Federated, Secure Trust

matchmoaningΤεχνίτη Νοημοσύνη και Ρομποτική

17 Νοε 2013 (πριν από 3 χρόνια και 11 μήνες)

66 εμφανίσεις

1

Federated, Secure Trust
Networks for Distributed
Healthcare IT Services




Alfred Weaver

Samuel Dwyer

Andrew Snyder

Jim Van Dyke

Tim Mulholland

James Hu

Xiaohui Chen

Andrew Marshall

2

Industrial Informatics Applied
to Healthcare


Health Insurance Portability and
Accountability Act of 1996


privacy of patient encounters


security of patient data


encryption of medical information when stored or
transmitted


access controls to retrieve information


audit logs of data access

3

Healthcare Informatics Portal


Common medical data portal


doctors, patients, staff see a customized view


allied health services exchange information
electronically


Authentication of users


biometric and conventional methods


Authorization of access


role
-
based access control model


Strong encryption of all data


All built on a web services model

4

5

6

Federated, Secure Trust Networks for
Distributed Healthcare IT Services

Medical Data Portal

Web Services


Authorization

Service



Authentication

Service



Electronic
Patient
Record

2

3

9

10

12

Rule

Engines

1

4

6

7

5

8

7

Research Issues


Authentication


who are you?


Mobile devices


what capabilities do you have?


Authorization


what can you do?


Encryption


which algorithm? what length key?


Shared trust


off
-
network organizations

8

Authentication


Can support legacy techniques


user ID and passwords, challenge
-
response


Newer identification technologies


smartcards, access keys


Biometric identification


fingerprints, iris scans


signature analysis, voice recognition


keyboard dynamics


face, hand, finger, ear geometry




Need web service that


recognizes context
-
sensitive rules


performs identification (multiple techniques)


produces a token that verifies identity

9

Fingerprints

70 points of differentiation (loops, whirls, deltas, ridges)

Even identical twins have differing fingerprint patterns

False positive rate < 0.01%

False negative rate < 1.5%

Can distinguish a live finger; fast to enroll

Inexpensive ($100
-
$200) for the reader

10

Iris Scans

Iris has 266 identification degrees of freedom

Identical twins have different iris patterns

False positive rate < 0.01%

False negative rate < 0.01%

Does take some time and controlled lighting to enroll

Pattern is stored as a data template, not a picture

Some units control light to detect pupil dilation (prove live eye)

11

Mobile Devices


Legitimate access is no longer limited to
desktops or in
-
hospital devices


Wave of the future includes


PDAs (HP iPAQ Pocket PC h5455 with fingerprint
scanner built
-
in)


tablet PCs (handwriting recognition)


cell phones (voice recognition)


Personal authentication should work using
the devices and capabilities available to the
legitimate user

12

Fingerprints with Wireless PDA

HP iPAQ h5455 with fingerprint scanner

Thermal scanner detects live finger

We wrote an authentication web service

--
send fingerprint pattern to service

--
compare against database of enrollees

--
confirm or deny identity

--
send confirmation to web portal

--
write cookie to device

--
cookie becomes an
identification token

containing:


--
who the individual is


--
how identity was confirmed


--
trust level of the identification


--
e.g., iris scan > fingerprint > password

13

Authorization


Now that we know who you are, what are you allowed
to do?


Use role
-
based access control


Roles for people with different privileges:


attending physician


referring physician


medical fellows


medical students


physician consultants


other healthcare staff (nurses)


technologists (diagnostic imagery)


technicians (lab results)


patient


Plus roles for other entities (insurance, pharmacy)

14

Authentication Rule Engine

Identity token

Access request

Rules

Hospital administration

rule templates

Authorization token

15

Authorization Rule Templates

Attending

Referring

Fellow

Student

Technician

Technologist

Patient

Insurance

Billing

Pharmacy

Med records

Can

Can not

Demographics

Clinical notes

Lab notes

Diagnostic images

Psych evaluation

Who

Access

Electronic Patient Record

16

Authorization Rule Engine


More complicated in practice


doctor needs consultation


doctor on vacation


doctors practicing in groups



surgeons, radiologists


emergencies

17

Encryption


Which encryption method?


DES, 3DES, AES, RSA, others


what length key?


Unintended consequences


UVA does 380,000 radiological exams annually


produce 9 TB of data every year


encrypting one 3 MB chest x
-
ray is no problem


but CT and MR produces 500
-
1000 slices


each slice is a file


typical MR is 68 MB


What is the workflow impact of encrypting/decrypting
a 68 MB file each time it is touched?

18

Trust Networks


Trust, legitimately established, should be
shared across the enterprise


pharmacies


insurance companies


outpatient services


How does trust get quantified?


How does trust get shared?


WS
-
Trust does not yet provide guidance

19

Trust Networks

9

8

Identification tokens

Authorization tokens

Encryption

Digital signature

Trust credentials

Dynamic negotiation of credentials


Banks do this with ATMs;

we need to do it among

cooperating healthcare providers



20

Summary of Issues


Authentication


Mobile access technologies


Biometric identification


Authorization rule engine


Role
-
based access control


Simplified rule administration


Trust sharing


Dynamic negotiation of trust credentials

21

Acknowledgements



Funding for this project provided by:

David Ladd and Tom Healy

University Research Program

Microsoft Research

Microsoft Corporation