From the Blogosphere
‘Real Me’ as-a-Service: Cloud Privacy by Design for E-Health
The risks related to data privacy
Dec. 6, 2012 06:45 AM
Naturally one of the critical areas specified in the Canadian E-Health Cloud strategy document is the risks related to data privacy.
Specifically in section 8, from page 42 through 49, they describe the comprehensive standards, audit and certification frameworks that will be required to protect this next major phase of Cloud adoption.
CHI point to the number one risk issue cited by CIOs – Fears of inadequate data privacy protections, and they describe the various component parts what is required to address these risks including due diligence procedures and state of the art privacy controls.
Throughout the document they also identify the technologies needed to achieve compliance with these new capabilities, such as Federated Identity and Consent Management applications, that they describe as new ‘greenfield’ apps for them.
We can see an example of this through the Real Me service from the New Zealand Government. Developed in conjunction with their national postal service they have deployed a novel service for online Identity authentication and related access, with over 40 different government service providers unified into delivery for half a million users.
This implements an ‘iCMS‘ – Extended Authentication Context Management Service, that utilizes a security token service based on WS-Trust Messaging and SAML tokens, Identity open standards from OASIS, enabling:
These trends will have uniquely dramatic changes to how software architecture is designed and implements, as ‘Cloud SOA’ will emerge by utilizing this plumbing, features the NZL Government such as a “privacy domain bus” for managing exchanges of data between applications.
Latest Cloud Developer Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week