20150626 - Meeting minutes, Tuesday, June 26th, 2015 - OpenNCP integration with SMP
OpenNCP integration with SMP
26th June
Estimated - 13:00 to 14:00 CEST
Performed - 13:00 to 14:00 CEST
AGENDA
1.Central Configuration Service Refactoring
2. AOB
3. Next meetings
- Wiki+ WorkBench + AdobeConnect
- AdobeConnect:
http://ec-wacs.adobeconnect.com/openncp/
Room Passcode: ask Rui Alves (Unlicensed) or markus.kalliola
----------------
If you have never attended an Adobe Connect meeting before:
Test your connection: http://ec-wacs.adobeconnect.com/common/help/en/support/meeting_test.htm
Get a quick overview: http://www.adobe.com/products/adobeconnect.html
Adobe, the Adobe logo, Acrobat and Adobe Connect are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.
----------------
PARTICIPANTS
Today's Meeting Participants:
Licinio Mano <licinio.mano@spms.min-saude.pt>,
Markus Kalliola <markus.kalliola@ec.europa.eu>,
Jerome Subiger <jerome.subiger@ext.ec.europa.eu>,
Michele Foucard <Michele.FOUCART@ext.ec.europa.eu>,
Kostas Karkaletsis <k.karkaletsis@gnomon.com.gr>,
João Cunha <joao.cunha@spms.min-saude.pt>,
Marcello Melgara <Marcello.Melgara@cnt.lispa.it>,
Invited Members List:
Rui Alves <rui.alves@spms.min-saude.pt>,
Yacoubou Waolany <yacoubou.waolany@ext.ec.europa.eu>,
Stéphane Spahni <stephane.spahni@hcuge.ch>,
Massimiliano Masi <massimiliano.masi@tiani-spirit.com>,
Gwenaelle Quivy <Gwenaelle.QUIVY@ext.ec.europa.eu>,
Isabel Cruz <isabel.cruz@iuz.pt>,
Marko Peric <marko.peric@hzzo.hr>,
Ljubi Igor <Igor.Ljubi@hzzo.hr>,
Heiko Zimmermann <Heiko.Zimmermann@agence-esante.lu>,
Ioannis Petrakis <petrakis@ics.forth.gr>,
Alexandre Santos <alexandre.santos@spms.min-saude.pt>,
Karima Bourquard <karima.bourquard@ihe-europe.net>,
Alexander Berler <a.berler@gnomon.com.gr>,
Steen Manniche <steen@manniche.net>,
Konstantin Hypponen <konstantin.hypponen@kela.fi>,
Alen Vrecko <Alen.Vrecko@nijz.si>,
Marcelo Fonseca <ruimarcelofonseca@gmail.com>,
Gottfried Heider <gottfried.heider@ehealthcon.at>,
Ivo Pinheiro <ivospinheiro@gmail.com>,
Juergen Wehnert <juergen.wehnert@gematik.de>,
Dimitrios G. Katehakis <katehaki@ics.forth.gr>,
Olaf Rode <olaf.rode@fokus.fraunhofer.de>,
Thomas Fleischmann <thomas.fleischmann@bmg.gv.at>,
Robert Scharinger' <Robert.Scharinger@bmg.gv.at>,
Agius Muscat Hugo at MEH-IMU-Health <hugo.agius-muscat@gov.mt>,
Kenn Schultz Nielsen <KSN@ssi.dk>,
Sören Bittins <soeren.bittins@fokus.fraunhofer.de>,
Gareth Woodham <Gareth.Woodham@ehalsomyndigheten.se>,
Fredrik Linden <fredriklinden1@gmail.com>,
Samuel Danhardt <Samuel.Danhardt@agence-esante.lu>,
Giorgio Cangioli <giorgio.cangioli@gmail.com>,
Jussi Lemmetty <jussi.lemmetty@kela.fi>
Aarne Roosi <Aarne.Roosi@affecto.com>,
Arnaud Gaudinat <arnaud.gaudinat@hesge.ch>,
Belani Hrvoje <Hrvoje.Belani@hzzo.hr>,
Gergely Heja <heja.gergely@eski.hu>,
Oskari Kettinen <oskari.kettinen@kela.fi>,
Maarten Festen <maarten.festen@ihe-europe.net>
Mate Beštek <mate.bestek@gmail.com>,
Norbert Repas <norbert.repas@elga.gv.at>,
Patrick Ruch <Patrick.Ruch@unige.ch>,
Tomaz Cebular <Tomaz.Cebular@ivz-rs.si>,
Catherine Chronaki<chronaki@gmail.com>,
Matic Meglic<matic.meglic@nijz.si>,
Mate Beštek <matebestekpro@gmail.com>,
Merik Seven <seven@nictiz.nl>,
João Francisco Marques <joaof.marques@spms.min-saude.pt>,
Gwenaelle Quivy <Gwenaelle.QUIVY@ext.ec.europa.eu>,
Philippe Loopuyt <Philippe.Loopuyt@ec.europa.eu>,
EXPAND Wp5 <expand-wp5@spms.min-saude.pt>,
Stathis Andronikos <stathis.andronikos@gmail.com>,
Luca Pagliara <luca.pagliara@cnt.lispa.it>,
MEETING NOTES
0.Central Configuration Service Refactoring
Today is the first focused meeting on this topic.
- Specify (what we as an eHealth NCP expect) and test an alternative implementation to the current Central Configuration Services, based on e-SENS ABBs (Capability Lookup and Service Location)
- Provided by and EXTERNAL partner (in e-SENS will be a Greek partner, for long term CEF will be DG-DIGIT)
- ??? To be conform with ISO 27001---- to be confirmed.
- Take in consideration the epSOS security Req&Baselines for central services.
- NO responsibility (for OpenNCP) to implement or deploy the Service.
- Update the OpenNCP to adopt the new Central Configuration Service
- To be conform to the definition of ATNA secure node. (epSOS D3.7 - get this deliverable)
- PHI - Protected Health Information
- New release OpenNCP 2.3.0, foreseen for September 2015.
- To be conform to the definition of ATNA secure node. (epSOS D3.7 - get this deliverable)
- Specify (what we as an eHealth NCP expect) and test an alternative implementation to the current Central Configuration Services, based on e-SENS ABBs (Capability Lookup and Service Location)
SMP:
White paper on SMP and requirements for eHealth:
Examples of SMP files:
- FinIdentityByTraitsServiceInformationSigned.xml
- OrderServiceServiceInformation.xml
- PatientServiceListServiceInformation.xml
- SAMLIssueServiceInformation.xml
BDXR:
- OpenNCP early Analysis: https://openncp.atlassian.net/wiki/x/j4DyAg
- GOAL: Replace the current Central Configuration Services (TSL Editor, TSL-Sync, TSL Files)
- USE SMP to convey public information of TSL (Certificates, End Points) and International Patient Search Mask;
- TSL files should be removed and replaced by SMP Signed Information files.
- (Maybe not to delete the TSL EDITOR, explore TSL EDITOR to prepare the information to submit to the SMP )
- INTEGRATE a REST client to CRUD the information...
- About "International Patient Search Mask", how to include on the SMP configs
- Can be a child on an XML node on the SMP file.
- USE SMP to the establishment of VPN
- Certificates, End Points and OpenSwan Config (PRIVATE)
- OUT OF SCOPE BY NOW - Automate the configuration of OpenNCP
- USE SMP to convey public information of TSL (Certificates, End Points) and International Patient Search Mask;
- Technical Requirements List FROM the eHealth domain, for SMP provision:
- MANDATORY
- R1. The TSL (Certificates, End Points);
- R.2 The International Patient Search Mask (what the format intended);
- OPTIONAL
- R.3 Store OpenSwan Config in PRIVATE area;
- R.3.1 PRIVATE area means of AuthN & AuthZ;
- MANDATORY
- Technical Requirements List FOR OpenNCP adoption:
- TSL files should be removed and replaced by SMP Signed Information files.
- (Maybe not to delete the TSL EDITOR, explore TSL EDITOR to prepare the information to submit to the SMP )
- INTEGRATE a REST client to CRUD the information...
- TSL EDITOR should be enhanced for "Configuration Editor" and produce any type of config file "TSL" but we are pointing to the "SMP SignedInformation files"
- OpenNCP Technical Specification (refactoring):
- OpenNCP modules refactoring:
- OpenNCP test plan recommendation:
- OpenNCP QA (should be performed by PNs), since no central NCP is available, or maybe we can use the EC NCP for this QA stage before release for PNs.
- OpenNCP Release (unleash the e-SENS Health Pilot 2º stage..... as well CEF compliance)
4. AOB
- Massimiliano Masi: Did you think to use any tool like vagrant or puppet for the automagic deployment of the OpenNCP?
- Massimiliano Masi: Did you think to use any tool like vagrant or puppet for the automagic deployment of the OpenNCP?
5. Next meetings
- OpenNCP - BiWeekly Meeting: Mon, Jun 29th 2015 13:00 CEST
- e-SENS eID Meeting : 2nd of July (all day) Vienna;
- OpenNCP integration with SMP: Friday, Jul 3rd 14:00 CEST
- OpenNCP - BiWeekly Meeting: Mon, Jun 29th 2015 13:00 CEST
Today's meeting actions
- Licinio Kustra Mano: Follow up minutes + Schedule next meetings.
- Licinio Kustra Mano: Communicate out the eHealth Domain requirements for Central Configuration Services, to be assessed by the e-SENS BB team;
- Kostas Karkaletsis and Joao Cunha: Initiate studying impact and integration strategy in OpenNCP