The TrustHub is a set of open-source, standards-based software capabilities — based on Web Services, Higgins Ontology Web Language (HOWL), XML, HL7, Apache Struts, JBoss Application Server 4.2.3.GA, MySQL 5.0, Eclipse Ganymede, OpenVistA SemiViVa, and JDK 1.5 — that demonstrate how a web services architecture solves the problem of physician/care-provider identity interoperability and portability in a healthcare federation that is readily extensible, secure, and preserves privacy.
Background
The MITRE Corporation was engaged in a two-year digital identity management research activity (April 1, 2007 to July 31, 2009) that was managed by Dartmouth College's Institute for Information Infrastructure Protection (I3P) under a Department of Homeland Security, Science and Technology Directorate grant (2006-CS-001-000001).
MITRE was the Principal Investigator of the Safeguarding Digital Identity research collaboration with Cornell University, Georgia Institute of Technology, Purdue University, SRI International and the University of Illinois at Urbana-Champaign.
Each organization conducted research in accordance with this mission statement: Research, analyze and prototype digital identity management (IdM) solutions that allow sharing of identity-related information across organizations in ways that are sufficiently accurate, cost-effective, secure and privacy respecting.
The research directions taken by the member organizations are described on the I3P's website.
MITRE conducted two threads of research:
- Enabling Capabilities and Web Services for a Healthcare TrustHub.
- A Trust Framework: The SPICI (Sharing Policy, Identity, and Control Information) Approach to Negotiating Identity Federation and Sharing Agreements.
News and Announcements
On September 23, 2010 at 3:00-4:00 PM (EDT) the eCitizen Foundation will host an eLearning Session to discuss how the TrustHub can be leveraged as a healthcare identity sharing platform.
The eCitizen Foundation is a community steward who has offered to maintain, mature, and leverage the TrustHub.
Use Scenario
TrustHub Web Services and Capabilities
The TrustHub provides several prototypic enabling web services and capabilities (illustrated in the figure below):
- Capabilities that support physician (care provider) authentication (i.e.,
log in) to his/her local healthcare portal (Domain/Hospital A), patient lookup
and information retrieval in that portal, and secure communication of information
requests and retrievals over the Internet from the local to a remote healthcare
portal managed by an unaffiliated healthcare provider (Domain/Hospital B). These
capabilities include:
- A mock up of a healthcare portal.
- A physician (care provider) authentication (log in) capability that is supported by a small database of sample physicians (and their identifying information) who are authorized to access the healthcare portal.
- A capability to authorize physicians (care providers) to access patient information in the portal that is supported by a small database of sample patient information.
- A capability to formulate a secure and certified request over the Internet using a Security Assertion Markup Language (SAML) assertion over a SOAP message to retrieve a patient medical record from an unaffiliated healthcare provider.
- Services to support managing physician (care provider) identity data by a
central authority — the TrustHub. These services include:
- A Standard Physician (care provider) Identity Model Database: This is a central repository of identity information for physicians (care providers) that is managed and controlled by issuing certificates to participating third parties. This allows restricted access to the identity information and controls the release of attributes and assertions needed for the third parties to determine whether patient record information may be shared. The model is an extended version of Higgins Ontology Web Language (HOWL) and uses attributes taken from Health Level 7 (HL7).
- Put Physician Data Web Service (or a Put Web Service): This service allows any medical information system to convert its representation of a physician's/care provider's identity to a standard physician identity model and deposit (put) it into the Standard Physician Identity Model Database.
- Get Physician Data Web Service (or a Get Web Service): This service allows any medical information system to a retrieve (get) a physician's/care provider's identity from the Standard Physician Identity Model Database.
- Services to support restricted access to patient medical record information
maintained in Domain/Hospital B. These services include:
- A Patient Record Web Service: This service merely provides an externalized definition of a patient record to support patient record search and retrieval among different healthcare providers.
- A capability to authorize access to patient information requests made via the Patient Record Web Service.
- A Connector that provides the interface between WorldVistA — an open source implementation of the Veteran Administration's Electronic Health Record system — and the Put Physician Data Web Service.
TrustHub Web Services and Capabilities
Healthcare Scenario Overview
A hypothetical entity called the TrustHub has organized and formed a federation of healthcare providers with an initial membership of Hospital A and Hospital B. The TrustHub provides certificates of membership to federation members and a set of web services to interact with the TrustHub infrastructure. At the core of the TrustHub is a Standard Physician (care provider) Identity Model that is a repository of physician identity information. The TrustHub has published interfaces to its two primary web services, which authenticate physicians (care providers) and manage physician (care provider) identity information:
- Put physician (care provider) identity information into the TrustHub repository.
- Get physician (care provider) identity information from the TrustHub repository.
Hospital A has registered its physicians (care providers) with the TrustHub via the Put Web Service.
A care provider at Hospital A is providing medical care to a patient who has also received specialized medical care at Hospital B.
The care provider logs into Hospital A's healthcare portal and begins to issue queries of the patient's health records maintained within Hospital A. The care provider also issues queries of the patient's health record that are maintained elsewhere in the TrustHub federation at Hospital B.
Healthcare TrustHub Demonstration Walkthrough (PDF) provides a walkthrough of the scenario described above.
Component Descriptions
There are three main components of the prototypic capabilities and Web Services provided by the TrustHub. Each component corresponds to a different trust domain:
- Capabilities that support physician authentication (i.e., log in) to his/her local healthcare portal (Domain/Hospital A), patient lookup and information retrieval in that portal, and secure communication of information requests and retrievals over the Internet from the local portal to a remote healthcare portal managed by an unaffiliated healthcare provider (Domain/Hospital B).
- Capabilities and Web Services — collectively called the TrustHub — to support the management of physician digital identity data by a certifying authority. These include a Standard Physician Identity Model and a Put Physician Data Web Service and a Get Physician Data Web Service to interact with physician identity information.
- Capabilities and Web Services at a healthcare portal to service information requests made over the Internet from an unaffiliated healthcare portal. These include a Patient Record Web Service to manage and fulfill healthcare information requests made over the Internet, a capability to authorize access to patient information requests made via the Patient Record Web Service, and a Connector that provides the interface between WorldVistA and the Put Physician Data Web Service.
Healthcare TrustHub: Capabilities and Web Services for Physician Identity Management (PDF) provides the design, technical architecture and implementation approach of the TrustHub.
Healthcare TrustHub Source Code Readme (TXT) provides a description of the TrustHub source code and executable archives.
TrustHub Notice
Copyright 2010, The MITRE Corporation. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the “License”); you may not use these files except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
The TrustHub is a set of open-source, standards-based software capabilities — based on Web Services, Higgins Ontology Web Language (HOWL), XML, HL7, Apache Struts, JBoss Application Server 4.2.3.GA, MySQL 5.0, Eclipse Ganymede, OpenVistA SemiViVa, and JDK 1.5 — that demonstrate how a web services architecture solves the problem of physician/care-provider identity interoperability and portability in a healthcare federation that is readily extensible, secure and preserves privacy.
The TrustHub was developed under a research activity supported by the U.S. Department of Homeland Security under Grant Award Number 2006-CS-001-000001, under the auspices of the Institute for Information Infrastructure Protection (I3P).
The I3P is managed by Dartmouth College. The TrustHub represents concepts and constructs of the MITRE developers and should not be interpreted as necessarily representing the official policies, either expressed or implied, of the U.S. Department of Homeland Security, the I3P, or Dartmouth College.
Approved for Public Release; Distribution Unlimited. MITRE Case Number 10-1597.
TrustHub License
The TrustHub is licensed under an Apache License: TrustHub Apache License (PDF).