As you know, I am on the HITSP Board –
use me as you see fit.
From: David RR Webber
Sent: Tuesday, February 21, 2006
To: Moehrke,John (GE Healthcare)
Subject: RE: [ihc] SAML 2.0 and
Your feedback is very encouraging.
The challenge is that very factor of short-term expedience negating the
benefits of the longterm standards-based approach.
The quick fix not fully paving the way for the wider needs - and ending
up costing double time.
The sheer scale of everything makes the challenging of communicating
and getting the message out there to all participants tough too.
Look forward to more on the progress with IHE/XDS in due course.
-------- Original Message --------
Subject: RE: [ihc] SAML 2.0 and IHE/XDS?
From: "Moehrke, John (GE Healthcare)" <John.Moehrke@med.ge.com>
Date: Sun, February 19, 2006 11:38 pm
To: "David RR Webber (XML)" <email@example.com>,
IHE (http://www.ihe.net) is
trying hard to add Federated ID to it's cross-enterprise healthcare profiles.
XDS is the major one at this time, but there are other support profiles as
well. I am the editor of this work within the IHE. This effort will be closely
watching WS-SX and WS-I to do the profiling of the use of SAML 2.0 Assertions
use within Web-Services. This year we are adjusting our healthcare
specific transactions to fit nicer on Web-Services. My hope is that healthcare
will have no special needs and thus will simply be able to point at WS-I for
the basic web-services profile as well as basic security with Federated
ID. Our biggest problem is time as the USA government as well as other
governments around the world are calling for regional sharing of medical
information. This urgency is at a breakneck pace that I hope doesn't require
healthcare to do anything drastic.
I welcome any assistance that this
community can provide, including giving me strong evidence that I am miss
understanding the standards and market space.
T 262 293 1667
W126 N7449 Flint Road, Suite 200,
Menomonee Falls, WI
What I may see or hear in the course of the
treatment or even outside of the treatment in regard to the life of men, which
on no account one must spread abroad, I will keep to myself, holding such
things shameful to be spoken about. (One Portion of the Hippocratic Oath
- Hippocrates, circa 400 B.C.)
From: David RR
Webber (XML) [mailto:firstname.lastname@example.org]
Sent: Thursday, February 16, 2006
Subject: [ihc] SAML 2.0 and
Does anyone know how - and if at all - this fits with IHE/XDS ?
Ping Identity and MedCommons Use SAML 2.0 for Electronic Health Record
Staff, Ping Identity Announcement
Ping Identity and MedCommons have announced a partnership to develop
secure, standards-based, single sign-on solutions for multi-location
electronic health record access and storage. Both Ping Identity and
MedCommons are committed to SAML 2.0 as the standard of choice for
secure authentication precisely because it provides for the convergence
of non-interoperable standards that support Web SSO. After significant
testing of alternative providers, MedCommons determined that
PingFederate Version 3 was the easiest SAML 2.0 product to acquire,
install, configure, integrate, and deploy. MedCommons quickly integrated
PingFederate v3 into their medical data network and secure storage
solution, enabling Web SSO using SAML 2.0. "Ping Identity's products and
services help organizations easily and cost effectively bridge security
domains across partner, supplier and customer organizations by providing
secure Web SSO. MedCommons has developed the first standards-based
system capable of communicating with and transferring image and
non-image data among Personal Health Records, Electronic Health Records
(EHR) and national healthcare IT systems."
See also the PingTrust announcement: http://www.pingidentity.com/news/show/119