vedlikehold av sikkerhetsløsninger fra et infrastruktur...
TRANSCRIPT
Vedlikehold av sikkerhetsløsninger fra et infrastruktur‐perspektiv
Ole HansethDepartment of InformaticsUniversity of Oslo, Norway
Infrastruktur
• Veier, jernbane, vann, ..• Applikasjoner –
infrastruktur
• Informasjons‐infrastruktur:
Applikasjoner som infrastruktur
Eksempel
• …og best practice: Internet
ePrescriptionsExchange
MyPresciptions
EPJ-Systems
Pharmacy-system
PrescriptionPrescription information
Hand-over messageDeleted prescription
ePrescriptions information
Prescription information
Hand-over message
Request for expedition
FEST(Gvt Medicine
Agency)
Application(Gvt Medicine
Agency)
Refunds and control(NAV)
ApplicationNAV
Refundrequest
Application toMedicine Agency
Notificationof
hand-over
Prescription and expedition information
Recall
Reply onRefund request
Reply onapplication
Request for assessment byGvt Medicine Agency
Consent information
GPinformation
Information on medicins in use
Reference number
Reply from Medicine Agency
Prescription and expedition information
ePrescription
eCustoms
• Harmonizing, streamlining customs declarations in EU
• Aim: ”Single window”
• Increased trade/globalization– New risks: Mad cow, terror, counterfeit, ..
– Containers, big hubs– New customs control procedures
Figure 4. Organization of e-Customs projects at EU, national, and trader level.
EU DomainStrategy/Programme
Projects
EU DomainStrategy/Programme
Projects
NCTSNCTSMulti‐Annual Strategic PlanMulti‐Annual Strategic Plan
Customs 2002
Customs 2007
Customs 2013
ECSECS
ICSICS
AEOAEO
EORIEORI
......
Danish DomainProjects/Subprojects
Danish DomainProjects/Subprojects
e‐Customs Projecte‐Customs Project
NCTSNCTS
ECSECS
ICSICS
AEOAEO
EORIEORI
......
Arla DomainProjects
Arla DomainProjects
Adaption projectsAdaption projects
ECSECS
ICSICS
TGB15 International Trade Single Window
TBG14 International Supply Chain Model & TBG2 UNeDocs Data Model
TBG17 UN/CEFACT Core Component Library
United Trade Data Elements Directory (UNTED)
TBG18
AgricultureTBG2
Digital PaperTBG15
Trade FacilitationTBG8
InsuranceTBG19
eGov
TBG1
Supply ChainTBG4
WCO DMTBG3
TransportTBG13
EnvironmentTBG5
Finance
Figure 3. UN/CEFACT International Trade and Business Processes Group (TBG) and key relationships between these working groups. Redrawn from Dill (2007).
Figure 5. Information flows in an export process
System abbreviations:ECS:
Export Control SystemEORI:
European Operators Registration and
identification systemASS:
Agriculture Subvention SystemEMCS:
European Movement Control
SystemCRMS:
Customs Risk Management
Systems
Figure 6. Development of the European e-Customs information infrastructure 2000-2010
Cases
• Health care: EPR, RIS/PACS, EDI networks, telemedicine, HISP
• Industry: SAP implementation, corporate standards/infrastructures, supply chain (oil)
• Mobile Internet: CPA, billing systems
• Internet: strategy, standardization, Nordunet• Digital music ++
• eGovernement: eCustoms
Summary Care Record Systems
• Scotland:– 3 MGBP (4M Euros, 4 M USD)
• Denmark:– Official, top‐down
• 10 M Euros,
• Faded out after about 4 years, officially canceled after 8– Unofficial, bottom‐up
• Great success
• Norway (ePrescription)– 500 MNOK, currently pilot in one GP office
• UK– Started 2004, early adoption 2007, further deployment is frozen
– Spent 240 MGBP
Defining Information Infrastructure
Information Infrastructure
• Open
• Evolving
• Heterogeneous
• Installed base
• Cultivating living organism
Information System
• Closed
• Life cycle
• Homogeneous (??)
• Designed from scratch
• Design of dead material
Utvikling av II
• Standardisering• Internet: bottom‐up, evolusjonær
utvikling
• OSI/telekom: top‐down, spesifikasjons‐drevet, big bang
• Design dilemmaer:– Take‐off problemet
– Lock‐in problemet
Sikkerhetsløsninger
• Også
infrastruktur– Åpen
• Løsning• Brukere• Utviklere
– Evolusjon (gateways)– Heterogenitet
• Eksempel: eResept
”Vedlikehold”
• PKI• Sykehus: PKI 2014• Alternativ løsning: Virksomhets‐sertifikater
• Pris: – Sykehusene: ?– De andre: 20 MNOK (= total‐løsning i Skottland)
Mange aktører – mer politikk
• Sikkerhet = politikk • Bare det beste er godt nok?
– Uhellige allianser: ”fundamentalistiske” teknologer ++
• Sikkerhet er kritisk ressurs– Kontroll av sikkerhet = kontroll av infrastruktur
• analogi end‐2‐end– Blitt brukt for å stoppe prosjekt– Nasjonalt Helsenett ‐
Helsedirektoratet
Konklusjon
• Vellykkede sikkerhets‐løsninger må
etableres på
samme måte som andre vellykkede
infrastrukturer: bottom‐up, evolusjon, enkle løsninger, håndtere åpenhet
– Ikke som et lukket system!
• Må
håndtere samspillet mellom teknologi, organisasjon, politikk
The EDI Paradigm
Vendors ofLab systems
GP offices Hospitals
LabsPharmacies
NAV
Hospitalsystems
Lab systemsPharmacysystems
NAVsystems
Vendors of hospital syst.
Vendor of thePharmacies’system
NAV’sdev. org.
Information flow ICT architecture Project organization
An alternative
GP computerGP’s EPR system
Lab system
Communication
system/network
GP office
Lab/hospital
Client module
Server module
GP’s computer
GP
Lab/hospital
Project org.
ICT architecture Project organization
Differences
EDI Paradigm
• Complex technical solution
• Very complex project organization
• Top‐down
• Escalating complexity (destbilizing)
• Stabilizing (freezing) user practices
• Failure
”ASPO”
architecture
• Simple technical solution
• Very simple project organization
• Bottom‐up, evolutionary
• Stable complexity
• Destibilizing user practices (stimulating organizational innovation)
• Success
Top‐down
• All stakeholders involved– Each has separate requirements
• The more stakeholders involved, the more new requirements will be generated
• Each change: all stakeholders have their requirements ..
• Aims at stability –
generates destabilizing processes