Web Services using 使用网络服务.NET University of Virginia.pptVIP

Federated, Secure Trust Networks for Distributed Healthcare IT Services Industrial Informatics Applied to Healthcare Health Insurance Portability and Accountability Act of 1996 privacy of patient encounters security of patient data encryption of medical information when stored or transmitted access controls to retrieve information audit logs of data access Healthcare Informatics Portal Common medical data portal doctors, patients, staff see a customized view allied health services exchange information electronically Authentication of users biometric and conventional methods Authorization of access role-based access control model Strong encryption of all data All built on a web services model Federated, Secure Trust Networks for Distributed Healthcare IT Services Research Issues Authentication who are you? Mobile devices what capabilities do you have? Authorization what can you do? Encryption which algorithm? what length key? Shared trust off-network organizations Authentication Can support legacy techniques user ID and passwords, challenge-response Newer identification technologies smartcards, access keys Biometric identification fingerprints, iris scans signature analysis, voice recognition keyboard dynamics face, hand, finger, ear geometry Need web service that recognizes context-sensitive rules performs identification (multiple techniques) produces a token that verifies identity Fingerprints Iris Scans Mobile Devices Legitimate access is no longer limited to desktops or in-hospital devices Wave of the future includes PDAs (HP iPAQ Pocket PC h5455 with fingerprint scanner built-in) tablet PCs (handwriting recognition) cell phones (voice recognition) Personal authentication should work using the devices and capabilities available to the legitimate user Fingerprints with Wireless PDA Authorization Now that we know who you are, what are you allowed to do? Use role-based access control Roles for people with different privileges: attending physician referrin