1 NIST NwHIN Testbed
Mar 27, 2015
1
NIST NwHIN Testbed
2
What's NwHIN
The nationwide health information network is a set of standards, services and policies that enable secure health information exchange over the internet.
3
Purpose
To provide testing tools for NwHIN Specifications.
4
Specifications
Authorization Framework Production Specification V1.0– SAML, CERTS
Messaging Platform Production Specification V2.0– SAML
Patient Discovery Production Specification V1.0– IHE_XCPD
Query for Documents Production Specification V2.0– IHE_XCA
Retrieve Documents Production Specification V2.0– IHE_XCA
5
Tool Support for Specs
Make NIST tools available for testing
Started with the 3 distinct toolsXD* toolsPix/Pdq toolCDA Validator
6
Support for Specs
Our tools worked at document and message level
Tooling failed because of soap header requirementsLack of SAML support.
Validated messages from Log files
7
Initial Approach to Improving theTools
Add SAML to the IHE Pix/Pdq and XD* tools Keep them as separate tools.
Some Problems
Difficulty with maintaining tools in two locations.Need to modify some of the tools for gateway testing.
8
NIST XD* Tools
StrengthsQuery SupportRetrieve SupportHTTP, SOAP support
WeaknessMissing SAML
NIST IHE Pix/Pdq Tool
Weakness Missing SAML, Fragile Soap Handler
StrengthsXCPD MessageType SupportPRPA_IN201305UV02PRPA_IN201306UV02
Tool Review
9
Current Approach
Combine what we have into one testbed.
Expanding the XD* tooling framework into aNHIN tooling testbed.
Use What We Have
Using the message validator from IHE Pix/Pdq tool.
Take advantage of the XD* infrastructure
10
What's Done Now
11
Next area of focus is xcpd simulators
12
Find Patients Simulator
13
SAML Tool
Tool being developed by a contractor, Metrix Technologies
•Message Validator with SAML option
•Simulator with SAML option.
14
SAML Tool
Tool being developed by Contractor Matrix
15
SAML Validator Output
16
Initial Focus is Validation
Insert assertion graphic as example of whats tested.Keep it focused
17
Rampart used in Simulators
Rampart work is just starting.
Rampart handles the digital signatures but the assertion Rules need to be done by hand.
18
Benefits For NIST
Leverage what we haveReduce development timeBetter tool support
Benefits For Users
One place for security checksUnified look and feelXD* tool currently used by NwHIN
19
Team Members
Diane Azais - NIST Guest ResearcherPatient Discovery Standards Analyst, Use Case Developer
Mary Laamanen - NIST Computer ScientistPatient Discovery and CDA Validation Implementor
Bill Majurski – NIST Electronics EngineerToolbed Architect
Gavin O'Brien – NIST Computer ScientistProject Lead, SAML Tooling
Linan Wang – NIST Guest ResearcherPatient Discovery Simulation Implementor