--
You received this message because you are subscribed to the Google Groups "OpenHIE Architecture" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ohie-architect...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups "OpenHIE Architecture" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ohie-architect...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
I know I’m like a dog with a sock regarding this point, but I believe the thread is discussing how the PR would enable us to centralize authorization information… but not authentication information.
Sorry for being such a stickler on this point.
Derek.
Derek Ritz, P.Eng., CPHIMS-CA
ecGroup Inc.
This communication is intended only for the party to whom it is addressed, and may contain information which is privileged or confidential. Any other delivery, distribution, copying or disclosure is strictly prohibited and is not a waiver of privilege or confidentiality. If you have received this telecommunication in error, please notify the sender immediately by return electronic mail and destroy the message and any attachments.
--------------------------------------------------------------------------------
Le présent courriel et les documents qui y sont joints sont confidentiels et protégés et s'adressent exclusivement au destinataire mentionné ci-dessus. L'expéditeur ne renonce pas aux droits et privilèges qui s'y rapportent ni à leur caractère confidentiel. Toute prise de connaissance, diffusion, utilisation ou reproduction de ce message ou des documents qui y sont joints, ainsi que des renseignements que chacun contient, par une personne autre que le destinataire prévu est interdite. Si vous recevez ce courriel par erreur, veuillez le détruire immédiatement et m'en informer.
--
You received this message because you are subscribed to the Google Groups "Provider Registry" group.
To unsubscribe from this group and stop receiving emails from it, send an email to provider-regis...@googlegroups.com.
I know I’m like a dog with a sock regarding this point, but I believe the thread is discussing how the PR would enable us to centralize authorization information… but not authentication information.Sorry for being such a stickler on this point.Derek.Derek Ritz, P.Eng., CPHIMS-CAecGroup Inc.This communication is intended only for the party to whom it is addressed, and may contain information which is privileged or confidential. Any other delivery, distribution, copying or disclosure is strictly prohibited and is not a waiver of privilege or confidentiality. If you have received this telecommunication in error, please notify the sender immediately by return electronic mail and destroy the message and any attachments.
--------------------------------------------------------------------------------
Le présent courriel et les documents qui y sont joints sont confidentiels et protégés et s'adressent exclusivement au destinataire mentionné ci-dessus. L'expéditeur ne renonce pas aux droits et privilèges qui s'y rapportent ni à leur caractère confidentiel. Toute prise de connaissance, diffusion, utilisation ou reproduction de ce message ou des documents qui y sont joints, ainsi que des renseignements que chacun contient, par une personne autre que le destinataire prévu est interdite. Si vous recevez ce courriel par erreur, veuillez le détruire immédiatement et m'en informer.
From: provider...@googlegroups.com [mailto:provider-regi...@googlegroups.com] On Behalf OfCarl Leitner
Sent: October 16, 2013 12:20 PM
To: ohie-arc...@googlegroups.com; Provider Registry Google Group
Subject: Re: Authenticating and authorizing service account
--
You received this message because you are subscribed to the Google Groups "Provider Registry" group.
To unsubscribe from this group and stop receiving emails from it, send an email to provider-regis...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Provider Registry" group.
To unsubscribe from this group and stop receiving emails from it, send an email to provider-regis...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "OpenHIE Architecture" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ohie-architect...@googlegroups.com.
From: Derek Ritz
Sent: Oct 16, 2013 11:01 PM
To: ohie-arc...@googlegroups.com
Cc: Provider Registry Google Group , r.fri...@mindspring.com
Subject: Re: Authenticating and authorizing service account
-----Original Message-----
From: Derek Ritz
Sent: Oct 17, 2013 3:59 PM
To: r.fri...@mindspring.com
Subject: Re: Authenticating and authorizing service account
Warmest regards,Thanks, Roger, for asking probing questions and for raising the level of the discourse!Roger, you say that this architecture, by which I assume you mean the OpenHIE architecture, takes us away from our experience. This may be true. So far, at least, our experience in Rwanda has largely been to share OpenMRS PoS information using an OpenMRS SHR. I would contend, however, that this is because we are early in the evolution of this infrastructure -- not because that is all the infrastructure is designed to do. I don't share the view that we need to fundamentally rethink how our puzzle pieces operate or how they fit together. In fact, some of our most crucial puzzle pieces (IL and SHR) will really start to come into their own as our use cases and our edge nodes grow and evolve from the ones we started out with. We are also, only now, starting to embrace the PoS interface standards that will lead to system-to-system interoperability supporting continuity of care. This will be, I think, quite a bit less daunting and significantly more scalable than the PoS-specific ITL engine you describe in your last paragraph (below).I think it is dangerous to refer to OpenMRS as our primary PoS product. The fact that it is the only one we are presently connected to should not imply that OpenHIE is "designed for OpenMRS" as its PoS. To do so would fundamentally undermine the HIE's value proposition as an integration and sharing infrastructure. On the registry and repository side, it is fairer to say that we leverage "HPD" than that we leverage iHRIS and, as things evolve, it may be more accurate to say we're leveraging CSD than DHIS (or Resource Map) and XDS more than OpenMRS (as our SHR, in this case). These interfaces allow different products to be employed as our repositories and registries and in every case, the transactions are what are conformance testable. Our adoption of these, except for HPD, is still pretty nascent -- but I think that is the stated direction as we move forward. To be clear, though, employing the PR for authorization is really going to be more about leveraging provider attributes in our IL orchestration than about setting "access rights". As is noted in IHE's HIE white paper (http://www.ihe.net/Technical_Framework/upload/IHE_ITI_White-Paper_Enabling-doc-sharing-through-IHE-Profiles_Rev1-0_2012-01-24.pdf) "HPD does not support attributes intended directly for Access Control".Hi Roger.You have raised a number of important (and insightful) issues. Let's pace thru them. First -- you are completely correct that, if we are going to leverage the IL and PR in the way that is contemplated in the PPT, we will need to have transactions that operationlize registry maintenance. There are IHE profiles (e.g. PAM for client registry, HPD for provider registry, CTS for terminology maintenance) that do this. Although there are OMG and HL7v3 transactions for doing facility registry maintenance, there is not (presently) any IHE profile. This is a gap... and perhaps an opportunity.
The crawl, walk, run strategy was not an unsound one... and it doesn't mean that all our HIE knows how to do is crawl... ;-)
Derek.
--
You received this message because you are subscribed to a topic in the Google Groups "OpenHIE Architecture" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ohie-architecture/NfWkWVcywjM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ohie-architect...@googlegroups.com.
--
Derek Ritz
----------------
This email may contain confidential information intended only for the recipient. If you receive it by accident, please delete it.
You received this message because you are subscribed to the Google Groups "OpenHIE Architecture" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ohie-architect...@googlegroups.com.
<CSD><providerDirectory><provider oid='2.25.1231231232112328988979888312321321'><extension type='authorization' oid='2.25.309768652999692686176651983274504471835'><!-- DETAILS ON AUTHORIZATION GO HERE--></extension></provider></providerDirectory></CSD>