90 likes | 97 Views
Integration of biomedical applications in metro-DC to enhance detection/response to terrorism attacks. Ensures inter-organizational access while preserving privacy and includes improved data visualization.
E N D
Project Sentinel Middleware & Identity Managementfor the Health Sciences Chad La Joie Georgetown University
What is Sentinel • Integration of biomedical applications in metro-DC to enhance regional detection and response to terrorism attacks (anthrax, ricin, 9/11) • Allow inter-organizational access to integrated applications and their data, including • Symptom Recording / Analysis • Patient Data; while preserving privacy • Geographic Information Systems • Dramatically Improved Data Visualization • Funded by National Library of Medicine grant
Participants • Georgetown University • Hosts IdP components and Sentinel WAYF • GU Medical Center – ISIS • Hosts medical record viewer and ARGUS portal • Consumes MonitorMan and Azyxxi data • MedStar Washington and GU Hospitals • Hosts MonitorMan and Azyxxi • DC Department of Health • Consumes MonitorMan, Azyxxi, ARGUS, and medical record viewer data
PHI (RDBMS) Azyxxi Azyxxi Monitor Man SP SP SP MedStar GU Hospital PHI (RDBMS) ARGUS Portal RecordView MedStar GU Hospital SP SP IdM (AD) PHI (RDBMS) IdM (?) Medical Center - ISIS Sentinel WAYF GU IdP ISIS IdP DC DOH IdM (SunOne) MedStar IdP IdM (AD) DC DOH IdP Georgetown Univ. MedStar Corp. Component View Internet GU Network
Current Status • Completed: • Networking connections among participants • Sentinel WAYF online • GU and ISIS IdPs online • MonitorMan Shibboleth-enabled • In Progress: • ISIS consolidated record viewer shibboleth-enabled • ARGUS portal shibboleth-enabled • Install DoH IdP • Install MedStar IdP • NLM sit visit: Sentinel Demo – June 9
Lessons Learned • Anonymous authentication is not always preferred in the medical community • People want to log/audit who is using their application and view data and require knowledge of the user’s identity • Medical institutions are not IT organizations • No, or incomplete, central ID systems; most apps maintain their own user list and passwords • Small IT staff already managing as much as they can • Medical community has less trust of home organizations attributes and want more control of privilege granting • How do they know attributes are assigned properly?
The Future • Shibboleth-enable client/server app Azyxxi • Protect IdPs with multi-factor AuthN • Create Sentinel Federation • Document Policies and Practices • Set up CA and metadata management • Upgrade to Shibboleth 1.3 • Provide tools for hospitals to grant privileges to remote users • Look into Shibboleth/Grouper/Signet tool chain • Look into Shibboleth/PERMIS tool chain
The Future • Grid-enable applications - maybe • Provide OGSA-DIA interface to PHI databases • Integrate Grouper/Signet with Globus CAS • Enable Shibboleth to work in n-tier environment • Hook visualization programs into Condor • Continue to investigate the need for a MedPerson schema or data profile
Chad La Joie lajoie@georgetown.edu • Sentinel Website http://sentinel.georgetown.edu