1 / 13

Liberty Alliance Identity Assurance Framework

Liberty Alliance Identity Assurance Framework. from a practical point of view ... in a Danish context. Jan Riis jri lakeside.dk. @. IDTrust’08 - NIST - Gaithersburg - 2008-03-05. A little History. Danish Healthcare has been working 3 years with Identity Based Web Services

iwalani
Télécharger la présentation

Liberty Alliance Identity Assurance Framework

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Liberty Alliance Identity Assurance Framework from a practical point of view ... in a Danish context Jan Riis jri lakeside.dk @ IDTrust’08 - NIST - Gaithersburg - 2008-03-05

  2. A little History • Danish Healthcare has been working 3 years with Identity Based Web Services • 2005 MedCom and Danish Regions • ”Competed” for the first standard/profile • No governance towards standardization: • No Authentication levels defined • No high level architecture for WS communication • No criteria for assuring trust of key WSP’s

  3. Consequences • Parties started out with 6 levels of ”authenticity” • Some based on PKI • Some based on username/pwd • Some levels for ”delegated trust”(systems vouching for user authenticity) • Some levels target cross-cutting security properties(non-repudiation of messages etc.)

  4. There is a need for IAF! • ITST standardized authentication levels in 2006 for all public systems • Directly referred to NIST work • 2007 Health sector standards were aligned with national guidelines • Without the national/international standards, this would not have happened!

  5. Trust relationships? • NIST Authentication levels does not relate directly to “trust” • So how will the concept of “trust” be used in Danish Health Care? • Enter: “Digital Health Denmark” • Aims at increasing treatment quality by “enabling” access to all relevant information

  6. A few years from now? Public Regional Solutions Other Health Solutions Governmental services (eg. public Medication/Prescription) Private HospitalSolutions Private Practitioners Solutions

  7. Solution 1 - establish trust? Public Regional Solutions Other Health Solutions S T S S T S Governmental services (eg. public Medication/Prescription) Private HospitalSolutions Private Practitioners Solutions S T S S T S

  8. Solution 2 - National ESB+PKI? Other Health Solutions Public Regional Solutions NationalESB+STSsolution Private Practitioners Solutions Private HospitalSolutions Governmental services (eg. public Medication/Prescription)

  9. National Distributed ESB+PKI Other Health Solutions Public Regional Solutions NationalESB+STSsolution Private Practitioners Solutions Private HospitalSolutions Governmental services (eg. public Medication/Prescription)

  10. Preconditions for implementation • Based on a “Federated ESB” pattern • Other parties are now exposing services on the “National ESB” • Digital Health is responsible for QoS etc. • Preconditions: • Common understanding of levels of authentication assurance • Very strong governance as to which criteria must be met to join the national ESB • Assessment criteria for services for the ESB • Accreditation and certification rules = Many parts of IAF

  11. Taking IAF further? • IdP’s/STS’ are also WSP’s • My wish:Separate the WSP assessment criteria from and create “SPAF” • Make IAF an IdP specialization of “SPAF”

  12. Trust! Another example of IAF usage • Health Professionals will once and again need access to other domains (other federations) IdP/STS

  13. Thank You! ? Questions?

More Related