OpenNCP integration with eID

Estimated - 14:00 to 14:30 CEST

Performed - 13:00 to 14:30 CEST

AGENDA

a) Progress monitoring towards LARMS stable release;

b) Progress monitoring towards LARMS integration into OpenNCP bundle and release;

c) Early preparations for 2.3.0-RC1 (includes LARMS and other bug fixes - made since last release)

d) AOB: Scheduling f next meting, preferably during next week.

LOCATION

- Wiki+ WorkBench + AdobeConnect

Development Board: https://openncp.atlassian.net/secure/RapidBoard.jspa?rapidView=1
AdobeConnect:
- http://ec-wacs.adobeconnect.com/openncp/
  Room Passcode: ask Rui Alves (Unlicensed) or markus.kalliola
  ----------------
  If you have never attended an Adobe Connect meeting before:
  Test your connection: http://ec-wacs.adobeconnect.com/common/help/en/support/meeting_test.htm
  Get a quick overview: http://www.adobe.com/products/adobeconnect.html
  Adobe, the Adobe logo, Acrobat and Adobe Connect are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.
  ----------------

PARTICIPANTS

Today's Meeting Participants:

Alexandre Santos <alexandre.santos@spms.min-saude.pt>

João Gonçalves <joao.cunha@spms.min-saude.pt>

Jerome Subiger <jerome.subiger@ext.ec.europa.eu>

Michele Foucard <Michele.FOUCART@ext.ec.europa.eu>

Massimiliano Masi <massimiliano.masi@tiani-spirit.com>

Robert Scharinger <Robert.Scharinger@bmg.gv.at>

Sören Bittins <soeren.bittins@fokus.fraunhofer.de>

Invited Members List:

Tomé Vardasca <tome.vardasca@spms.min-saude.pt>

Ioannis Petrakis <petrakis@ics.forth.gr>

(Holidays) Rui Alves <rui.alves@spms.min-saude.pt>,

(Holidays) Licinio Mano <licinio.mano@spms.min-saude.pt>,

(Holidays) Stéphane Spahni <stephane.spahni@hcuge.ch>,

Kostas Karkaletsis <k.karkaletsis@gnomon.com.gr>,

Daniele Crespi <Daniele.Crespi@lispa.it>,

(Holidays) Markus Kalliola <markus.kalliola@ec.europa.eu>,

MEETING NOTES

0. Overview

- - Work Scope
    - Understand the scope of the integration of eID (from e-SENS) into OpenNCP.
  - Time Scope:

- - - OpenNCP Release with LARMS integrated (Level 1) until End of July.

1. Relevant Documentation (What's gathered so far)

- e-SENS Video: Short demonstration of the eID use-case from e-SENS (LARMS): to be made available.

The eID approach: The different levels

Level (Requirements)	Mode	Pilot	Action by Pat	Attributes
Level 0	Manual input in the portal.	epSOS	Minimum D3.6.2
Level 1 (disconnected mode possible)	LARMS	?? (eSENS eHeath OpenNCP 2.3.0 – floting componento any portal	Pat gives card, does not type;	Surname given name gender unique (health) identifier; Varies with each country*	RISK: not 100% sure individual ID
Level 3 (connection to internet and to Country A is needed/national PKIs via centraized service)	LAMb+Pat action		Patient confirms (mobile key; Pins of the card)		Allows “signed consent” Authetication is possible
Level 4 (Does not use local functions of the card, uses online “information”; access to PEP)	DCA Distributed CrossB Authentication	Stork II	Patient confirms (mobile key; Pins of the card) in a PC at the PoCare)	(atributes in the “assertion are the key issue”)	Confirms with National PKI everything; Confirmes eIDAS.
Level 5	.Advanced Mobile APP solution (AMAPP)		Use their mobile phone for full autentication without card need

2. Meeting Minutes:

- - Alexandre Santos: lists the developments from last week and further work for next week:
    - There are 2 tasks on OpenNCP Agile Board: GPB-65 - Getting issue details... STATUS and GPB-64 - Getting issue details... STATUS
    - The GPB-64 has one comment about the hosting of the FutureID client not being at the NCP-B but instead on the Liferay Tomcat
    - The GPB-65 is still under development and will delay, almost for sure, the availability of the new release on the 31 of July. There are issues with the use of JS (JQuery) with Liferay and JSF server-side pages.
    - The source code is under https://bitbucket.org/alexandresantos72/openncp-portal
  - Alexandre Santos: the next release will be postponed for 1 week, will inform all by email if there are good news about it.
  - Soeren Bittins: there were some problems in Italy with JQuery and old IE versions
  - Soeren Bittins: next Friday we'll have more news about the licencing of the FutureID client. There will be tomorrow a conference call with the team of Open eCard. No problem with eSens pilots but other entities that are not on eSens might have issues using the FutureID client.
  - Soeren Bittins: Liferay workflow (WorkFlow Manager) and session handling will be a problem. As an example, the same TRC can be used several times because it is cached on the Liferay. Another example is the Liferay orchestration of the business which is a security problem also.
  - Soeren Bittins: Italy is not using Portal so they are hard-coding/using hard-wiring orchestration. Along Italy, further eID implementations (new Levels) demand a new look towards the actual design of the OpenNCP.
  - Soeren Bittins: When we put all the orchestration in the OpenNCP Portal there are security problems that arise from that design. To complete the entire workflow (IHE workflows) there is the need to contact the Portal, which is not part of the NCP.
  - Massimiliano Masi: The email is explained about Direct Broker. The JS code is an example of how we can call a servlet to get an assertion. The need to get the eIdA with JS from the portal. See the last email from Masi.
  - Soeren Bittins: There will be a meeting on the 25th and it would be important for the OpenNCP community to be there.

3. AOB

NEXT MEETING - Start a DOODLE for the next meeting - August

- - - Alexandre Santos - prepare the new OpenNCP Portal Release with LARMS
    - Continue with the discussion about implementing LAM