5. ISO-TC215 Seoul 2001: Access Proposal “ At the presentation to WG1 meeting in March 2001, Seoul, Korea, I mentioned that the CDA might function as the attestable unit, and the access lock might derive from a ‘detachable header’ for the CDA.” The concept was further developed and presented at the First International CDA Conference at Berlin in October 2002
8. Regional Server data store List of CDA Headers (or Access Objects) Provider Server data store Match found Locates CDA document source Attestable Unit Document information Encounter data Service actors Service targets Clinical digest Attestable Unit Document information Encounter data Service actors Service targets Clinical digest Which may be on its own data store
9. Regional Server data store List of CDA Headers (or Access Objects) Provider Server data store Locates CDA document source Encrpytion key transfer Attestable Unit Document information Encounter data Service actors Service targets Clinical digest Access approved
10. SSL SOAP security SOAP Envelope Digital signature Public key certificate SOAP encryption Role-base access control SSL SSL Regional (SOAP) Server Data store Regional (SOAP) Server Data store Requestor Data store Provider (originating Organization) Secure Socket Layer (SSL) Security Cleint/Server authentication Supporting SOAP encryption 2 CDA request in SOAP envelope 3 Route request to neigbour if necessary 4 Get complete CDA from Provider if request and access role matched 1 Request to neighbour server CDA Document in SOAP Envelop SOAP Security