空間Open idとcyber空間
Open idとcyber空間
 
OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91
 
Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011
 
Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
 
Oidc how it solves your problems
Oidc how it solves your problemsOidc how it solves your problems
Oidc how it solves your problems
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID Connect
 

Similar a 20110706 PIDSプロジェクト中間報告

Health Information Flows Technical Standards - V 0.5
Health Information Flows Technical Standards - V 0.5Health Information Flows Technical Standards - V 0.5
Health Information Flows Technical Standards - V 0.5ProductNation/iSPIRT
 
Health Identity Management & Role-Based Access Control in a Federated NHIN - ...
Health Identity Management & Role-Based Access Control in a Federated NHIN - ...Health Identity Management & Role-Based Access Control in a Federated NHIN - ...
Health Identity Management & Role-Based Access Control in a Federated NHIN - ...Richard Moore
 
Healthcare Identity Management and Role-Based Access in a Federated NHIN - Th...
Healthcare Identity Management and Role-Based Access in a Federated NHIN - Th...Healthcare Identity Management and Role-Based Access in a Federated NHIN - Th...
Healthcare Identity Management and Role-Based Access in a Federated NHIN - Th...Richard Moore
 
HIMSS GSA e-Authentication whitepaper June 2007
HIMSS GSA e-Authentication whitepaper June 2007HIMSS GSA e-Authentication whitepaper June 2007
HIMSS GSA e-Authentication whitepaper June 2007Richard Moore
 
How to Manage API Services From Azure Healthcare APIs
How to Manage API Services From Azure Healthcare APIsHow to Manage API Services From Azure Healthcare APIs
How to Manage API Services From Azure Healthcare APIsJohn Metthew
 
Healthcare in the Clouds
Healthcare in the CloudsHealthcare in the Clouds
Healthcare in the CloudsGail Wilcox
 
Privacy on FHIR Demo at HIMSS!5
Privacy on FHIR Demo at HIMSS!5Privacy on FHIR Demo at HIMSS!5
Privacy on FHIR Demo at HIMSS!5agropper
 
Digital transformation of health insurance
Digital transformation of health insurance Digital transformation of health insurance
Digital transformation of health insurance vikasr2508
 
CONNECT: An Open Source Platform for Promoting Military Health
CONNECT: An Open Source Platform for Promoting Military HealthCONNECT: An Open Source Platform for Promoting Military Health
CONNECT: An Open Source Platform for Promoting Military HealthJoshua L. Davis
 
iUZ.Talk - Cross-border Interoperability
iUZ.Talk - Cross-border InteroperabilityiUZ.Talk - Cross-border Interoperability
iUZ.Talk - Cross-border InteroperabilityiUZ_Technologies
 
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...Profesia Srl, Lynx Group
 
ONC2019 #interopforum Blue Button 2.0 lessons-learned
ONC2019 #interopforum Blue Button 2.0 lessons-learnedONC2019 #interopforum Blue Button 2.0 lessons-learned
ONC2019 #interopforum Blue Button 2.0 lessons-learnedMark Scrimshire
 
Personal Health Record over Encrypted Data Using Cloud Service
Personal Health Record over Encrypted Data Using Cloud ServicePersonal Health Record over Encrypted Data Using Cloud Service
Personal Health Record over Encrypted Data Using Cloud ServiceYogeshIJTSRD
 
Tanya National Health Policies NDHM PResentation
Tanya National Health Policies NDHM PResentationTanya National Health Policies NDHM PResentation
Tanya National Health Policies NDHM PResentationTanyaGarg99
 
healthcare-web-development-trends-how-to-stay-updated-with-latest-ones.pdf
healthcare-web-development-trends-how-to-stay-updated-with-latest-ones.pdfhealthcare-web-development-trends-how-to-stay-updated-with-latest-ones.pdf
healthcare-web-development-trends-how-to-stay-updated-with-latest-ones.pdfPixelQA
 
Ndhm presentation-for-stakeholder-consultation-hospitals-diagnostic-centres-i...
Ndhm presentation-for-stakeholder-consultation-hospitals-diagnostic-centres-i...Ndhm presentation-for-stakeholder-consultation-hospitals-diagnostic-centres-i...
Ndhm presentation-for-stakeholder-consultation-hospitals-diagnostic-centres-i...Manish Nachnani
 
N ye c-rfp-two-factor-authentication
N ye c-rfp-two-factor-authenticationN ye c-rfp-two-factor-authentication
N ye c-rfp-two-factor-authenticationHai Nguyen
 

Similar a 20110706 PIDSプロジェクト中間報告 (20)

Health Information Flows Technical Standards - V 0.5
Health Information Flows Technical Standards - V 0.5Health Information Flows Technical Standards - V 0.5
Health Information Flows Technical Standards - V 0.5
 
Health Identity Management & Role-Based Access Control in a Federated NHIN - ...
Health Identity Management & Role-Based Access Control in a Federated NHIN - ...Health Identity Management & Role-Based Access Control in a Federated NHIN - ...
Health Identity Management & Role-Based Access Control in a Federated NHIN - ...
 
Healthcare Identity Management and Role-Based Access in a Federated NHIN - Th...
Healthcare Identity Management and Role-Based Access in a Federated NHIN - Th...Healthcare Identity Management and Role-Based Access in a Federated NHIN - Th...
Healthcare Identity Management and Role-Based Access in a Federated NHIN - Th...
 
HIMSS GSA e-Authentication whitepaper June 2007
HIMSS GSA e-Authentication whitepaper June 2007HIMSS GSA e-Authentication whitepaper June 2007
HIMSS GSA e-Authentication whitepaper June 2007
 
How to Manage API Services From Azure Healthcare APIs
How to Manage API Services From Azure Healthcare APIsHow to Manage API Services From Azure Healthcare APIs
How to Manage API Services From Azure Healthcare APIs
 
Healthcare in the Clouds
Healthcare in the CloudsHealthcare in the Clouds
Healthcare in the Clouds
 
Privacy on FHIR Demo at HIMSS!5
Privacy on FHIR Demo at HIMSS!5Privacy on FHIR Demo at HIMSS!5
Privacy on FHIR Demo at HIMSS!5
 
Electronic Health Record Standardisation in India
Electronic Health Record Standardisation in IndiaElectronic Health Record Standardisation in India
Electronic Health Record Standardisation in India
 
Digital transformation of health insurance
Digital transformation of health insurance Digital transformation of health insurance
Digital transformation of health insurance
 
CONNECT: An Open Source Platform for Promoting Military Health
CONNECT: An Open Source Platform for Promoting Military HealthCONNECT: An Open Source Platform for Promoting Military Health
CONNECT: An Open Source Platform for Promoting Military Health
 
iUZ.Talk - Cross-border Interoperability
iUZ.Talk - Cross-border InteroperabilityiUZ.Talk - Cross-border Interoperability
iUZ.Talk - Cross-border Interoperability
 
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...
 
Startup bootcamp 2
Startup bootcamp 2Startup bootcamp 2
Startup bootcamp 2
 
ONC2019 #interopforum Blue Button 2.0 lessons-learned
ONC2019 #interopforum Blue Button 2.0 lessons-learnedONC2019 #interopforum Blue Button 2.0 lessons-learned
ONC2019 #interopforum Blue Button 2.0 lessons-learned
 
Personal Health Record over Encrypted Data Using Cloud Service
Personal Health Record over Encrypted Data Using Cloud ServicePersonal Health Record over Encrypted Data Using Cloud Service
Personal Health Record over Encrypted Data Using Cloud Service
 
Tanya National Health Policies NDHM PResentation
Tanya National Health Policies NDHM PResentationTanya National Health Policies NDHM PResentation
Tanya National Health Policies NDHM PResentation
 
healthcare-web-development-trends-how-to-stay-updated-with-latest-ones.pdf
healthcare-web-development-trends-how-to-stay-updated-with-latest-ones.pdfhealthcare-web-development-trends-how-to-stay-updated-with-latest-ones.pdf
healthcare-web-development-trends-how-to-stay-updated-with-latest-ones.pdf
 
Ndhm presentation-for-stakeholder-consultation-hospitals-diagnostic-centres-i...
Ndhm presentation-for-stakeholder-consultation-hospitals-diagnostic-centres-i...Ndhm presentation-for-stakeholder-consultation-hospitals-diagnostic-centres-i...
Ndhm presentation-for-stakeholder-consultation-hospitals-diagnostic-centres-i...
 
Master Class on EMR/EHR Standards by Baljit Singh Bedi,
Master Class on EMR/EHR Standards by Baljit Singh Bedi,Master Class on EMR/EHR Standards by Baljit Singh Bedi,
Master Class on EMR/EHR Standards by Baljit Singh Bedi,
 
N ye c-rfp-two-factor-authentication
N ye c-rfp-two-factor-authenticationN ye c-rfp-two-factor-authentication
N ye c-rfp-two-factor-authentication
 

Más de Nat Sakimura

FAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにFAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにNat Sakimura
 
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the FutureOpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the FutureNat Sakimura
 
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English TranslationNat Sakimura
 
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesIntroduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesNat Sakimura
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileNat Sakimura
 
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WGNat Sakimura
 
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革Nat Sakimura
 
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Nat Sakimura
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateNat Sakimura
 
API Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGAPI Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGNat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGNat Sakimura
 
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴールNat Sakimura
 
Transient client secret extension
Transient client secret extensionTransient client secret extension
Transient client secret extensionNat Sakimura
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect Nat Sakimura
 
サイバー空間上の信頼フレームワークとパーソナルデータ経済
サイバー空間上の信頼フレームワークとパーソナルデータ経済サイバー空間上の信頼フレームワークとパーソナルデータ経済
サイバー空間上の信頼フレームワークとパーソナルデータ経済Nat Sakimura
 

Más de Nat Sakimura (16)

FAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにFAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのために
 
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the FutureOpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
 
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation
 
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesIntroduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth Profile
 
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
 
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
 
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 Update
 
API Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGAPI Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WG
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
 
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
 
Transient client secret extension
Transient client secret extensionTransient client secret extension
Transient client secret extension
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect
 
サイバー空間上の信頼フレームワークとパーソナルデータ経済
サイバー空間上の信頼フレームワークとパーソナルデータ経済サイバー空間上の信頼フレームワークとパーソナルデータ経済
サイバー空間上の信頼フレームワークとパーソナルデータ経済
 
Closing Note
Closing NoteClosing Note
Closing Note
 

Último

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 

Último (20)

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 

20110706 PIDSプロジェクト中間報告

  • 3. NHINとは 3 2004 に開始された、米国全土にまたがる健康情報交換インフラプロジェクト Health Information Exchange (HIE) 及び他の期間との間での健康情報の発見と取得を可能にする 患者情報のサマリーを提供して、患者ケアや患者の健康増進に役立てる 情報交換は安全に行う すべての参加者が同意し遵守する、信頼の基となる契約書を作成する 国民背番号無くして患者とデータをひもづけることを可能にする ステークホルダーが任意で同意する標準のハーモニゼーションをサポートする
  • 4. 主なユースケース 4 Emergency Responder-Electronic Health Record Electronic Health Record – Lab Results Medication Management Consumer Empowerment-Consumer Access to Clinical Information Consumer Empowerment- Registration and Medication History Quality Biosurveillance
  • 5. 5 Data Use and Reciprocal Support Agreement (出所) (NHIN) Architecture Overview v.1.0 1/29/2010
  • 6. Architecture Principles 分散 自立・自治 ローカル・アカウンタビリティ 標準準拠 SOA Webサービスの利用 仕様ドリブン 認可フレームワーク メッセージング・プラットフォーム 患者ディスカバリ ドキュメント発見 ドキュメント取得 Health Information Event Messaging (HIEM) Document Submission Access Consent Policies Geocoded Interoperable Population Summary Exchange (GIPSE) Profile CARE (Continuity Assessment Record and Evaluation) Profile PKIをセキュリティのベースとして利用 6 (出所) (NHIN) Architecture Overview v.1.0 1/29/2010 を基にOIDF-J
  • 7. Architecture Requirements 7 参加者間での健康データの交換 背番号なしで患者をかれらの情報にマッピング データ交換に関して、患者の希望を尊重できること 安全なデータ交換 標準準拠 多くの機関や技術、アプローチ方法をサポート 参加者全員がサインできる Trust Agreement (出所) (NHIN) Architecture Overview v.1.0 1/29/2010 を基にOIDF-J
  • 8. NHIN Network Zones 8 HIO: Health Information Org (出所) (NHIN) Architecture Overview v.1.0 1/29/2010
  • 9. NHIN Architecture Layers 9 HIO zone NHIN zone Infrastructure zone (出所) (NHIN) Architecture Overview v.1.0 1/29/2010 を基にOIDF-J
  • 10. NHIN Operational Infrastructure Components 10 (出所)Puscas, “NHIN Operational Infrastructure Architecture Document”, 2009 をもとにOIDF-J
  • 11. NHIN Messaging, Security & Privacy Foundation 11 Messaging Platform Spec. WS-I Basic v.2.0 WS-I Security v.1.1 Authorization Framework 個人の認証はSAML2.0ベースで。 Requester, Date and Time 属性 Authorized Decision Statement Authorization Framework
  • 12. NHIN Discovery and Information Services 12 NHIN Discovery and Information Services UDDIでEnd Pointを検索 患者の発見(Patient Discovery) 2つのNodeが、患者の名寄せを行うためのシステム UDDI 一意に特定出来なかった場合には、属性を追加して再問合せ 1. End Point候補ください 2. 候補一覧 node1 3.氏名・生年月日・他 MPI node2 4.Patient ID, 属性 Master Person Index
  • 13. NHIN Discovery and Information Services 13 ドキュメントIDとドキュメントの取得 Health Information Event Messaging (Pub/Sub) Document Submission (Push) Node 1 1. Patient ID Node 2 2. Doc ID 3. Doc ID HIO 5. Document 4. Authz
  • 14. NHIN Specs 14 Access Consent Policies Production Specification - v1.0 [PDF - 176 KB] Administrative Distribution Production Specification - v2.0 [PDF - 157 KB] Authorization Framework Production Specification v2.0 [PDF - 256 KB] Document Submission Production Specification v2.0 [PDF -200 KB] Health Information Event Messaging Production Specification v2.0 [PDF - 152 KB] Messaging Platform Production Specification v2.0 [PDF - 248 KB] Patient Discovery Production Specification v1.0 [PDF - 214 KB] Query for Documents Production Specification v2.0 [PDF - 212 KB] Retrieve Documents Production Specification v2.0 [PDF - 178 KB] Web Services Registry Production Specification v2.0 [PDF - 378 KB] http://healthit.hhs.gov/portal/server.pt/community/healthit_hhs_gov__nhin_exchange/1407
  • 15. Meaningful Use 15 医療データ電子提供化インセンティブ The American Recovery and Reinvestment Act of 2009 (ARRA) authorizes the Centers for Medicare & Medicaid Services (CMS) to provide reimbursement incentives for eligible professionals and hospitals who are successful in becoming “meaningful users” of certified electronic health record (EHR) technology. Beginning in January 2010, meaningful use will play a prominent role in NHIN development.
  • 17. PIDSの目的 17 PIDS全体の目的 Patient ID Service (PIDS) プロジェクトは、患者が自分の健康情報にアクセスしたり処理したりすることができるようにするための、Web上の認証サービスを作ります。 PIDSプロジェクトで作られたコードは、Apacheライセンスで提供され、各ベンダーが互換性の高い実装を提供するにあたっての、有用な素材を提供します。 PIDSプロジェクトのフェーズ1では、要件定義を行い、一つないし二つのアーキテクチャ案を提示し、フェーズ2におけるモデル実装、テスト、および認定サービスの開発の用に資するものとします。 OpenIDファウンデーション・ジャパンにとっての目的 PIDSのコンテキストの中でのOpenIDの有用性の立証 上記を用いた、OpenIDプロモーションマテリアルの獲得 Ph.2 での会員企業の参加&ノウハウ獲得機会の提供
  • 18. 18 プロジェクト体制 Joint Steering Committee Kantara Inititative (Board Member, LC Member), eCitizen Foundation (Board Member) Project Sponsor US$20,000(Ph.1) Matthew Gardiner, President, KI (Executive Adviser) Requirements Ray Campbell, Executive Director, Mass. Health Data Consortium, eCitizens Foundation (実施責任者) Dan Combs Dazza Greenwood Daniel Bennet (出所)eCitizen_Kantara_healthidpilot v.5 を元に NRI
  • 19. 19 プロジェクトメンバー経歴 Ray Campbell Executive Director, Massachusetts Health Data Consortium Dan Combs CEO, eCitizen Foundation Chair, EC3 Real ID Workgroup & Program Director, MIT Real ID Forum Director, Digital Government, State of Iowa (200-2003) Dazza Greenwood Co-Founder & ED, eCitizen Foundation 弁護士、MIT Medialab 講師(1997-2007)、LegalXML E-Contract 委員会委員長(OASIS) 他 Daniel Bennet CTO, eCitizen Foundation W3C’s eGov Interest Group Invited Expert 米国 Paperwork Elimination Act 、電子署名法 共同起草者
  • 20. Patient ID System Vision Video 20
  • 21. 21 Kantara – Patient NHIN Login Project 試験結果、課題リスト、処方薬リスト、薬剤アレルギーリスト、 予防接種、退院要約、退院後指導書 ICAM compatible/ certified Service?? Personal Health Records (un-tethered) Patient DI Federated SSO + Directory LoA2 Issues: PHRs must be trusted by NHIN (policy, legal framework) PHRs should/must support SAML? OpenID? PHRs could be run by various groups Information could exist on cell phones Patient e.g. Microsoft, Google Patient NHIN Service Gateway Patient Preferences / Authorization Service TLS NHIN Gateway Internet TLS TLS Doctor / Providers Doctor / Providers NHIN Gateway TLS NHIN Gateway TLS LoA3 LoA3 Federated SSO + Directory Federated SSO + Directory Minnesota Health Information Exchange Massachusetts Health Information Exchange VERY DRAFT – FOR DISCUSSION ONLY – 2-22-2010 (出所)Kantara Healthcare IAWG 2010-02-22資料を元にNRI
  • 22. ゴール 22 PIDSプロジェクトは以下のゴールを目指しています。 Kantara Initiative の Identity Assurance Framework の適用可能性を実証する。 NSTICの目標の実現可能性を実証する。 多様なクレデンシャルを用いてユーザーが利用出来るサービスを構築し、それが「ONC Meaningful Use基準」に合致させることが可能であることを示す。 Health Information Exchange 、Helth Benefit Exchange 他のシステムの構築に資する認証システムのモデル実装を構築する。 公共・民間双方の各種ステークホルダーを引きこみ、PIDSに必要なインプットを得る。 必要とされていながら現在存在していない「ギャップ」を発見する。
  • 23.
  • 24. Clinical Document Exchange
  • 25. Privacy and SecurityHIE Gateway EMR Hospitals HIE Gateway Payors EMR RLS HIE Gateway HIE Gateway PHR HIE Member Users Simplified Sign Ons: to Clinics, Google Health, MS HealthVault, etc, or via iPhone or similar smartphone apps Patient Logins Simplified Sign Ons Clinics Healthcare Workers Patients (出所)Kantara Initiative Healthcare IAWG 2009-10-22資料
  • 26. 進捗状況と今後の予定 24 NISTとOIXで共同開催。eCitizenがStakeholderに関してプレゼン NISTとeCitizen Fで共同開催 ▲OIX総会 ▲NSTIC Governance ▲EIDカンファレンス ▲NSTIC Privacy ▲Kantara総会 ▲PIDSカンファレンス 対象を拡大 ▲ ※NSTIC正式発表に伴い、要件取り込みおよびスケジュールの調整を実施
  • 27. 機能要件~患者の視点 25 患者がPIDS Account作成 PIDS OpenID Identifierの発行>患者 外部のPIDS accountへの結びつけ SAFE PIV Mobile phone Smart phone 患者はRPにPIDSクレデンシャルを用いてログイン RPはより高い認証レベルを要求可能 患者はPIDS accountへのアクセス許可を設定 通常時参照許可 緊急時参照許可(特に医療関係者用) 患者はPIDSシステムから様々なレポートを生成 (activity logs, linked accounts)
  • 28. HIT Policy Committee Privacy and Security Tiger Team (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
  • 29. Architectural Super Structure 27 (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
  • 30. Simplified Patient Log-On 28 (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
  • 31. Simplified Patient Log-On 29 (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
  • 32. Simplified Patient-Controlled Sharing 30 (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
  • 33. Complex, Robust Back-End Rules & Policy-Based Auditable Access Control 31 (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
  • 34. Open Architecture Enables Markets (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
  • 35. 2 – Authenticate Open ID Server 3 - Retrieve 1 – Login Additional Info Credentials display PHR login Patient X Indivo (出所)Greenwood, Masson “Open Architecture for Patient Identity as a Service”, 2011
  • 36. Actors and Elements of PIDS The actors and elements of the PIDS component include: Patient PHR Service PIDS services Registration Authority Identity Proofing Enrollment Issuance (or adoption) of Identifier Issuance (or adoption) of Identity Credential Authentication registration, discovery and implementation service Authorization and attribute registration, discovery and implementation service (e.g. PDP with XACML) Relying Parties outside of NHIN Relying Party Registries Health care standard APIs or translation services Health care providers within NHIN Personal health and wellness devices Smart Phone health and wellness apps Other services on the web 34
  • 37. Interfaces, Connectors & Adapters 35 NwHINGateway Direct Project Indivo/Dossia Personal Health Platform*1 Microsoft Health Vault Health & Wellness Apps on Android and iPhone Devices Personal Medical Devices and Appliances Back-End EMR, EHR and MPI Systems *1 インテル、ウォルマートなどの共同PHR。オープンソースPHRのIndivoを採用
  • 38. Modular "Component" Approach 36 PIDS Component Contains Services and Data Stores  Legal and Policy Interoperability and Modularity  Interfaces Points With External Systems/Services  Features of ID Service Component Approach:  Capacity to Upgrade Components and Not Interfaces  Capacity to Replace Component and Not Interfaces  Capacity to Maintain Component and Replace Interfaces
  • 39. General Security Requirements 37 A holistic approach to information security – Address Inspector General’s report on “Audit of Information Technology Security Included in Health Information Technology Standards” ( A-18-09-30160) HIPAA Security Rule - Examples of the weakness identified at the eight hospitals: unprotected wireless networks, lack of vendor support for OSs, inadequate system patching, outdated or missing antivirus software, lack of encryption of data on portable devices and media, lack of system event logging or review, shared user accounts,   excessive user access and administrative rights. encrypting data stored on mobile devices, such as compact disks (CD) and thumb drives; requiring two-factor authentication when remotely accessing an HIT system; patching the operating systems (OS) of computer systems that process and store EHR. Inspector General “HIPAA does not provides adequate general IT security”
  • 40. List of Technical Components A simple account system with identity information from each account holding patient information, including first, last name, phone, address, etc. A URI/URL for each Patient Account A SAML 2.0 service that can send each Relying Party (Shibboleth) PIDS URI/URL or OID and either the Patient URI/URL or another OID to that Relying Party PIDS Credentials An OpenID service An Advanced Credential issuance or adoption service (enabling a patient to use, bind and/or link different identity credentials to their PIDS account) Advanced credential 1 is an X.509v3 digital certificate (optional) Advanced credential 2a is a Registered Mobile Phone for voice and/or text and/or keypad-based verification (optional) Advanced credential 2b is a Registered Smart Phone for 2a functions plus... (optional) Advanced credential 3 is an RSA Data Security Key Fob (optional) Advanced credential 4 is a PIV, PIV-I or other variations of these Cards (optional) (option) An Authentication as a Service account linkage, enabling the account credentials to be linked to KBA, crypto-based and other methods (option) An Authorization as a Service account linkage, enabling the account credential to be linked to UACS/RBAC and XACML types of services (option) An eSignature Service, enabling the use of credential to assent to or otherwise approve a document, signify consent or perform other related transactions Credential Suspension/De-linking/De-binding and Termination Service (option) Time Stamp Service and other real-time audit-friendly tools (e.g. GIS, HTTP logs, etc) Audit and Logging Service OpenID Connect and Oauth Services 38
  • 41. Legal Architecture Roles and Relatioship Tbd Legal Design Spec. Federation PoV Patient PoV RP PoV IdPPoV AS PoV Multilateral Contract Operating Rules and Trust Framework Governance Dispute Resolution Recourse Records Retention and Audit Privacy and FIPPs Participation Agreements Patients Relying Party Provider Apps/Service 39
  • 42. Legal Ecosystem 40 Statutes & Regulations Government Policies and Procedures Accreditation, Certification, Licensing Contracts and ToS Interest Groups and Oversight Organizations Advocacy and Internal Controls, Ombuds & Dispute Resolution
  • 43. Next Steps 41 Ph.1 報告書の完成 Ph.1.5 – Ph.2 参加者の確定 LOI – Scopeの明確な定義 Ph.2 パイロットシステム Agile Development Funding Ideas MIT Media Lab と New Media Medicing group と共同で科研費を取得 NSTICパイロット予算の獲得 産業界からの参加者
  • 44. 42 &
  • 45. 報告書もくじ-1 Executive Summary  Objective  Goals  Solution   Open Architecture   Public Infrastructure  Introduction  Requirements and Constraints   Use Cases, Field Survey and Requirements Gathering   Patient and Individual End-User Needs  Conceptual Solution Design and Options   Functional Description-Patient Perspective  Functional Description-Relying Party Perspective  Functional Description-External Credential Provider (?)  Actors and Elements of PIDS  List of Technical Components  Details of PIDS Process   PIDS Instance Host and Business Models   Process for Enrollment    Linkage to Identity Credentials and Token  PIDS Used with OpenID Connect Web Services  Functional Design Layers   1. Identity Service   2. Authentication Service   3. Authorization/Attribute Service  Legal Architecture   Roles and Relationships   Legal Design Specification 43
  • 46. 報告書もくじ-2 Phase 2 Development and Implementation Plan  Agile Coding and Waterfall Method  Phase 2 Pilot and Testing  Servers, Platforms, Applications, Services, Sub-Components and Partner Systems  Pilot Test System, Service and Test Cases: Certifications and Accreditation  NIST 800-63-1 Certified Level 1, 2 and 3 and FIPS 201 Authentication Products and Services  Release and Evolve  Budget Assumptions and Alternatives   Alternative Budget #1   Alternative Budget #2  Schedule Conclusion Contact Information 44