On the usage of SAML delegate assertions in an healthcare scenario with federated communities

Abstract

The importance of the Electronic Health Record (EHR) has been addressed in recent years by governments and institutions. Many large scale projects have been funded with the aim to allow healthcare professionals to consult patients data in different organizations. Concepts like interoperability, security and confidentiality are the key for the success for these projects. The Integrating the Healthcare Enterprise (IHE) initiative promotes the coordinated use of established standards for authenticated and secure EHR exchange amongst clinics and hospitals or even regions. For these scenarios, the problem of having authenticated transactions is crucial, in order to provide a form of authorization while accessing patient healthcare information. The IHE initiative addresses the problem by mean of SAML assertions, i.e. XML documents containing authentication statements. In this paper, we focus on the problem of propagating the authentication information of healthcare professionals amongst hospitals or regions (in the IHE jargon, communities) by relying on the delegation mechanism introduced by SAML. © 2011 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering.