20150716 - Meeting minutes, Thursday, July 16th, 2015 - OpenNCP integration with eID
OpenNCP integration with eID
Estimated - 13:00 to 14:00 CEST
Performed - 13:00 TO 14:20 CEST
AGENDA
- Overview
- Spec, design and Development
- AOB
- Wiki+ WorkBench + AdobeConnect
- AdobeConnect:
http://ec-wacs.adobeconnect.com/openncp/
Room Passcode: ask Rui Alves (Unlicensed) or markus.kalliola
----------------
If you have never attended an Adobe Connect meeting before:
Test your connection: http://ec-wacs.adobeconnect.com/common/help/en/support/meeting_test.htm
Get a quick overview: http://www.adobe.com/products/adobeconnect.html
Adobe, the Adobe logo, Acrobat and Adobe Connect are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.
----------------
PARTICIPANTS
Today's Meeting Participants:
Rui Alves <rui.alves@spms.min-saude.pt>,
Licinio Mano <licinio.mano@spms.min-saude.pt>,
Joao Goncalves <joao.cunha@spms.min-saude.pt>
Jerome Subiger <jerome.subiger@ext.ec.europa.eu>,
Stéphane Spahni <stephane.spahni@hcuge.ch>,
Kostas Karkaletsis <k.karkaletsis@gnomon.com.gr>,
Ioannis Petrakis <petrakis@ics.forth.gr>,
Michele Foucart <Michele.FOUCART@ext.ec.europa.eu>,
Massimiliano Masi <massimiliano.masi@tiani-spirit.com>,
Robert Scharinger <Robert.Scharinger@bmg.gv.at>,
Sören Bittins <soeren.bittins@fokus.fraunhofer.de>,
[Not able to attend]: Daniele Crespi <Daniele.Crespi@lispa.it>,
Invited Members List:
(Holidays) Alexandre Santos <alexandre.santos@spms.min-saude.pt>,
(Holidays) Tomé Vardasca <tome.vardasca@spms.min-saude.pt>,
(Holidays) Markus Kalliola <markus.kalliola@ec.europa.eu>,
MEETING NOTES
0. Overview
Work Scope
- Understand the scope of the integration of eID (from e-SENS) into OpenNCP.
- Time Scope:
OpenNCP Release with LARMS integrated (Level 1) until End of July.
New release OpenNCP 2.X.X, foreseen for __________ 2015.
1. Relevant Documentation (What's gathered so far)
- e-SENS Video: Short demonstration of the eID use-case from e-SENS (LARMS): to be made available.
- e-SENS Video: Short demonstration of the eID use-case from e-SENS (LARMS): to be made available.
The eID approach: The different levels
Level (Requirements) | Mode | Pilot | Action by Pat | Attributes | |
---|---|---|---|---|---|
Level 0 | Manual input in the portal. | epSOS | Minimum D3.6.2 | ||
Level 1 (disconnected mode possible) | LARMS | ?? (eSENS eHeath OpenNCP 2.3.0 – floting componento any portal | Pat gives card, does not type; | Surname given name gender unique (health) identifier; Varies with each country* | RISK: not 100% sure individual ID |
Level 3 (connection to internet and to Country A is needed/national PKIs via centraized service) | LAMb+Pat action | Patient confirms (mobile key; Pins of the card) | Allows “signed consent” Authetication is possible | ||
Level 4 (Does not use local functions of the card, uses online “information”; access to PEP) | DCA Distributed CrossB Authentication | Stork II | Patient confirms (mobile key; Pins of the card) in a PC at the PoCare) | (atributes in the “assertion are the key issue”) | Confirms with National PKI everything; Confirmes eIDAS. |
Level 5 | .Advanced Mobile APP solution (AMAPP) | Use their mobile phone for full autentication without card need |
2. Spec, design and Development
Level 1 (LARMS): Read attributes from patient's cards (through card readers at the Point of Care) and place those attributes in the patient search mask fields of the portal so that the professional doesn't need to enter manually the patient's identifiers.
Stéphane Spahni: Question is: how long will last the smart cards?
Licinio Kustra Mano We would need to jump to level 3 or 4...
Stéphane Spahni: in the future we need to consider non-smart-cards scenarios...
Licinio Kustra Mano: Comments?
Kostas Karkaletsis: Might be an overlapping between e-SENS and STORK.
This is for Patient Identification not Professional...
Licinio Kustra Mano: Not totally working at the level of browser. In the video there is a download of an agent... It is able to connect to the card reader and sends that info to the Portal.
The LARMS It's independent and needs to be downloaded (http that provides the Portal for instance). Local standalone mode.
Ioannis Petrakis: Is LARMS able to extract info from cards that require PIN for data extraction?
Licinio Kustra Mano: We need to move to other level - with private attributes. Patient may need to enter the PIN - card readers need to be more sofisticated. We need to go to Level 2. Here we have a security enhancement.
It may free some private info on the cards, if needed.
Stéphane Spahni: It is built on top of LARMS?
Licinio Kustra Mano: Level 2 is built upon LARMS with a new component... coming from e-SENS. Level 3 needs a third party confirmation...
Level 4: How can we jump to STORK? Needs a STORK National Portal... Does not use local functions of the card, uses online "information"; access to PEP.
Concern: Integration with STORK.
Physicians enter the Portal, identifies the country...
Soeren Bittins: There is no need for this international search mask beacuse the background system will identify automatically this...
Licinio Kustra Mano: We still count on Smart Cards right?
Soeren Bittins: Yes. They would have to identify the country of affiliation...
Licinio Kustra Mano: How can we achieve the level 4?
Soeren Bittins: If we can connect to STORK, we can connect to eIDAS...
Licinio Kustra Mano: What is needed on the OpenNCP side to have LARMS available.
Next month: work on the next levels...
What could be the integration strategy? LARMS has an exe file and needs to be connected to a tool (Card reader)...
Kostas Karkaletsis This is a client implementation - only for the Portal, not a new component...
Countries that does not use Reference OpenNCP Portal will not be able to use...
Licinio Kustra Mano: this is a component that works independently.
Stéphane Spahni: The info extracted has to be placed in the Search Mask, and this link is .. with the Portal
Licinio Kustra Mano: The ones that use specific portals, will have an integration on that portal. Doesn't rely on Liferay, relies on the component... It is used by the Portal.
How can the community access to code, ...
Soeren Bittins: I am waiting for the PNs to test, about the browsers. As soon as I got the OK, we will hand it over perhaps in the next week.
Licinio Kustra Mano: Can we start using the current version?
Rui Alves (Unlicensed): Put the information in the minutes: links... Request to Soeren: where to direct people to this information and materials?
Licinio Kustra Mano: Stéphane Spahni, Kostas Karkaletsis and Alexandre Santos will work on the integration...
3. AOB
NEXT MEETING - Thursday, Jul 23rd 2015 14:00 CEST - 30 min call.
- Rui Alves (Unlicensed): Schedule next meeting.
- Rui Alves (Unlicensed): Schedule next meeting.
Let's wait until we have inputs from Soeren.
Today's meeting actions