Revised Proposal for Federated Directory Services (2009/10) Presented to IT Infrastructure Committee
This document outlines a comprehensive proposal from October 2009 for Federated Directory Services (FDS), emphasizing the necessity of directory profiles for effective distributed healthcare networks. It details mechanisms for forwarding directory queries across different topologies (P2P, master-slave, hierarchy) and outlines essential components such as separation of schemas from query management infrastructure and the autonomy of directory providers. The proposal incorporates suggested standards, schemas, and security considerations, aiming for integration with existing systems and enhancing cross-domain directory linkage.
Revised Proposal for Federated Directory Services (2009/10) Presented to IT Infrastructure Committee
E N D
Presentation Transcript
Federated Directory Services Revised Proposal for 2009/10 presented to the IT Infrastructure Planning Committee J. Caumanns, O. Rode, R. Kuhlisch, FHGISST 12 October 2009
Problem Statement • 2008: 1 Proposal for a directory profile • 2009: 3 Proposals for directory profiles • as use cases show, directories on services and organisations are a mandatory prerequisite for distributed healthcare networks • FDS Essentials: • Separation of schemas from query and mgmt. infrastructure • authonomy of directory providers • multiple deployment options: P2P, Master-Slave, Hierarchy, ....
The focus of the proposed implementable white paper is on the “envelope” for directory queries and on mechanisms for forwarding such queries among directory services in order to allow for the implementation of different directory topologies (e.g. hierarchy, master-slave, P2P, centralized). • The FDS actors and transactions will extend the existing PWP profile and the proposed profiles on configuration and provider directories with functionalities for cross-domain directory linkage.
FDS Directory Integration dir=HITPRProvider dir=HITPRProvider
Directory Schema Co-Existence dir=HITPRProvider dir=HITPRProvider DODS HITPR DSDS
Proposed Standards & Systems • DSML v2 to query (LDAP) directories • LDAP2UDDI adaptors available from industry • IHE PWP as basis and reference • RFC2798 (inetOrgPerson), RFC2256 (X500 user schema) • IHE ATNA for FDS Authenticity • IHE XUA to support access control • IHE White Paper on Cross-Community Information Exchange • Alternatives to discuss (in January....): • OMG IS (former EIS) • UDDI
Scope of the White Paper • Upper Directory Tree structure (more or less implied) • Client and P2P query transactions (DSML v2) • Registration of FDS for a certain domain • security issues (mainly ATNA)
Discussion • Editor: Fraunhofer ISST • Editing support by: Swisssign, ELGA, iSoft, ISPro • Estimated Effort: Low • Prototype implementation as “proof of concept” at Fraunhofer ISST • integration with eCR v1.4 (2010) planned and agreed with industry; deployment into running eCR pilot projects and running networks late 2010
WP Outline [#pages] • Use cases (incl. deployment and topology options): [3] • Multi-Schema support (IHE directory profiles): [2] • actors and transactions (functional): [2] • transaction specification (technical): [3] • security considerations (use of ATNA and XUA): [2] • management considerations (adding and removing directories): [2] • routing (optimization of query forwarding): [1] [15]
Discussion • Alternatives: • IHE ITI designs each directory service from scratch, including actors, transactions, and schemas • other IHE domains design directory schemas and transactions that then have to be integrated afterwards by ITI • Facts: • every distributed EHR needs a service directory. • No distributed EHR – No demand for directories (and vice versa) • No service directory – no distributed EHR • XUA makes no sense for safeguarding XDS etc. without an organisation directory
