Identity Federation in Healthcare Networks

Xiaohui ChenDepartment of Computer ScienceUniversity of Virginia

Department of Computer Science, University of Virginia

2

Agenda

Introduction Current Efforts System Design System Implementation Demo Conclusions and future work

Department of Computer Science, University of Virginia

3

Introduction What is identity?

The distinguishing characteristic or personality of an individual

Why is identity important? All the important things

you do require your identity

Why has identity become a problem? Enterprise side Personal side

Department of Computer Science, University of Virginia

4

Introduction Our proposed solution

“Identity Federation” “The agreements,

standards, and technologies that make identity and entitlements portable across autonomous domains ”

Sto

re c

ooki

e

Initi

al lo

gin

Aut

horiz

atio

n de

cisi

on

Aut

horiz

atio

nre

ques

t

Req

uest

au

then

ticat

ion

toke

nData request + authentication

tokenR

etur

n ge

nera

ted

toke

n

Authorization Rules

Data

<wsp:Policy wsu:Id="trustlevelsec-token"> <wssp:SecurityToken wsp:Usage="wsp:Required"> <wssp:TokenType> http://cs.virginia.edu/tl#TrustLevelToken </wssp:TokenType> <wssp:TokenIssuer> http://cs.virginia.edu/TrustLevelSTS.asmx </wssp:TokenIssuer> <wstl:TrustLevel> 2.5 </wstl:TrustLevel> </wssp:SecurityToken></wsp:Policy>

Authorization Web Service(Authorization Engine)

Medical Data Portal Ancillary Services

Pharmacy

Insurance

Billing

Clinics

Authentication Web Service(Secure Token Service)

WS-PolicyData Repository and Web Service

FingerprintScanner

HP

55

50

.....<Condition> <Context>IsAttending</Context> <Operator>==</Operator> <Expected>true</Expected></Condition><Condition> <Context>TrustLevel</Condition> <Operator>%gt;=</Operator> <Expected>Fingerprint</Expected></Condition> .....

Trust Establishmentand Federation

Signature e-Token RFID

WSE 2.0

Department of Computer Science, University of Virginia

6

Current Efforts

OASIS and SAML Microsoft, IBM and WS-Roadmap Liberty Alliance .NET Passport Shibboleth

Department of Computer Science, University of Virginia

7

System Design

Identity Federation by inter-domain identity mapping through anonymous token/attribute exchange via Token Exchange Service

Why choose this design?

Department of Computer Science, University of Virginia

8

System Design Key Ideas:

Identity establishment/management with strong authentication

Trust establishment between domains Universal identity with inter-domain identity

mapping and attribute mapping Inter-domain security information exchange via

Token Exchange Server Privacy protection – pseudonym, attribute exchange Request forwarding for web single sign-on

Department of Computer Science, University of Virginia

9

System Design Strong

authentication Biometric Non-biometric Two factors

Trust levels Numerical Comparable

Fingerprint

Anonymous

Fingerprint

Anonymous

4

3 Signature

2.5 RF-ID

2 e- Token

1 ******* Password

0 ???

Signature

RF-ID

e- Token

******* Password

0 ??????

Department of Computer Science, University of Virginia

10

System Design Identity mapping

One-to-one Many-to-one One-to-many Pseudonym

John@hospital.com John@pharmacy.com

Tom@hospital.com guest@pharmacy.com

54087@hospital.com

Department of Computer Science, University of Virginia

11

System Design Attribute mapping

Any security information can establish meaningful mappings between domains along with a user’s identity, e.g. trust level mapping, role mapping, privilege mapping …

Standard attribute names

Trust Levels

4 Fingerprint

3 Signature

2.5 RF-ID

2 e-Token

1 ******* Password

0 Anonymous???

Fingerprint

Signature

RF-ID

e-Token

Password

Anonymous

Trust Levels

4 Fingerprint

3 Signature

2.5 RF-ID

2 e-Token

1 ******* Password

0 Anonymous??????

Fingerprint

Signature

RF-ID

e-Token

Password

Anonymous

Department of Computer Science, University of Virginia

12

System Design

Trust Relation Setup Defined by policy files Administrated by authority With whom to federate identity? How to federate identity?

Department of Computer Science, University of Virginia

13

System Design

Inter-domain security information exchange Heterogeneous systems have different

security information formats Attribute exchange via standard web

service interface Standard token formats – SAML, WS-Trust

Single-Sign-On

Department of Computer Science, University of Virginia

14

System Design

Security Token Service Token Exchange Service Trust Authority

Department of Computer Science, University of Virginia

15

System Design

H2.

WRAPPIN

G REQUEST W

ITH L

OCAL TOKEN

5. F

ORWARD A

TTRIBUTE R

EQUEST

3. FORWARDING REQUEST

4 REQUEST AND ACQUIRE ATTRIBUTES TO

CREATE LOCAL TOKEN

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Security Token Service

Security Token Service

Token Exchange

Service

Web Portal

Web Service

Web Portal

Request Directly with Policy Caching

Client Browser

1. InterceptingRequest

2. Exchange Hospital Token for Pharmacy Token

Pharmacy Trust Domain

Hospital Trust Domain

3. Request with Pharmacy Token

6. REQUEST WITH PHARMACY TOKEN

1. Acquire Hospital Token

PASSIVE FEDERATION

ACTIVE FEDERATION

Department of Computer Science, University of Virginia

16

System Design Security Token Service

WSE2.0 based Attribute extension

Trust level Location Time Role

Identity Federation extension Inter-domain request control Endpoint for inter-domain security information

exchange with web service Identity and attribute mapping

Department of Computer Science, University of Virginia

17

System Design

Token Exchange Service Facilitates inter-domain security

information exchange with request forwarding

Automatic directory lookup Trust broker Define standard attribute names

Department of Computer Science, University of Virginia

18

System Design

Trust Authority Manages inter-domain trust relationship Publishes domain information Defines attributes provided Defines services provided

Department of Computer Science, University of Virginia

19

System Design

H2.

WRAPPIN

G REQUEST W

ITH L

OCAL TOKEN

5. F

ORWARD A

TTRIBUTE R

EQUEST

3. FORWARDING REQUEST

4 REQUEST AND ACQUIRE ATTRIBUTES TO

CREATE LOCAL TOKEN

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Pol

icy

Security Token Service

Security Token Service

Token Exchange

Service

Web Portal

Web Service

Web Portal

Request Directly with Policy Caching

Client Browser

1. InterceptingRequest

2. Exchange Hospital Token for Pharmacy Token

Pharmacy Trust Domain

Hospital Trust Domain

3. Request with Pharmacy Token

6. REQUEST WITH PHARMACY TOKEN

1. Acquire Hospital Token

PASSIVE FEDERATION

ACTIVE FEDERATION

Department of Computer Science, University of Virginia

20

System Implementation

Three trust domains Medical portal – hospital Pharmacy portal – pharmacy News portal – MSN

Related services Security token service Trust authority Token Exchange Service

Department of Computer Science, University of Virginia

21

System Implementation

Medical Portal Authentication and authorization Medical data management Doctor/Patient portal service Electronic prescription

management/submission via active federation

Event alert system

Department of Computer Science, University of Virginia

22

System Implementation

Pharmacy Portal Structurally the same as hospital portal Electronic prescription management Automatically sends/receives

prescription information to hospital via active federation

Department of Computer Science, University of Virginia

23

System Implementation

Mock MSN Portal Represents a third party news portal Federates identity with hospital portal Web Single-Sign-On

Department of Computer Science, University of Virginia

24

Demo

Trust Level Alerts with active federation Federation between MSN and hospital

Department of Computer Science, University of Virginia

25

Conclusion Identity federation with user identity mapping

between domains is flexible, maintainable and powerful

Token Exchange Service with web service security information exchange successfully hides local security system implementation

Trust authority with domain information publishing is a practical way to administrate trust relationship

Levels of authentication provide one way to evaluate identity trustworthiness across domains

Identity federation with Single Sign-On successfully alleviates the identity crisis

Department of Computer Science, University of Virginia

26

Future Work Fully automatic trust negotiation and

establishment More powerful attribute

exchange/evaluation algorithm to protect user privacy

Become SAML compliant Standards other than Microsoft and IBM’s

WS-X Integration with other federation

approaches

Department of Computer Science, University of Virginia

27

Publications Xiaohui Chen and Alfred C. Weaver,

Identity Federation in Federated Trust Healthcare Network, Submitted to XXXX

Alfred C. Weaver, Samuel J. Dwyer III, Andrew M. Snyder, James Van Dyke, James Hu, Xiaohui Chen, Timothy Mulholland, Andrew Marshall, Federated, Secure Trust Networks for Distributed Healthcare IT Services, IEEE International Conference on Industrial Informatics, Banff, Alberta, Canada, August 2003

Junzhe Hu and Alfred C. Weaver, A Dynamic, Context-Aware Security Infrastructure for Distributed Healthcare Applications, Pervasive Privacy Security, Privacy, and Trust (PSPT2004), Boston, MA, August, 2004

Alfred C. Weaver, Enforcing Distributed Data Security via Web Services, Workshop on Factory Communications (WFCS2004), Vienna, Austria, September 21-24, 2004