SlideShare une entreprise Scribd logo

Secure Electronic Health Records

Cybera Inc.
Cybera Inc.

Rei Safavi Naini iCore Chair for Information Security Department of Computer Science, University of Calgary Presented at the Cybera/CANARIE National Summit 2009, as part of the session "New Frontiers in Data Integration." This session showcased a selection of leading-edge initiatives that are breaking new ground and setting new precedents around the collection and integration of data.

TechnologieBusiness
1  sur  23
Télécharger pour lire hors ligne
A!Digital!Rights!Management!Approach! to!Securing El t i Health Records t S i Electronic H lth R d Rei!Safavi"Naini iCORE Chair!in!Information!Security Department!of!Computer!Science,!U!of!Calgary iCORE Information Security Lab
Electronic!Health!Record!(EHR) Electronic Health Record (EHR) • A!collection!of!electronic!health! data! • In!digital!format!! easy!to!share! across!!network"connected! information!systems! • May!include,! • Demographics!(race,!disabilities..)! • medical history medical!history,! • medication!and!allergies,! immunization!status, • laboratory!test!results,!radiology! images, • billing!information… R. Safavi-Naini-Summit ‘09- Oct 14, 2009
Moving!towards!EHR
Existing!access!to!Health!Data Existing access to Health Data " Data!stored!in!island!databases " Security:! " Mainly!communication!security " Encrypted links Encrypted!links • EHR!is!the!centerpiece!of!an! " No,!or!little!control!on!access integrated!solution!to!effective! and!secure!management!of! " After!logging!to!the!system!all!data! can!be!accessed health!information. " All!doctors!and!nurses!can!access!all! data " Records!can!be!copied,!printed!etc " Other issues Other!issues " Multiple!copies!of!data " Inefficiency,!hard!to!access… R. Safavi-Naini-Summit ‘09- Oct 14, 2009
Security!is!an!integral!part!of!EHR Security is an integral part of EHR • Paper!data!and!data!stores!are! inherently!more!secure inherently more secure • Limited!number • Hard!to!!duplicate..!imperfect!copies • Changes!are!detectable • Hard!to!access • Electronic!data, • Many!copies!instantly • Easy!to!make!copies • Changes!undetectable • Can!be!accessed!from!any!points… – Intranet • private!confidential!data!among! employee – Extranet for outsourced resources Extranet!for!outsourced!resources – Web!Portal • Security!is!a!major!challenge!
A!new!approach:! Using!Digital Rights Management l h " Digital!rights!management: " information!is!distributed!in!a! protected!form " information!can!only!be! accessed!using!a!license " License!contains!terms!and! conditions!in!a!machine" readable!form readable form " usable!only!by!trusted!DRM! agents " compliant!DRM!agents will! refuse!to!perform!any!action! unless!it!is!permitted!by!the! Components!of!a!DRM!System licence. R. Safavi-Naini-Summit ‘09- Oct 14, 2009
Digital!Rights!Management!for! Healthcare lh In!Healthcare: In Healthcare: Organizational! Organizational Policies R. Safavi-Naini-Summit ‘09- Oct 14, 2009
Digital!Rights!Management!for! Healthcare lh In!Healthcare: In Healthcare: • Consent directives can be Consent!directives!can!be! expressed!in!terms!of! attributes. – adapted from the eXtensible adapted!from!the!eXtensible! Access!Control!Markup! Language!(XACML) Organizational! Organizational Policies
Digital!Rights!Management!for! Healthcare lh In!Healthcare: In Healthcare: A!license A license Organizational! Organizational Policies R. Safavi-Naini-Summit ‘09- Oct 14, 2009
A!healthcare!facility A healthcare facility R. Safavi-Naini-Summit ‘09- Oct 14, 2009
A!healthcare!facility A healthcare facility ‘Interpreting’!policies Interpreting policies • consent!directive!+!site! authorization!policies!! subjects,!actions,!etc.! subjects actions etc • We!use!workflows!to!describe! the!activity!within!a!facility – workflows!imply!licenses!to! perform!specific!actions R. Safavi-Naini-Summit ‘09- Oct 14, 2009
A!healthcare!facility A healthcare facility Workflows • A!sequence!of!tasks!to!be! carried!out!in!the!specified!order • Authorization!templates!for! each!task • Each!workflow!realizes!a!specific! Each workflow realizes a specific purpose of data processing – “Treatment!Workflow”! “Treatment!Purpose” Stop Check Diagnose Check Examine OR Second Opinion Start
A!healthcare!facility A healthcare facility • A!session!starts!when!a!workflow!is!initiated • DRM!agents!can!join and!leave a!session! – Only!if!their!currently!logged"in!user!has! l f h l l d h the!privileges!to!run!the!workflow!of!the! session • Licenses are!issued!for!sessions – Any!agent!that!joins!the!session!can!benefit! from!the!license # A!user!can!continue!a!session!with!a! different!agent!if!that!agent!joins!the!session – E.g.!continue!execution!of!the!workflow!on! a!mobile!device Credentials XACML and Roles Req./Resp. Req /Resp Idtity M Id i Mgmt. CDMS License Issuer Wrkflw Mgmt. Mgmt Authorization Org. Polcy O P l Template R. Safavi-Naini-Summit ‘09- Oct 14, 2009 License
Digital!Rights!Management!for! Healthcare lh Approach Advantages • Data!stored!in!encrypted!form • Wholistic approach!to!security!and! – Protection!against!loss!of!disks,!laptops! privacy bypassing!security – Access according to stated policies • Security!for!the!lifetime!of!data • Policies – Data!always!remain!encrypted! – Privacy!policies • in!a!locked!box • Consent!forms!"users – Access!always!through!trusted!agents – S Security!policies it li i • certain!type!in!a!given!context! • Authorization!" organizational • Expressive!languages!to!state! • Policies!are!written!in!machine! requirements readable!form. – Fine"grain!access!control Fine"grain access control • Enforcement! • Security!and!privacy!both – Reference!monitors!to!interpret!policies – Enforcing!privacy!policies • Patients’!consent!directives R. Safavi-Naini-Summit ‘09- Oct 14, 2009
Fine grained!control Fine"grained control • Policy!statements!are!of!the! Policy statements are of the • Alice cannot Alice!cannot, form, – print!!the!record – email!it!to!anyone “role nurse!can read blood!data!for – copy!it! copy it the th purpose of surgery!preparation!! f ti location terminal!x12!!in!room#101” – .. – Access!Britney’s!record – !"#$% as!a!‘nurse’ ! role – Can!!‘read’ Bob’s!test!results!! action ‘purpose’!surgery!prep! purpose! of!access – On!a!‘terminal!x12!in!room!#112’ ! context R. Safavi-Naini-Summit ‘09- Oct 14, 2009
Technology!Demonstrator:! Re-purposing patient data Aim: Use!patients’!data!from!Foothills U ti t ’ d t f F thill • Security!requirements Security requirements Hospital!for!research!purposes – Patients’!private!data – Patients’!consent!directives – Controlling!access!based!on • Multiple!research!projects,!! • Need!to!know Need to know – Teams,!members!with!different!roles – Provide!remote!access! • New!teams!formed,!old!teams! – Link!with!other!health!data! removed • Identify!patients!potential!candidates! for!each!research!study – Management!and!tracking!of!their! records • First!stage!:!HiiTech Hepatology Knowledge!base • In!future:!!other!areas!of!medicine R. Safavi-Naini-Summit ‘09- Oct 14, 2009
Current!System C S • Patients’!records!are!stored!in!a!MS!SQL!database Q • MS!SharePoint!portal!is!used!to!access!and!manage!the!data • Data!can!be!downloaded!by!users!in!the!form!of!MS!InfoPath! forms • S Security: everyone can see all data! it ll d t ! Web S raw data SharePoint health health Data Browser Server Services record d record Identity Id i Management log-in Server credentials
The!New!Architecture! metadata Rights license IRM Management Protectors Server metadata protected + data raw data consent Browser protected Consent protected record records SharePoint DRM Web Server Services Agent Data raw data groups Identity Id tit credentials Management Server
Scaling!up!to!federated!systems Scaling up to federated systems • Data"level!Federation Organization B – Using!a!federated!database! • integrating!the!databases!in!two! Consent organizations Application – Secure!link!for!data!transfer Data • Complete!mutual!trust!between! organization! – to!enforce!consent!directives!(and! ( perhaps!other!local!policies) Organization A • Easy!to!implement! – Use existing support for database Use!existing!support!for!database! Consent federation!in!database!engines Application • Does!not!support!cross" organizational!research!studies!as! Data applications!are!not!connected applications are not connected R. Safavi-Naini-Summit ‘09- Oct 14, 2009
Scaling!up!to!federated!systems Scaling up to federated systems • Business"Level!Federation • Requirements – federation at application level federation!at!application"level – federation!of!identity!management federation of identity management – extending!the!application!to!enable! • standard!solutions!(e.g.!SAML,!Active! forming!cross"organizational!research! Directory) studies – rights!management!federation • Design!alternatives! • Implementation!is!much!more!difficult! Implementation is much more difficult – DRM!trusted!domains:!issuing!a!license!for!a! DRM trusted domains: issuing a license for a main!server!allowing!it!to!issue!local!licenses! – MS!IRM!service!federation,!or!a!custom! in!its!domain – Issuing!a!cross!organizational!license!directly! solution to!the!user!in!the!other!organization Organization A Organization B Rights Mgmnt Rights Mgmnt Server Server Consent Consent SharePoint SharePoint Services Services Data Data Identity Mgmnt Identity Mgmnt Server Server R. Safavi-Naini-Summit ‘09- Oct 14, 2009
Future!direction: Taking!the!project!to!the!`Cloud’ k h h ` l d’ " Scalable!design " Patient!data!stored!in!`cloud’ " Provincial,!National,..!Global!Access " Access according to stated policies Access!according!to!stated!policies " Whose!policy? " Trust!relationships • Universality!of!the!approach " Consent!directives S a app oac ca be used o Similar!approach!can!be!used!for! other!types!of!data " Efficient!enforcement? – The!technology!can!be!used!for! protection!of!any!document " Data!security:!Whose!responsibility? " Encrypted!content R. Safavi-Naini-Summit ‘09- Oct 14, 2009
Project!details Project details Participants Publications • iCIS!Lab • N.!P.!Sheppard,!R.!Safavi"Naini,!M.! Jafari,! – Mohammad!Jafari,!Nicholas! A!Digital!Rights!Management! g g g Sheppard,!Michal!Sramka Sh d Mi h l S k Model!for!Healthcare,!Proceedings! • HiiTeC of!the!IEEE!POLICY’09,!London,!UK. – Chad!Saunders,!Hytham! • N.!P.!Sheppard,!R.!Safavi Naini,!M.! N P Sheppard R Safavi"Naini M Khalil,!Simon!Liu Jafari, • Cybera A!Secure!Electronic!Healthcare! Record!Infrastructure!in!the!Digital! – Patrick!Mann,!Jill!Kowalchuk Rights!Management!Model,! Rights Management Model Technical!Report!2009"939"18,! Department!of!Computer!Science,! • Other!supports:!MITACS,! University!of!Calgary,!2009.! iCORE R. Safavi-Naini-Summit ‘09- Oct 14, 2009
R. Safavi-Naini-Summit ‘09- Oct 14, 2009

Recommandé

Cyberinfrastructure Technologies and Applications
Cyberinfrastructure Technologies and ApplicationsCyberinfrastructure Technologies and Applications
Cyberinfrastructure Technologies and Applications
Cybera Inc.
 
Getting IT right: Implementing a maternity EHR
Getting IT right: Implementing a maternity EHRGetting IT right: Implementing a maternity EHR
Getting IT right: Implementing a maternity EHR
Health Informatics New Zealand
 
Improving CPR success rate Improvement Project (FOCUS-PDCA)
Improving CPR success rate Improvement Project (FOCUS-PDCA)Improving CPR success rate Improvement Project (FOCUS-PDCA)
Improving CPR success rate Improvement Project (FOCUS-PDCA)
Mohamed Nassif, MD, MSc, CPHQ, CPPS, LSSGB.
 
Hw1 project charter electronic health record for university health care_sunil...
Hw1 project charter electronic health record for university health care_sunil...Hw1 project charter electronic health record for university health care_sunil...
Hw1 project charter electronic health record for university health care_sunil...
Sunil Kumar Gunasekaran
 
EHR Implementation Plan Presentation
EHR Implementation Plan PresentationEHR Implementation Plan Presentation
EHR Implementation Plan Presentation
David Montanez, PMP
 
Data Insights - sentiXchange
Data Insights - sentiXchangeData Insights - sentiXchange
Data Insights - sentiXchange
Akshay Wattal
 
7 Signs Your Help Desk Needs Help
7 Signs Your Help Desk Needs Help7 Signs Your Help Desk Needs Help
7 Signs Your Help Desk Needs Help
Bonitasoft
 
Mid tech presentation copy (satish)
Mid tech presentation copy (satish)Mid tech presentation copy (satish)
Mid tech presentation copy (satish)
Satish Dave
 

Recommandé

Cyberinfrastructure Technologies and Applications
Cyberinfrastructure Technologies and ApplicationsCyberinfrastructure Technologies and Applications
Cyberinfrastructure Technologies and Applications
Cybera Inc.
 
Getting IT right: Implementing a maternity EHR
Getting IT right: Implementing a maternity EHRGetting IT right: Implementing a maternity EHR
Getting IT right: Implementing a maternity EHR
Health Informatics New Zealand
 
Improving CPR success rate Improvement Project (FOCUS-PDCA)
Improving CPR success rate Improvement Project (FOCUS-PDCA)Improving CPR success rate Improvement Project (FOCUS-PDCA)
Improving CPR success rate Improvement Project (FOCUS-PDCA)
Mohamed Nassif, MD, MSc, CPHQ, CPPS, LSSGB.
 
Hw1 project charter electronic health record for university health care_sunil...
Hw1 project charter electronic health record for university health care_sunil...Hw1 project charter electronic health record for university health care_sunil...
Hw1 project charter electronic health record for university health care_sunil...
Sunil Kumar Gunasekaran
 
EHR Implementation Plan Presentation
EHR Implementation Plan PresentationEHR Implementation Plan Presentation
EHR Implementation Plan Presentation
David Montanez, PMP
 
Data Insights - sentiXchange
Data Insights - sentiXchangeData Insights - sentiXchange
Data Insights - sentiXchange
Akshay Wattal
 
7 Signs Your Help Desk Needs Help
7 Signs Your Help Desk Needs Help7 Signs Your Help Desk Needs Help
7 Signs Your Help Desk Needs Help
Bonitasoft
 
Mid tech presentation copy (satish)
Mid tech presentation copy (satish)Mid tech presentation copy (satish)
Mid tech presentation copy (satish)
Satish Dave
 
The future of scientific information & communication
The future of scientific information & communicationThe future of scientific information & communication
The future of scientific information & communication
US Environmental Protection Agency (EPA), Center for Computational Toxicology and Exposure
 
Workflow Preservation
Workflow PreservationWorkflow Preservation
Workflow Preservation
Jose Enrique Ruiz
 
Evolution of The Application
Evolution of The ApplicationEvolution of The Application
Evolution of The Application
Daniel Miessler
 
Bright talk if they cant use it, it doesnt work - final
Bright talk if they cant use it, it doesnt work - finalBright talk if they cant use it, it doesnt work - final
Bright talk if they cant use it, it doesnt work - final
Andrew White
 
From Crowdsourcing to Big Data: how ePatients (and their machines) are evolvi...
From Crowdsourcing to Big Data: how ePatients (and their machines) are evolvi...From Crowdsourcing to Big Data: how ePatients (and their machines) are evolvi...
From Crowdsourcing to Big Data: how ePatients (and their machines) are evolvi...
Ferdinando Scala
 
RIPE 69 & IETF 91 Webinar - DNS-Privacy, IPv6, DANE and DHCP(v6)
RIPE 69 & IETF 91 Webinar - DNS-Privacy, IPv6, DANE and DHCP(v6)RIPE 69 & IETF 91 Webinar - DNS-Privacy, IPv6, DANE and DHCP(v6)
RIPE 69 & IETF 91 Webinar - DNS-Privacy, IPv6, DANE and DHCP(v6)
Men and Mice
 
Workflows in the Virtual Observatory
Workflows in the Virtual ObservatoryWorkflows in the Virtual Observatory
Workflows in the Virtual Observatory
Jose Enrique Ruiz
 
Aerogear Java User Group Presentation
Aerogear Java User Group PresentationAerogear Java User Group Presentation
Aerogear Java User Group Presentation
hwilming
 
Hybert 1 Web Collab
Hybert 1 Web CollabHybert 1 Web Collab
Hybert 1 Web Collab
CISPI, STC Chicago, CCASTD, Roosevelt University
 
CSM Business Process Presentation
CSM Business Process Presentation CSM Business Process Presentation
CSM Business Process Presentation
cdadian
 
Chemical Database Projects Delivered by RSC eScience
Chemical Database Projects Delivered by RSC eScienceChemical Database Projects Delivered by RSC eScience
Chemical Database Projects Delivered by RSC eScience
US Environmental Protection Agency (EPA), Center for Computational Toxicology and Exposure
 
Just enough may_29_2012
Just enough may_29_2012Just enough may_29_2012
Just enough may_29_2012
Peter Lijnse
 
Patricia braga 2015 AADSM Presentation-Building A Physician Referral Dental S...
Patricia braga 2015 AADSM Presentation-Building A Physician Referral Dental S...Patricia braga 2015 AADSM Presentation-Building A Physician Referral Dental S...
Patricia braga 2015 AADSM Presentation-Building A Physician Referral Dental S...
Trish Braga, DDS, Diplomate ABDSM
 
2015 AADSM Presentation
2015 AADSM Presentation2015 AADSM Presentation
2015 AADSM Presentation
Trish Braga, DDS, Diplomate ABDSM
 
CASE-3 Assisting Special Needs Children with the Power of Open Source!
CASE-3 Assisting Special Needs Children with the Power of Open Source!CASE-3 Assisting Special Needs Children with the Power of Open Source!
CASE-3 Assisting Special Needs Children with the Power of Open Source!
Alfresco Software
 
The Future of Employee Research Report
The Future of Employee Research ReportThe Future of Employee Research Report
The Future of Employee Research Report
Silverman_Research
 
Metrics & more
Metrics & more Metrics & more
Metrics & more
Stefan Thies
 
Reducing paper liabilities creating lean health care opportunities
Reducing paper liabilities creating lean health care opportunitiesReducing paper liabilities creating lean health care opportunities
Reducing paper liabilities creating lean health care opportunities
Compliancy Group
 
Changing the context
Changing the contextChanging the context
Changing the context
Huib Schoots
 
MacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk FundamentalsMacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk Fundamentals
Alison Gianotto
 
Cyber Summit 2016: Technology, Education, and Democracy
Cyber Summit 2016: Technology, Education, and DemocracyCyber Summit 2016: Technology, Education, and Democracy
Cyber Summit 2016: Technology, Education, and Democracy
Cybera Inc.
 
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cyber Summit 2016: Understanding Users' (In)Secure BehaviourCyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cybera Inc.
 

Contenu connexe

Similaire à Secure Electronic Health Records

The future of scientific information & communication
The future of scientific information & communicationThe future of scientific information & communication
The future of scientific information & communication
US Environmental Protection Agency (EPA), Center for Computational Toxicology and Exposure
 
Bright talk if they cant use it, it doesnt work - final
Bright talk if they cant use it, it doesnt work - finalBright talk if they cant use it, it doesnt work - final
Bright talk if they cant use it, it doesnt work - final
Andrew White
 
Workflows in the Virtual Observatory
Workflows in the Virtual ObservatoryWorkflows in the Virtual Observatory
Workflows in the Virtual Observatory
Jose Enrique Ruiz
 
Just enough may_29_2012
Just enough may_29_2012Just enough may_29_2012
Just enough may_29_2012
Peter Lijnse
 
CASE-3 Assisting Special Needs Children with the Power of Open Source!
CASE-3 Assisting Special Needs Children with the Power of Open Source!CASE-3 Assisting Special Needs Children with the Power of Open Source!
CASE-3 Assisting Special Needs Children with the Power of Open Source!
Alfresco Software
 
Changing the context
Changing the contextChanging the context
Changing the context
Huib Schoots
 

Similaire à Secure Electronic Health Records (20)

The future of scientific information & communication
The future of scientific information & communicationThe future of scientific information & communication
The future of scientific information & communication
 
Workflow Preservation
Workflow PreservationWorkflow Preservation
Workflow Preservation
 
Evolution of The Application
Evolution of The ApplicationEvolution of The Application
Evolution of The Application
 
Bright talk if they cant use it, it doesnt work - final
Bright talk if they cant use it, it doesnt work - finalBright talk if they cant use it, it doesnt work - final
Bright talk if they cant use it, it doesnt work - final
 
From Crowdsourcing to Big Data: how ePatients (and their machines) are evolvi...
From Crowdsourcing to Big Data: how ePatients (and their machines) are evolvi...From Crowdsourcing to Big Data: how ePatients (and their machines) are evolvi...
From Crowdsourcing to Big Data: how ePatients (and their machines) are evolvi...
 
RIPE 69 & IETF 91 Webinar - DNS-Privacy, IPv6, DANE and DHCP(v6)
RIPE 69 & IETF 91 Webinar - DNS-Privacy, IPv6, DANE and DHCP(v6)RIPE 69 & IETF 91 Webinar - DNS-Privacy, IPv6, DANE and DHCP(v6)
RIPE 69 & IETF 91 Webinar - DNS-Privacy, IPv6, DANE and DHCP(v6)
 
Workflows in the Virtual Observatory
Workflows in the Virtual ObservatoryWorkflows in the Virtual Observatory
Workflows in the Virtual Observatory
 
Aerogear Java User Group Presentation
Aerogear Java User Group PresentationAerogear Java User Group Presentation
Aerogear Java User Group Presentation
 
Hybert 1 Web Collab
Hybert 1 Web CollabHybert 1 Web Collab
Hybert 1 Web Collab
 
CSM Business Process Presentation
CSM Business Process Presentation CSM Business Process Presentation
CSM Business Process Presentation
 
Chemical Database Projects Delivered by RSC eScience
Chemical Database Projects Delivered by RSC eScienceChemical Database Projects Delivered by RSC eScience
Chemical Database Projects Delivered by RSC eScience
 
Just enough may_29_2012
Just enough may_29_2012Just enough may_29_2012
Just enough may_29_2012
 
Patricia braga 2015 AADSM Presentation-Building A Physician Referral Dental S...
Patricia braga 2015 AADSM Presentation-Building A Physician Referral Dental S...Patricia braga 2015 AADSM Presentation-Building A Physician Referral Dental S...
Patricia braga 2015 AADSM Presentation-Building A Physician Referral Dental S...
 
2015 AADSM Presentation
2015 AADSM Presentation2015 AADSM Presentation
2015 AADSM Presentation
 
CASE-3 Assisting Special Needs Children with the Power of Open Source!
CASE-3 Assisting Special Needs Children with the Power of Open Source!CASE-3 Assisting Special Needs Children with the Power of Open Source!
CASE-3 Assisting Special Needs Children with the Power of Open Source!
 
The Future of Employee Research Report
The Future of Employee Research ReportThe Future of Employee Research Report
The Future of Employee Research Report
 
Metrics & more
Metrics & more Metrics & more
Metrics & more
 
Reducing paper liabilities creating lean health care opportunities
Reducing paper liabilities creating lean health care opportunitiesReducing paper liabilities creating lean health care opportunities
Reducing paper liabilities creating lean health care opportunities
 
Changing the context
Changing the contextChanging the context
Changing the context
 
MacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk FundamentalsMacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk Fundamentals
 

Plus de Cybera Inc.

Cyber Summit 2016: Technology, Education, and Democracy
Cyber Summit 2016: Technology, Education, and DemocracyCyber Summit 2016: Technology, Education, and Democracy
Cyber Summit 2016: Technology, Education, and Democracy
Cybera Inc.
 
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cyber Summit 2016: Understanding Users' (In)Secure BehaviourCyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cybera Inc.
 
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cybera Inc.
 
Cyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cyber Summit 2016: Research Data and the Canadian Innovation ChallengeCyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cybera Inc.
 
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and ReuseCyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cybera Inc.
 
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cybera Inc.
 
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cybera Inc.
 
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing DataCyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cybera Inc.
 
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cybera Inc.
 
Do Universities Dream of Big Data
Do Universities Dream of Big DataDo Universities Dream of Big Data
Do Universities Dream of Big Data
Cybera Inc.
 
Predicting the Future With Microsoft Bing
Predicting the Future With Microsoft BingPredicting the Future With Microsoft Bing
Predicting the Future With Microsoft Bing
Cybera Inc.
 
Opening the doors of the laboratory
Opening the doors of the laboratoryOpening the doors of the laboratory
Opening the doors of the laboratory
Cybera Inc.
 

Plus de Cybera Inc. (20)

Cyber Summit 2016: Technology, Education, and Democracy
Cyber Summit 2016: Technology, Education, and DemocracyCyber Summit 2016: Technology, Education, and Democracy
Cyber Summit 2016: Technology, Education, and Democracy
 
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cyber Summit 2016: Understanding Users' (In)Secure BehaviourCyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
 
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
 
Cyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cyber Summit 2016: Research Data and the Canadian Innovation ChallengeCyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cyber Summit 2016: Research Data and the Canadian Innovation Challenge
 
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big Data
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big DataCyber Summit 2016: Knowing More and Understanding Less in the Age of Big Data
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big Data
 
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and ReuseCyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
 
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
 
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
 
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing DataCyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
 
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
 
Privacy, Security & Access to Data
Privacy, Security & Access to DataPrivacy, Security & Access to Data
Privacy, Security & Access to Data
 
Do Universities Dream of Big Data
Do Universities Dream of Big DataDo Universities Dream of Big Data
Do Universities Dream of Big Data
 
Predicting the Future With Microsoft Bing
Predicting the Future With Microsoft BingPredicting the Future With Microsoft Bing
Predicting the Future With Microsoft Bing
 
Analytics 101: How to not fail at analytics
Analytics 101: How to not fail at analyticsAnalytics 101: How to not fail at analytics
Analytics 101: How to not fail at analytics
 
Are MOOC's past their peak?
Are MOOC's past their peak?Are MOOC's past their peak?
Are MOOC's past their peak?
 
Opening the doors of the laboratory
Opening the doors of the laboratoryOpening the doors of the laboratory
Opening the doors of the laboratory
 
Open City - Edmonton
Open City - EdmontonOpen City - Edmonton
Open City - Edmonton
 
Unlocking the power of healthcare data
Unlocking the power of healthcare dataUnlocking the power of healthcare data
Unlocking the power of healthcare data
 
Checking in on Healthcare Data Analytics
Checking in on Healthcare Data AnalyticsChecking in on Healthcare Data Analytics
Checking in on Healthcare Data Analytics
 
Open access and open data: international trends and strategic context
Open access and open data: international trends and strategic contextOpen access and open data: international trends and strategic context
Open access and open data: international trends and strategic context
 

Dernier

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Dernier (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 

Secure Electronic Health Records

  • 1. A!Digital!Rights!Management!Approach! to!Securing El t i Health Records t S i Electronic H lth R d Rei!Safavi"Naini iCORE Chair!in!Information!Security Department!of!Computer!Science,!U!of!Calgary iCORE Information Security Lab
  • 2. Electronic!Health!Record!(EHR) Electronic Health Record (EHR) • A!collection!of!electronic!health! data! • In!digital!format!! easy!to!share! across!!network"connected! information!systems! • May!include,! • Demographics!(race,!disabilities..)! • medical history medical!history,! • medication!and!allergies,! immunization!status, • laboratory!test!results,!radiology! images, • billing!information… R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 4. Existing!access!to!Health!Data Existing access to Health Data " Data!stored!in!island!databases " Security:! " Mainly!communication!security " Encrypted links Encrypted!links • EHR!is!the!centerpiece!of!an! " No,!or!little!control!on!access integrated!solution!to!effective! and!secure!management!of! " After!logging!to!the!system!all!data! can!be!accessed health!information. " All!doctors!and!nurses!can!access!all! data " Records!can!be!copied,!printed!etc " Other issues Other!issues " Multiple!copies!of!data " Inefficiency,!hard!to!access… R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 5. Security!is!an!integral!part!of!EHR Security is an integral part of EHR • Paper!data!and!data!stores!are! inherently!more!secure inherently more secure • Limited!number • Hard!to!!duplicate..!imperfect!copies • Changes!are!detectable • Hard!to!access • Electronic!data, • Many!copies!instantly • Easy!to!make!copies • Changes!undetectable • Can!be!accessed!from!any!points… – Intranet • private!confidential!data!among! employee – Extranet for outsourced resources Extranet!for!outsourced!resources – Web!Portal • Security!is!a!major!challenge!
  • 6. A!new!approach:! Using!Digital Rights Management l h " Digital!rights!management: " information!is!distributed!in!a! protected!form " information!can!only!be! accessed!using!a!license " License!contains!terms!and! conditions!in!a!machine" readable!form readable form " usable!only!by!trusted!DRM! agents " compliant!DRM!agents will! refuse!to!perform!any!action! unless!it!is!permitted!by!the! Components!of!a!DRM!System licence. R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 7. Digital!Rights!Management!for! Healthcare lh In!Healthcare: In Healthcare: Organizational! Organizational Policies R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 8. Digital!Rights!Management!for! Healthcare lh In!Healthcare: In Healthcare: • Consent directives can be Consent!directives!can!be! expressed!in!terms!of! attributes. – adapted from the eXtensible adapted!from!the!eXtensible! Access!Control!Markup! Language!(XACML) Organizational! Organizational Policies
  • 9. Digital!Rights!Management!for! Healthcare lh In!Healthcare: In Healthcare: A!license A license Organizational! Organizational Policies R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 10. A!healthcare!facility A healthcare facility R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 11. A!healthcare!facility A healthcare facility ‘Interpreting’!policies Interpreting policies • consent!directive!+!site! authorization!policies!! subjects,!actions,!etc.! subjects actions etc • We!use!workflows!to!describe! the!activity!within!a!facility – workflows!imply!licenses!to! perform!specific!actions R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 12. A!healthcare!facility A healthcare facility Workflows • A!sequence!of!tasks!to!be! carried!out!in!the!specified!order • Authorization!templates!for! each!task • Each!workflow!realizes!a!specific! Each workflow realizes a specific purpose of data processing – “Treatment!Workflow”! “Treatment!Purpose” Stop Check Diagnose Check Examine OR Second Opinion Start
  • 13. A!healthcare!facility A healthcare facility • A!session!starts!when!a!workflow!is!initiated • DRM!agents!can!join and!leave a!session! – Only!if!their!currently!logged"in!user!has! l f h l l d h the!privileges!to!run!the!workflow!of!the! session • Licenses are!issued!for!sessions – Any!agent!that!joins!the!session!can!benefit! from!the!license # A!user!can!continue!a!session!with!a! different!agent!if!that!agent!joins!the!session – E.g.!continue!execution!of!the!workflow!on! a!mobile!device Credentials XACML and Roles Req./Resp. Req /Resp Idtity M Id i Mgmt. CDMS License Issuer Wrkflw Mgmt. Mgmt Authorization Org. Polcy O P l Template R. Safavi-Naini-Summit ‘09- Oct 14, 2009 License
  • 14. Digital!Rights!Management!for! Healthcare lh Approach Advantages • Data!stored!in!encrypted!form • Wholistic approach!to!security!and! – Protection!against!loss!of!disks,!laptops! privacy bypassing!security – Access according to stated policies • Security!for!the!lifetime!of!data • Policies – Data!always!remain!encrypted! – Privacy!policies • in!a!locked!box • Consent!forms!"users – Access!always!through!trusted!agents – S Security!policies it li i • certain!type!in!a!given!context! • Authorization!" organizational • Expressive!languages!to!state! • Policies!are!written!in!machine! requirements readable!form. – Fine"grain!access!control Fine"grain access control • Enforcement! • Security!and!privacy!both – Reference!monitors!to!interpret!policies – Enforcing!privacy!policies • Patients’!consent!directives R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 15. Fine grained!control Fine"grained control • Policy!statements!are!of!the! Policy statements are of the • Alice cannot Alice!cannot, form, – print!!the!record – email!it!to!anyone “role nurse!can read blood!data!for – copy!it! copy it the th purpose of surgery!preparation!! f ti location terminal!x12!!in!room#101” – .. – Access!Britney’s!record – !"#$% as!a!‘nurse’ ! role – Can!!‘read’ Bob’s!test!results!! action ‘purpose’!surgery!prep! purpose! of!access – On!a!‘terminal!x12!in!room!#112’ ! context R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 16. Technology!Demonstrator:! Re-purposing patient data Aim: Use!patients’!data!from!Foothills U ti t ’ d t f F thill • Security!requirements Security requirements Hospital!for!research!purposes – Patients’!private!data – Patients’!consent!directives – Controlling!access!based!on • Multiple!research!projects,!! • Need!to!know Need to know – Teams,!members!with!different!roles – Provide!remote!access! • New!teams!formed,!old!teams! – Link!with!other!health!data! removed • Identify!patients!potential!candidates! for!each!research!study – Management!and!tracking!of!their! records • First!stage!:!HiiTech Hepatology Knowledge!base • In!future:!!other!areas!of!medicine R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 17. Current!System C S • Patients’!records!are!stored!in!a!MS!SQL!database Q • MS!SharePoint!portal!is!used!to!access!and!manage!the!data • Data!can!be!downloaded!by!users!in!the!form!of!MS!InfoPath! forms • S Security: everyone can see all data! it ll d t ! Web S raw data SharePoint health health Data Browser Server Services record d record Identity Id i Management log-in Server credentials
  • 18. The!New!Architecture! metadata Rights license IRM Management Protectors Server metadata protected + data raw data consent Browser protected Consent protected record records SharePoint DRM Web Server Services Agent Data raw data groups Identity Id tit credentials Management Server
  • 19. Scaling!up!to!federated!systems Scaling up to federated systems • Data"level!Federation Organization B – Using!a!federated!database! • integrating!the!databases!in!two! Consent organizations Application – Secure!link!for!data!transfer Data • Complete!mutual!trust!between! organization! – to!enforce!consent!directives!(and! ( perhaps!other!local!policies) Organization A • Easy!to!implement! – Use existing support for database Use!existing!support!for!database! Consent federation!in!database!engines Application • Does!not!support!cross" organizational!research!studies!as! Data applications!are!not!connected applications are not connected R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 20. Scaling!up!to!federated!systems Scaling up to federated systems • Business"Level!Federation • Requirements – federation at application level federation!at!application"level – federation!of!identity!management federation of identity management – extending!the!application!to!enable! • standard!solutions!(e.g.!SAML,!Active! forming!cross"organizational!research! Directory) studies – rights!management!federation • Design!alternatives! • Implementation!is!much!more!difficult! Implementation is much more difficult – DRM!trusted!domains:!issuing!a!license!for!a! DRM trusted domains: issuing a license for a main!server!allowing!it!to!issue!local!licenses! – MS!IRM!service!federation,!or!a!custom! in!its!domain – Issuing!a!cross!organizational!license!directly! solution to!the!user!in!the!other!organization Organization A Organization B Rights Mgmnt Rights Mgmnt Server Server Consent Consent SharePoint SharePoint Services Services Data Data Identity Mgmnt Identity Mgmnt Server Server R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 21. Future!direction: Taking!the!project!to!the!`Cloud’ k h h ` l d’ " Scalable!design " Patient!data!stored!in!`cloud’ " Provincial,!National,..!Global!Access " Access according to stated policies Access!according!to!stated!policies " Whose!policy? " Trust!relationships • Universality!of!the!approach " Consent!directives S a app oac ca be used o Similar!approach!can!be!used!for! other!types!of!data " Efficient!enforcement? – The!technology!can!be!used!for! protection!of!any!document " Data!security:!Whose!responsibility? " Encrypted!content R. Safavi-Naini-Summit ‘09- Oct 14, 2009
  • 22. Project!details Project details Participants Publications • iCIS!Lab • N.!P.!Sheppard,!R.!Safavi"Naini,!M.! Jafari,! – Mohammad!Jafari,!Nicholas! A!Digital!Rights!Management! g g g Sheppard,!Michal!Sramka Sh d Mi h l S k Model!for!Healthcare,!Proceedings! • HiiTeC of!the!IEEE!POLICY’09,!London,!UK. – Chad!Saunders,!Hytham! • N.!P.!Sheppard,!R.!Safavi Naini,!M.! N P Sheppard R Safavi"Naini M Khalil,!Simon!Liu Jafari, • Cybera A!Secure!Electronic!Healthcare! Record!Infrastructure!in!the!Digital! – Patrick!Mann,!Jill!Kowalchuk Rights!Management!Model,! Rights Management Model Technical!Report!2009"939"18,! Department!of!Computer!Science,! • Other!supports:!MITACS,! University!of!Calgary,!2009.! iCORE R. Safavi-Naini-Summit ‘09- Oct 14, 2009