Securing the Grid for Interoperability

The disparate nature of national, state, local, tribal and academic public health organizations is reflected in the use of diverse informatics solutions that are used to plan and respond to public health events. The Public Health Grid (PHGrid), the Nationwide Health Information Network (NHIN) and other federal networks, such as Cancer Biomedical Informatics Grid (caBIG) and The National Environmental Information Exchange Network’s ‘The Exchange Network’, provide resources using service oriented architecture (SOA) standards and practices. In order for PHGrid to participate in the informatics ecosystem, a minimum, commonly agreed to set of security requirements and principles must be adopted to ensure that resources can be properly developed, discovered and used. This is illustrated by the growing resources available via SOA-standards on networks such as The Office of the National Coordinator’s Nationwide Health Information Network, NCI’s Cancer Biomedical Informatics Grid (caBIG) and EPA’s Exchange Network.

 PHIN, as a framework, has a long-standing set of security requirements and implementations. These requirements have been adopted and aligned with PHGrid architecture to provide web services and grid specific applications for analysis and visualization. Specifically, the following components will be described in the presentation:

• Regulatory Compliance
• Minimum Infrastructure
• Trust
• Identification and Authentication
• Authorization
• Audit
• Data Confidentiality
• Data Privacy
• Data Integrity
• Non Repudiation
• Availability

These dimensions combine to define how PHGrid can be accessed by users and partners, but more importantly defines how PHGrid can be leveraged to collaborate with and access the services created by partners at each level of the spectrum. Specifically, this presentation explains the terms used within the PHGrid projects and how they apply to existing, planned and future technology and social infrastructure.