130 likes | 273 Views
Federated Directory Services. Revised Proposal for 2009/10 presented to the IT Infrastructure Planning Committee J. Caumanns, O. Rode, R. Kuhlisch, FHGISST 12 October 2009. Problem Statement. 2008: 1 Proposal for a directory profile 2009: 3 Proposals for directory profiles
E N D
Federated Directory Services Revised Proposal for 2009/10 presented to the IT Infrastructure Planning Committee J. Caumanns, O. Rode, R. Kuhlisch, FHGISST 12 October 2009
Problem Statement • 2008: 1 Proposal for a directory profile • 2009: 3 Proposals for directory profiles • as use cases show, directories on services and organisations are a mandatory prerequisite for distributed healthcare networks • FDS Essentials: • Separation of schemas from query and mgmt. infrastructure • authonomy of directory providers • multiple deployment options: P2P, Master-Slave, Hierarchy, ....
The focus of the proposed implementable white paper is on the “envelope” for directory queries and on mechanisms for forwarding such queries among directory services in order to allow for the implementation of different directory topologies (e.g. hierarchy, master-slave, P2P, centralized). • The FDS actors and transactions will extend the existing PWP profile and the proposed profiles on configuration and provider directories with functionalities for cross-domain directory linkage.
FDS Directory Integration dir=HITPRProvider dir=HITPRProvider
Directory Schema Co-Existence dir=HITPRProvider dir=HITPRProvider DODS HITPR DSDS
Proposed Standards & Systems • DSML v2 to query (LDAP) directories • LDAP2UDDI adaptors available from industry • IHE PWP as basis and reference • RFC2798 (inetOrgPerson), RFC2256 (X500 user schema) • IHE ATNA for FDS Authenticity • IHE XUA to support access control • IHE White Paper on Cross-Community Information Exchange • Alternatives to discuss (in January....): • OMG IS (former EIS) • UDDI
Scope of the White Paper • Upper Directory Tree structure (more or less implied) • Client and P2P query transactions (DSML v2) • Registration of FDS for a certain domain • security issues (mainly ATNA)
Discussion • Editor: Fraunhofer ISST • Editing support by: Swisssign, ELGA, iSoft, ISPro • Estimated Effort: Low • Prototype implementation as “proof of concept” at Fraunhofer ISST • integration with eCR v1.4 (2010) planned and agreed with industry; deployment into running eCR pilot projects and running networks late 2010
WP Outline [#pages] • Use cases (incl. deployment and topology options): [3] • Multi-Schema support (IHE directory profiles): [2] • actors and transactions (functional): [2] • transaction specification (technical): [3] • security considerations (use of ATNA and XUA): [2] • management considerations (adding and removing directories): [2] • routing (optimization of query forwarding): [1] [15]
Discussion • Alternatives: • IHE ITI designs each directory service from scratch, including actors, transactions, and schemas • other IHE domains design directory schemas and transactions that then have to be integrated afterwards by ITI • Facts: • every distributed EHR needs a service directory. • No distributed EHR – No demand for directories (and vice versa) • No service directory – no distributed EHR • XUA makes no sense for safeguarding XDS etc. without an organisation directory