Upload
truongkhanh
View
213
Download
0
Embed Size (px)
Citation preview
Agenda
➜ Open Healthcare Platform
➜ VA Enterprise Architecture Alignment
➜ OSEHRA Reference Architecture• Building upon VistA Evolution Plan
➜ Use Case Elaboration
© Talend 2013
Enterprise Transformation Strategy➜ Apache OSS assures open architecture
➜ OSEHRA healthcare sponsors assures open marketplace
➜ Virtualized OSS integration layer and align refactoring to EA
© Talend 2013
Harness the power of the community with OSEHRA, Apache, and OIT EA
OSEHRA Roles
➜ VistA centric Platform
➜ Balanced Community• Top-down governance – VA EA alignment• Bottom-up collaboration - community driven projects
➜ Stewardship
➜ Market facilitator
© Talend 2013
Harness and Focus the Community
➜ The community needs a reference implementation and a reference architectures to drive adoption.
➜ The middleware for OSEHRA needs to be open source in order to maximize its reach and enable community and market dynamics.
➜ No runtime is specified for the VSB, just that it is Java based. Suggest that VSB should use Apache OSS.
➜ The VistA Service Assembler (VSA) team has done the background work and prototyping for tools which can use Maven, Eclipse, and Spring XML to configure Camel endpoints.
© Talend 2013
Collaboration Vehicles
➜ Policy Proposals• Develop OSEHRA Reference Architecture• Develop OSEHRA Reference Implementation• Align RA and RI with VA EA
➜ Community Activities• Use Case Identification and Elaboration• Create projects for subsystems in OSEHRA GIT• VistA Service Backplane Reference Implementation• Components: VistA M Platform, EWD, Apache
© Talend 2013
Refactoring Benefits
Refactoring is undertaken in order to improve some of the nonfunctional attributes of the software. Advantages include improved code readability and reduced complexity to improve the maintainability of the source code, as well as a more expressive internal architecture or object model to improve extensibility.
Wikipedia
© Talend 2013
Refactoring provides the stability necessary for innovation
Service Taxonomy
© Talend 2013
The term “Service” is overloaded.Services exist at multiple levels of abstraction
Component API
Basic Service
Managed Service
Business Activity
Business ProcessFallacies of Distributed Computing➜ The network is reliable.➜ Latency is zero.➜ Bandwidth is infinite.➜ The network is secure.➜ Topology doesn't change.➜ There is one administrator.➜ Transport cost is zero.➜ The network is homogeneous.
Vist
A Se
rvic
e Ba
ckpl
ane
Architecture – Layered Integration
➜ Process• Human-in-the-loop, long running, asynchronous• Orchestrates Business Activities
➜ Mediation• Choreograph Managed Services into Business Activities• Transform Events into Command Messages• Correlate Events with Business Process
➜ Managed Services• Adapt Basic Services to provide consistent integration semantics for
security, reliable messaging, and other cross-cutting concerns• Enrich data messages into Events with Process Id for correlation• Correlate requests-replies from Basic Services
➜ Basic Services• Stateless business logic and data services
© Talend 2013
VA Enterprise Architecture Alignment12
© Talend 2011
8
7
6
5
4
Layer
2
1
3
Virtual Hardware / OS Environment Physical Hardware / OS EnvironmentProvisioning
Virtual Management Environment System Management and ControlProvisioning
Virtual Data Layer Physical Data LayerSQL
Encryption-Anti Virus
Audit Logs
Data Access Controls
Software Distribution
System Monitoring
Data Replication
Virtual Enterprise Software Environment Physical Middleware EnvironmentConfigurationSecurity DomainsPerformance Mgmt
COTS Software Environment Physical COTS EnvironmentService FacadesSecurity DomainsPerformance Mgmt
System Management
Security &Privacy Virtual Stack Physical StackTransformation
Enterprise Standard Message Layer Legacy Point-to-Point CommunicationMessage Adapters
SOA Services Layer Service Facade Legacy Systems
Standard Headers
Vulnerability Detection
Network Latency
Service Contracts
Virtual Interface Layer Physical Interface LayerMessage AdaptersEncryptionApplication Firewalls
RPC, CIA, HL7, iCal, CalDav
Google Calendar API, CIA, MDWS
oAuthSyncope
WS-SecurityGAE, GCE
MedSphere Scheduling Client
M Platform(Caché or open source platform (ie. GT.M), 130+ instances in production in VA)
VA VistA Evolution
© Talend 2013
VistA M Routine Calling Adapter (VMRCA)
Enterprise Service Bus (ESB)
Registry and Repository(Websphere)
Core ESB(Websphere)
VistA SOA Service Registry Entries
VistA SOA Service Proxies
VistA Service Backplane (VSB) - Regional
SOA Service Descriptors
VistA SOA Services
All Other Packages
VistA M Routine Calling Service (VMRCS)
VistAManaged Services
Basic Services
Component API
Derived fromVistA Service Assembler (VSA)Conceptual and Technical OverviewKeith Cox & Travis HiltonESS AWGOSEHRA AWG 8/27
M Platform(Caché or open source platform (ie. GT.M), 130+ instances in production in VA)
VA VistA Evolution
© Talend 2013
VistA M Routine Calling Adapter (VMRCA)
Enterprise Service Bus (ESB)
Registry and Repository(Websphere)
Core ESB(Websphere)
VistA SOA Service Registry Entries
VistA SOA Service Proxies
VistA Service Backplane (VSB) - Regional
SOA Service Descriptors
VistA SOA Services
All Other Packages
VistA M Routine Calling Service (VMRCS)Site
Specific
Generated by VistA Service
Assembler (VSA) Wizard
VistA
M Platform(Caché or open source platform (ie. GT.M), 130+ instances in production in VA)
OSEHRA Reference Implementation
© Talend 2013
VistA M Routine Calling Adapter (VMRCA)
VSB - Apache Camel, CXF, Karaf, ActiveMQ
SOA Service Descriptors (CXF, Camel)
VistA SOA Services
All Other Packages
VMRCS – NodeJS (EWD), Backbone.js
VistA
Camel & CXF XML +
metadata
ESB(Websphere)
VSB Integration Routes
© Talend 2013
Splitter Transform Aggregator MessageCorrelation
Enrichment
Event
ValidateEndpoint CommandMessage
RoutingSlip
NormalizeRecipientList
RPCHTTPS / EWD
HL7
SOAPJMS
Message AdaptorsSecurity
Publish-SubscribeRouting
VSB
Eclipse STP/WTPREST & Web Services
Apache MavenBuild & Deploy
Apache CXFREST & Web Services
Apache CamelMediation
Apache ActiveMQMessage Broker
Apache KarafOSGi
Eclipse EquinoxOSGi
Development - VSA Runtime - VSB
Apache Integration
Apache Integration
Refactoring to VSB
➜ Refactor existing functionality (e.g. Ray Group / PWC)➜ Expose interfaces and Component API’s➜ Delegate responsibility to the VSB
• Security• Reliable Delivery• Composition• Transformation
➜ Service Enable legacy technologies• First class transport adaptors for performance (RPC)• Standards based external transport (SOAP, JMS, MLLP)• Standards based data protocols (HL7, iCal)
© Talend 2013
Virtualizing the integration layer minimizes disruption
Responsibility Driven Design – VSB
➜ Adapts interfaces to standards & specifications➜ Message Exchange Patterns: req-reply and pub-sub➜ Event driven loose coupling with callback support➜ Value added mediation➜ Manage both consumers and providers➜ Standard invocation framework for composition➜ Integration with other Services (OSEHRA)
21
© Talend 2011
Scenario Template
➜ Goal: provide sufficient descriptive and prescriptive advice and examples for implementing integration use cases with OSEHRA platform to enable healthcare stakeholders to build application specific services that are reliable, secure, flexible, extensible, and easily composed.
➜ Sufficient to exercise essential complexity, bound risk, and focus collaboration
➜ Not exhaustive, not comprehensive➜ Informed by and illustrates reference architecture
© Talend 2013
Reference Architecture Principles
➜ Standards Based• HL7• SOAP• REST• JMS
➜ Separation of Concerns➜ Support for REST and message centric architectures➜ Event Driven➜ Policy-centric Management
© Talend 2013
Scenario Artifacts
➜ Iterative and Incremental➜ Use case description, wiki➜ Sequence diagram, wiki➜ Design Analysis, wiki ➜ Example, working code in OSEHRA Git➜ Test Driven, integration test routes as requirements in
OSEHRA Git➜ YouTube, walkthrough
© Talend 2013
Breadth
Dept
h
Integration Use Cases1. Non-invasive mediation2. Transport Mediation3. Reliable Delivery4. Federated Query5. Federated Identity6. Federated Security7. Transport Security8. Message Security
© Talend 2013
9. RPC Composition10. Composite Services with Camel11. Event Enablement12. Subscription Management13. Monitor and Manage14. High Availability
Security
Federated Query
Federated Identity
Federated
Security
Transport Security
Message Security
© Talend 2013
Value Added Mediation – Security
➜ Security Profile Alternatives• Transport layer security (SSL V3.0 and TLS V1.0)• SessionId and SSO at App transport layer for Server / Service• Per-message message-level security using WS-Security• Per-session message-level security using WS-Security• SecureConversation Message Layer for User or Service with
SAML x.509➜ Security Gateway Solution Pattern
• Connect to ESB using Transport Security• Delegate message level security to ESB
Sample Basic Security Profile
Encryption Server Auth App Auth User Auth Data Authz
Human to App N/A OS Login OS Logic App Login App Logic
App to ESB Transport(HTTPS, JMS/SSL)
HTTPS SAML N/A N/A
ESB to VSBTransport (HTTPS, JMS/SSL)
HTTPS SAML N/A N/A
VSB to VMRCS
Transport (HTTPS) HTTPS Trusted
Basic Auth N/A VSB Transform
VMRCS to VMRCA N/A N/A VistA or
M Kernel N/A VistA
© Talend 2013
* Not applicable for securing sensitive data at rest
Current Status
Contributing camel-rpc to OSEHRA• Publicly available on Github• Move to OSEHRA Git• Harden implementation and unit test cases with community
input
Federated Query Scenario
➜ Explore re-using elements of BGS Security framework➜ Standard build and CI environment➜ Standard server configuration© Talend 2013