View
214
Download
0
Tags:
Embed Size (px)
Citation preview
Identity Federation in Healthcare Networks
Xiaohui ChenDepartment of Computer ScienceUniversity of Virginia
Department of Computer Science, University of Virginia
2
Agenda
Introduction Current Efforts System Design System Implementation Demo Conclusions and future work
Department of Computer Science, University of Virginia
3
Introduction What is identity?
The distinguishing characteristic or personality of an individual
Why is identity important? All the important things
you do require your identity
Why has identity become a problem? Enterprise side Personal side
Department of Computer Science, University of Virginia
4
Introduction Our proposed solution
“Identity Federation” “The agreements,
standards, and technologies that make identity and entitlements portable across autonomous domains ”
Sto
re c
ooki
e
Initi
al lo
gin
Aut
horiz
atio
n de
cisi
on
Aut
horiz
atio
nre
ques
t
Req
uest
au
then
ticat
ion
toke
nData request + authentication
tokenR
etur
n ge
nera
ted
toke
n
Authorization Rules
Data
<wsp:Policy wsu:Id="trustlevelsec-token"> <wssp:SecurityToken wsp:Usage="wsp:Required"> <wssp:TokenType> http://cs.virginia.edu/tl#TrustLevelToken </wssp:TokenType> <wssp:TokenIssuer> http://cs.virginia.edu/TrustLevelSTS.asmx </wssp:TokenIssuer> <wstl:TrustLevel> 2.5 </wstl:TrustLevel> </wssp:SecurityToken></wsp:Policy>
Authorization Web Service(Authorization Engine)
Medical Data Portal Ancillary Services
Pharmacy
Insurance
Billing
Clinics
Authentication Web Service(Secure Token Service)
WS-PolicyData Repository and Web Service
FingerprintScanner
HP
55
50
.....<Condition> <Context>IsAttending</Context> <Operator>==</Operator> <Expected>true</Expected></Condition><Condition> <Context>TrustLevel</Condition> <Operator>%gt;=</Operator> <Expected>Fingerprint</Expected></Condition> .....
Trust Establishmentand Federation
Signature e-Token RFID
WSE 2.0
Department of Computer Science, University of Virginia
6
Current Efforts
OASIS and SAML Microsoft, IBM and WS-Roadmap Liberty Alliance .NET Passport Shibboleth
Department of Computer Science, University of Virginia
7
System Design
Identity Federation by inter-domain identity mapping through anonymous token/attribute exchange via Token Exchange Service
Why choose this design?
Department of Computer Science, University of Virginia
8
System Design Key Ideas:
Identity establishment/management with strong authentication
Trust establishment between domains Universal identity with inter-domain identity
mapping and attribute mapping Inter-domain security information exchange via
Token Exchange Server Privacy protection – pseudonym, attribute exchange Request forwarding for web single sign-on
Department of Computer Science, University of Virginia
9
System Design Strong
authentication Biometric Non-biometric Two factors
Trust levels Numerical Comparable
Fingerprint
Anonymous
Fingerprint
Anonymous
4
3 Signature
2.5 RF-ID
2 e- Token
1 ******* Password
0 ???
Signature
RF-ID
e- Token
******* Password
0 ??????
Department of Computer Science, University of Virginia
10
System Design Identity mapping
One-to-one Many-to-one One-to-many Pseudonym
[email protected] [email protected]
Department of Computer Science, University of Virginia
11
System Design Attribute mapping
Any security information can establish meaningful mappings between domains along with a user’s identity, e.g. trust level mapping, role mapping, privilege mapping …
Standard attribute names
Trust Levels
4 Fingerprint
3 Signature
2.5 RF-ID
2 e-Token
1 ******* Password
0 Anonymous???
Fingerprint
Signature
RF-ID
e-Token
Password
Anonymous
Trust Levels
4 Fingerprint
3 Signature
2.5 RF-ID
2 e-Token
1 ******* Password
0 Anonymous??????
Fingerprint
Signature
RF-ID
e-Token
Password
Anonymous
Department of Computer Science, University of Virginia
12
System Design
Trust Relation Setup Defined by policy files Administrated by authority With whom to federate identity? How to federate identity?
Department of Computer Science, University of Virginia
13
System Design
Inter-domain security information exchange Heterogeneous systems have different
security information formats Attribute exchange via standard web
service interface Standard token formats – SAML, WS-Trust
Single-Sign-On
Department of Computer Science, University of Virginia
14
System Design
Security Token Service Token Exchange Service Trust Authority
Department of Computer Science, University of Virginia
15
System Design
H2.
WRAPPIN
G REQUEST W
ITH L
OCAL TOKEN
5. F
ORWARD A
TTRIBUTE R
EQUEST
3. FORWARDING REQUEST
4 REQUEST AND ACQUIRE ATTRIBUTES TO
CREATE LOCAL TOKEN
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Security Token Service
Security Token Service
Token Exchange
Service
Web Portal
Web Service
Web Portal
Request Directly with Policy Caching
Client Browser
1. InterceptingRequest
2. Exchange Hospital Token for Pharmacy Token
Pharmacy Trust Domain
Hospital Trust Domain
3. Request with Pharmacy Token
6. REQUEST WITH PHARMACY TOKEN
1. Acquire Hospital Token
PASSIVE FEDERATION
ACTIVE FEDERATION
Department of Computer Science, University of Virginia
16
System Design Security Token Service
WSE2.0 based Attribute extension
Trust level Location Time Role
Identity Federation extension Inter-domain request control Endpoint for inter-domain security information
exchange with web service Identity and attribute mapping
Department of Computer Science, University of Virginia
17
System Design
Token Exchange Service Facilitates inter-domain security
information exchange with request forwarding
Automatic directory lookup Trust broker Define standard attribute names
Department of Computer Science, University of Virginia
18
System Design
Trust Authority Manages inter-domain trust relationship Publishes domain information Defines attributes provided Defines services provided
Department of Computer Science, University of Virginia
19
System Design
H2.
WRAPPIN
G REQUEST W
ITH L
OCAL TOKEN
5. F
ORWARD A
TTRIBUTE R
EQUEST
3. FORWARDING REQUEST
4 REQUEST AND ACQUIRE ATTRIBUTES TO
CREATE LOCAL TOKEN
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Pol
icy
Security Token Service
Security Token Service
Token Exchange
Service
Web Portal
Web Service
Web Portal
Request Directly with Policy Caching
Client Browser
1. InterceptingRequest
2. Exchange Hospital Token for Pharmacy Token
Pharmacy Trust Domain
Hospital Trust Domain
3. Request with Pharmacy Token
6. REQUEST WITH PHARMACY TOKEN
1. Acquire Hospital Token
PASSIVE FEDERATION
ACTIVE FEDERATION
Department of Computer Science, University of Virginia
20
System Implementation
Three trust domains Medical portal – hospital Pharmacy portal – pharmacy News portal – MSN
Related services Security token service Trust authority Token Exchange Service
Department of Computer Science, University of Virginia
21
System Implementation
Medical Portal Authentication and authorization Medical data management Doctor/Patient portal service Electronic prescription
management/submission via active federation
Event alert system
Department of Computer Science, University of Virginia
22
System Implementation
Pharmacy Portal Structurally the same as hospital portal Electronic prescription management Automatically sends/receives
prescription information to hospital via active federation
Department of Computer Science, University of Virginia
23
System Implementation
Mock MSN Portal Represents a third party news portal Federates identity with hospital portal Web Single-Sign-On
Department of Computer Science, University of Virginia
24
Demo
Trust Level Alerts with active federation Federation between MSN and hospital
Department of Computer Science, University of Virginia
25
Conclusion Identity federation with user identity mapping
between domains is flexible, maintainable and powerful
Token Exchange Service with web service security information exchange successfully hides local security system implementation
Trust authority with domain information publishing is a practical way to administrate trust relationship
Levels of authentication provide one way to evaluate identity trustworthiness across domains
Identity federation with Single Sign-On successfully alleviates the identity crisis
Department of Computer Science, University of Virginia
26
Future Work Fully automatic trust negotiation and
establishment More powerful attribute
exchange/evaluation algorithm to protect user privacy
Become SAML compliant Standards other than Microsoft and IBM’s
WS-X Integration with other federation
approaches
Department of Computer Science, University of Virginia
27
Publications Xiaohui Chen and Alfred C. Weaver,
Identity Federation in Federated Trust Healthcare Network, Submitted to XXXX
Alfred C. Weaver, Samuel J. Dwyer III, Andrew M. Snyder, James Van Dyke, James Hu, Xiaohui Chen, Timothy Mulholland, Andrew Marshall, Federated, Secure Trust Networks for Distributed Healthcare IT Services, IEEE International Conference on Industrial Informatics, Banff, Alberta, Canada, August 2003
Junzhe Hu and Alfred C. Weaver, A Dynamic, Context-Aware Security Infrastructure for Distributed Healthcare Applications, Pervasive Privacy Security, Privacy, and Trust (PSPT2004), Boston, MA, August, 2004
Alfred C. Weaver, Enforcing Distributed Data Security via Web Services, Workshop on Factory Communications (WFCS2004), Vienna, Austria, September 21-24, 2004