20150716 - Meeting minutes, Thursday, July 16th, 2015 - OpenNCP integration with eID

OpenNCP integration with eID

 

Estimated - 13:00 to 14:00 CEST

Performed - 13:00 TO 14:20 CEST

AGENDA

  1. Overview
  2. Spec, design and Development
  3. AOB

 

 

LOCATION

- Wiki+ WorkBench + AdobeConnect

PARTICIPANTS

Today's Meeting Participants:

Rui Alves <rui.alves@spms.min-saude.pt>,

Licinio Mano <licinio.mano@spms.min-saude.pt>,

Joao Goncalves <joao.cunha@spms.min-saude.pt>

Jerome Subiger <jerome.subiger@ext.ec.europa.eu>,

Stéphane Spahni <stephane.spahni@hcuge.ch>,

Kostas Karkaletsis <k.karkaletsis@gnomon.com.gr>,

Ioannis Petrakis <petrakis@ics.forth.gr>, 

Michele Foucart <Michele.FOUCART@ext.ec.europa.eu>,

Massimiliano Masi <massimiliano.masi@tiani-spirit.com>,

Robert Scharinger <Robert.Scharinger@bmg.gv.at>,

Sören Bittins <soeren.bittins@fokus.fraunhofer.de>,

[Not able to attend]: Daniele Crespi <Daniele.Crespi@lispa.it>,

 

Invited Members List:

(Holidays) Alexandre Santos <alexandre.santos@spms.min-saude.pt>,

(Holidays) Tomé Vardasca <tome.vardasca@spms.min-saude.pt>,

(Holidays) Markus Kalliola <markus.kalliola@ec.europa.eu>,

MEETING NOTES

 

0. Overview

      • Work Scope

        • Understand the scope of the integration of eID (from e-SENS) into OpenNCP.
      • Time Scope: 
        • OpenNCP Release with LARMS integrated (Level 1) until End of July.

        • New release OpenNCP 2.X.X, foreseen for __________ 2015.


1. Relevant Documentation (What's gathered so far)

    • e-SENS Video: Short demonstration of the eID use-case from e-SENS (LARMS): to be made available.

The eID approach: The different levels

 

Level (Requirements)ModePilotAction by PatAttributes 
Level 0Manual input in the portal.epSOSMinimum D3.6.2  

Level 1

(disconnected mode possible)

LARMS

?? (eSENS eHeath OpenNCP 2.3.0 – floting  componento any portal

Pat gives card, does not type; 

Surname given name gender unique (health) identifier; Varies with each country*

RISK: not 100% sure individual ID

Level 3

(connection to internet and to Country A is needed/national PKIs via centraized service)

LAMb+Pat action

 

Patient confirms (mobile key; Pins of the card)

 

Allows “signed consent”

Authetication is possible

Level 4

(Does not use local functions of the card, uses online “information”; access to PEP)

DCA  Distributed CrossB Authentication

Stork II

Patient confirms (mobile key; Pins of the card) in a PC at the PoCare)

(atributes in the “assertion are the key issue”)

Confirms with National PKI everything;

Confirmes eIDAS.

Level 5

.Advanced Mobile APP solution  (AMAPP)

 

Use their mobile phone for full autentication without card need

  




2. Spec, design and Development

 

Level 1 (LARMS): Read attributes from patient's cards (through card readers at the Point of Care) and place those attributes in the patient search mask fields of the portal so that the professional doesn't need to enter manually the patient's identifiers.

Stéphane Spahni: Question is: how long will last the smart cards?

Licinio Kustra Mano We would need to jump to level 3 or 4...

Stéphane Spahni: in the future we need to consider non-smart-cards scenarios...

 

Licinio Kustra Mano: Comments?

Kostas Karkaletsis: Might be an overlapping between e-SENS and STORK.

This is for Patient Identification not Professional...

Licinio Kustra Mano: Not totally working at the level of browser. In the video there is a download of an agent... It is able to connect to the card reader and sends that info to the Portal.

The LARMS It's independent and needs to be downloaded (http that provides the Portal for instance). Local standalone mode.

Ioannis Petrakis: Is LARMS able to extract info from cards that require PIN for data extraction?

Licinio Kustra Mano: We need to move to other level - with private attributes. Patient may need to enter the PIN - card readers need to be more sofisticated. We need to go to Level 2. Here we have a security enhancement.

It may free some private info on the cards, if needed.

Stéphane Spahni: It is built on top of LARMS?

Licinio Kustra Mano: Level 2 is built upon LARMS with a new component... coming from e-SENS. Level 3 needs a third party confirmation...

 

Level 4: How can we jump to STORK? Needs a STORK National Portal... Does not use local functions of the card, uses online "information"; access to PEP.

Concern: Integration with STORK.

Physicians enter the Portal, identifies the country...

Soeren Bittins: There is no need for this international search mask beacuse the background system will identify automatically this...

Licinio Kustra Mano: We still count on Smart Cards right?

Soeren Bittins: Yes. They would have to identify the country of affiliation... 

Licinio Kustra Mano: How can we achieve the level 4?

Soeren Bittins: If we can connect to STORK, we can connect to eIDAS...

Licinio Kustra Mano: What is needed on the OpenNCP side to have LARMS available.

Next month: work on the next levels...

What could be the integration strategy? LARMS has an exe file and needs to be connected to a tool (Card reader)...

Kostas Karkaletsis This is a client implementation - only for the Portal, not a new component...

Countries that does not use Reference OpenNCP Portal will not be able to use...

Licinio Kustra Mano: this is a component that works independently.

Stéphane Spahni: The info extracted has to be placed in the Search Mask, and this link is .. with the Portal

Licinio Kustra Mano: The ones that use specific portals, will have an integration on that portal. Doesn't rely on Liferay, relies on the component... It is used by the Portal.

How can the community access to code, ...

Soeren Bittins: I am waiting for the PNs to test, about the browsers. As soon as I got the OK, we will hand it over perhaps in the next week.

Licinio Kustra Mano: Can we start using the current version?

Rui Alves (Unlicensed): Put the information in the minutes: links... Request to Soeren: where to direct people to this information and materials?

Licinio Kustra ManoStéphane SpahniKostas Karkaletsis and Alexandre Santos will work on the integration...

 

3. AOB

NEXT MEETING - Thursday, Jul 23rd 2015  14:00 CEST - 30 min call.

 

Let's wait until we have inputs from Soeren.


Today's meeting actions

        •