Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • Context Is Everything FURTHeR's Contextualized Security Framework

    Enviado por

    AMIA
    29 visualizações1 página
    2013 Summit on Clinical Research Informatics

    Título original

    Context is Everything FURTHeR's Contextualized Security Framework

    Direitos autorais

    © Attribution Non-Commercial (BY-NC)

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    2013 Summit on Clinical Research Informatics

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    29 visualizações1 página

    Context Is Everything FURTHeR's Contextualized Security Framework

    Enviado por

    AMIA
    2013 Summit on Clinical Research Informatics

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 1

    Context is Everything: FURTHeR's Contextualized Security Framework

    N. Dustin Schultz, MS , Richard L. Bradshaw, MS , and Joyce A. Mitchell, PhD


    1 1 1 1

    Department of Biomedical Informatics, University of Utah, Salt Lake City, UT, USA

    What is FURTHeR? FURTHeR is the Federated Utah Research and Translational Health electronic Repository. Empowers researchers with a linked virtual repository integrating biological, clinical and demographic data in realtime. Part of the Biomedical Informatics Core at the University of Utahs Center for Clinical and Translational Science (CCTS). Challenges Security is an important cross-cutting concern. Data sources use different usernames, different authorization methods, and different access control mechanisms. Methods Extend popular Spring Security Framework. Current context of execution is considered when applying security. Each context reauthenticates and reloads context-specific user properties, roles, groups, and privileges.

    Unauthenticated
    Authentication System

    Authenticated to FURTHeR
    Security Module FURTHeR Namespace

    Benefits Authorization happens at multiple levels (within each context). Can handle complex security requirements. Allows for arbitrary collection of attributes to aid in security decisions. Can be selectively applied, does not require all or nothing implementation. Conclusion

    CAS

    Federated Query Engine


    LDAP

    SAML
    Subscribed

    Request Topic
    Subscribed

    Successfully utilized security framework to meet the needs of federating data between the University of Utah and Intermountain Healthcare.

    Data Source 1
    y t i r u c e S t n Differe d a o l s t x e t n Co , s e l o R t n e r diffe , s p u o r G , s e i t r e Prop s d r o w s s a P and

    Data Source 2

    Security Module DS 1 Namespace


    Data Source Adapter Data Source Adapter

    Some data sources do not require explicit authorization beyond FURTHeR's Context
    Acknowledgements
    This investigation was supported by Public Health Services research grant 5UL1RR025764 from the NCRR and the NCATS, by Department of Health and Human Services grant 1DBRG29425-01 and funds provided by the University of Utah Research Foundation.

    Contact Information
    Dustin Schultz dustin.schultz@utah.edu

    Você também pode gostar