130 likes | 149 Views
Implementing Secure Web Services using Professional Profile (Data Commons). MedBiquitous Annual Meeting ( May 10, 2011 ). Madhavkumar Iyer NBME miyer@nbme.org. Neal Swearer AAMC neal.swearer@aamc.org. What is Data Commons?.
E N D
Implementing Secure Web Services using Professional Profile (Data Commons) MedBiquitous Annual Meeting (May 10, 2011) Madhavkumar Iyer NBME miyer@nbme.org Neal Swearer AAMC neal.swearer@aamc.org
What is Data Commons? • An infrastructure for real-time creation of data sets across organizations in the House of Medicine based on agreements. • Developed jointly by NBME & AAMC. • Not a new repository. Data sets compiled from existing repositories and expunged after creation. • Organizational members build infrastructure collaboratively and own and operate it jointly. • Used to aggregate data sets for individuals, educational programs, institutions and educational research. • Individual medical professional can compile data for private self-assessment or to authorize public report-out of selected information. Data Commons
Definitions Data Sharing Agreement Agreement between participating organizations for the exchange for data in real-time. Provider A participating organization providing data to Data Commons Invoker A participating organization requesting data from Data Commons IDMS Identity Matching Service to match or reconcile different identifiers used across multiple organizations for each medical professional. Data Commons
System Architecture Data Commons
System Features • Connects to certified Data Providers • Accepts requests only from member organizations • Requests are authenticated & authorized before retrieving data • Request/Response data is encrypted based on invoker’s 128 bit KEY • Requests validated using Authorization Certificate • Transactions logged without storing request/response data • Generic Web Service processes all requests from Invokers • Providers provide data using Web Services • All Web Services are of document/literal format and secured by SSL • Generic Request/Response XML data formats for Invoker/Provider Data Commons
Technology • Application Server – J2EE 1.4 • Oracle Database 10g/11g • Java / PL-SQL • XML • SOAP 1.1 • WSDL 2.0 • AES 128 bit message encryption Data Commons
Using MedBiquitous Professional Profile • The following operations uses MedBiquitous Professional Profile: • Get Enrolled Students • NBME gets updated enrolled student information for each school from AAMC • Get Matriculated Students • NBME gets new matriculants for each school from AAMC • IDMS Biographic Update • NBME and AAMC provide updates to IDMS Data Commons
MedBiquitous Professional Profile - Sample Data Commons
MedBiquitous XML Schemas • The MedBiquitous Healthcare Professional Profile Schema provides a data structure that allows one to represent one or more healthcare professionals in a standard format. • Data Commons uses version 1.0 of the following MedBiquitousXML schemas: • Member • Name • Address • Source: http://ns.medbiq.org/member/v1/ Data Commons
Example 1: Using the MedBiquitous XML Schemas • GetStudentProfile web service operation • Request <DcomOutboundGetStudentProfileRequest xmlns="http://www.dcom.org/service"> <OperationName>GetStudentProfile</OperationName> <RequestPacket> <RequestHeader> <AamcId>12113983</AamcId> <MedicalSchoolCode>816</MedicalSchoolCode> </RequestHeader> </RequestPacket> <TransactionId>112312312318</TransactionId> </DcomOutboundGetStudentProfileRequest> Data Commons
Example 1: Using the MedBiquitous XML Schemas • GetStudentProfile web service operation (continued) • Response <DcomOutboundGetStudentProfileResponse xmlns="http://www.dcom.org/service/getStudentProfile" xmlns:dcom=http://www.dcom.org/service xmlns:medAddress="http://ns.medbiq.org/address/v1/" xmlns:medMember="http://ns.medbiq.org/member/v1/" xmlns:medName="http://ns.medbiq.org/name/v1/"> …. </DcomOutboundGetStudentProfileResponse> Data Commons
Example 1: Using the MedBiquitous XML Schemas • GetStudentProfile web service operation (continued) • Response <medMember:Members> <medMember:Member restrictions="Restricted"> <medMember:UniqueID domain="Member:USMLE ID">52153983</medMember:UniqueID> <medMember:UniqueID domain="Member:AAMC ID">12713993</medMember:UniqueID> … </medMember:Member> </medMember:Members> Data Commons
Questions? Data Commons