1 / 13

Implementing Secure Web Services using Professional Profile (Data Commons)

Implementing Secure Web Services using Professional Profile (Data Commons). MedBiquitous Annual Meeting ( May 10, 2011 ). Madhavkumar Iyer NBME miyer@nbme.org. Neal Swearer AAMC neal.swearer@aamc.org. What is Data Commons?.

esma
Télécharger la présentation

Implementing Secure Web Services using Professional Profile (Data Commons)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Implementing Secure Web Services using Professional Profile (Data Commons) MedBiquitous Annual Meeting (May 10, 2011) Madhavkumar Iyer NBME miyer@nbme.org Neal Swearer AAMC neal.swearer@aamc.org

  2. What is Data Commons? • An infrastructure for real-time creation of data sets across organizations in the House of Medicine based on agreements. • Developed jointly by NBME & AAMC. • Not a new repository. Data sets compiled from existing repositories and expunged after creation. • Organizational members build infrastructure collaboratively and own and operate it jointly. • Used to aggregate data sets for individuals, educational programs, institutions and educational research. • Individual medical professional can compile data for private self-assessment or to authorize public report-out of selected information. Data Commons

  3. Definitions Data Sharing Agreement Agreement between participating organizations for the exchange for data in real-time. Provider A participating organization providing data to Data Commons Invoker A participating organization requesting data from Data Commons IDMS Identity Matching Service to match or reconcile different identifiers used across multiple organizations for each medical professional. Data Commons

  4. System Architecture Data Commons

  5. System Features • Connects to certified Data Providers • Accepts requests only from member organizations • Requests are authenticated & authorized before retrieving data • Request/Response data is encrypted based on invoker’s 128 bit KEY • Requests validated using Authorization Certificate • Transactions logged without storing request/response data • Generic Web Service processes all requests from Invokers • Providers provide data using Web Services • All Web Services are of document/literal format and secured by SSL • Generic Request/Response XML data formats for Invoker/Provider Data Commons

  6. Technology • Application Server – J2EE 1.4 • Oracle Database 10g/11g • Java / PL-SQL • XML • SOAP 1.1 • WSDL 2.0 • AES 128 bit message encryption Data Commons

  7. Using MedBiquitous Professional Profile • The following operations uses MedBiquitous Professional Profile: • Get Enrolled Students • NBME gets updated enrolled student information for each school from AAMC • Get Matriculated Students • NBME gets new matriculants for each school from AAMC • IDMS Biographic Update • NBME and AAMC provide updates to IDMS Data Commons

  8. MedBiquitous Professional Profile - Sample Data Commons

  9. MedBiquitous XML Schemas • The MedBiquitous Healthcare Professional Profile Schema provides a data structure that allows one to represent one or more healthcare professionals in a standard format. • Data Commons uses version 1.0 of the following MedBiquitousXML schemas: • Member • Name • Address • Source: http://ns.medbiq.org/member/v1/ Data Commons

  10. Example 1: Using the MedBiquitous XML Schemas • GetStudentProfile web service operation • Request <DcomOutboundGetStudentProfileRequest xmlns="http://www.dcom.org/service"> <OperationName>GetStudentProfile</OperationName> <RequestPacket> <RequestHeader> <AamcId>12113983</AamcId> <MedicalSchoolCode>816</MedicalSchoolCode> </RequestHeader> </RequestPacket> <TransactionId>112312312318</TransactionId> </DcomOutboundGetStudentProfileRequest> Data Commons

  11. Example 1: Using the MedBiquitous XML Schemas • GetStudentProfile web service operation (continued) • Response <DcomOutboundGetStudentProfileResponse xmlns="http://www.dcom.org/service/getStudentProfile" xmlns:dcom=http://www.dcom.org/service xmlns:medAddress="http://ns.medbiq.org/address/v1/" xmlns:medMember="http://ns.medbiq.org/member/v1/" xmlns:medName="http://ns.medbiq.org/name/v1/"> …. </DcomOutboundGetStudentProfileResponse> Data Commons

  12. Example 1: Using the MedBiquitous XML Schemas • GetStudentProfile web service operation (continued) • Response <medMember:Members> <medMember:Member restrictions="Restricted"> <medMember:UniqueID domain="Member:USMLE ID">52153983</medMember:UniqueID> <medMember:UniqueID domain="Member:AAMC ID">12713993</medMember:UniqueID> … </medMember:Member> </medMember:Members> Data Commons

  13. Questions? Data Commons

More Related