Development of Security Infrastructure for Public Health Grid

We recently advanced the security infrastructure (authentication and authorization) of grid services to meet the needs of public health—allowing for authorization at the service, method and input parameter level based on a user’s role. Grid technologies have recently become emerging tools used in medicine and public health. One exemplary example is the cancer Biomedical Informatics Grid (caBIG) that allows members in the grid to share cancer knowledge. Our previous research study and pilot study with CDC demonstrated the potential use of grid technologies for public health use. However, when implementing grid services for sharing notifiable reports between the Pennsylvania Department of Health (PADOH) and the Ohio Department of Health (ODH), we identified that there is a lack of the authorization in current grid technologies that can limit who can see what data. Our approach for building the advanced grid security infrastructure is to adopt the current best practices, RODS open source, and agile software development. We adopted existing best practices from the caBIG, including Globus, Introduce and the Grid Authentication and Authorization with Reliably Distributed Services (GAARDS). Authentication is handled using GAARDS’ Dorian and service/method level authorization is handled using GAARDS’ Grid Grouper. We also added the RODS 6 authentication schema and authorization utilities to accomplish input parameter authorization. Authorization at the input parameter level benefits public health allowing for different users to access different data sources and jurisdictional areas based on their role and group. Using the agile software development, we can timely address public health need for the grid software development. We successfully tested that a user can log on to a secure web page and query a list of reportable diseases from multiple grid nodes. Each grid node with notifiable data further checks if the user has the right to view the requested data.