|By Cloud Best Practices Network||
|December 6, 2012 06:45 AM EST||
Naturally one of the critical areas specified in the Canadian E-Health Cloud strategy document is the risks related to data privacy.
Specifically in section 8, from page 42 through 49, they describe the comprehensive standards, audit and certification frameworks that will be required to protect this next major phase of Cloud adoption.
CHI point to the number one risk issue cited by CIOs – Fears of inadequate data privacy protections, and they describe the various component parts what is required to address these risks including due diligence procedures and state of the art privacy controls.
Throughout the document they also identify the technologies needed to achieve compliance with these new capabilities, such as Federated Identity and Consent Management applications, that they describe as new ‘greenfield’ apps for them.
We can see an example of this through the Real Me service from the New Zealand Government. Developed in conjunction with their national postal service they have deployed a novel service for online Identity authentication and related access, with over 40 different government service providers unified into delivery for half a million users.
This implements an ‘iCMS‘ – Extended Authentication Context Management Service, that utilizes a security token service based on WS-Trust Messaging and SAML tokens, Identity open standards from OASIS, enabling:
- Pseudonymous Authentication, via ‘federated sharing tags’
- Two-factor authentication through text message to cell phone
- Verified Data – A secure, privacy-centric data exchange
- A clear consent model – An extensible data across multiple providers
- Government Cloud attribute provider: Drivers licence information
These trends will have uniquely dramatic changes to how software architecture is designed and implements, as ‘Cloud SOA’ will emerge by utilizing this plumbing, features the NZL Government such as a “privacy domain bus” for managing exchanges of data between applications.
- "All It Took Was One E-Mail to Larry," Says Former eBay Research Director As He Moves to Google
- Google Ramps Up Its Mobile Reach: Launches "Mobile Web Search"
- Ericsson + Napster = World's First "Wireless Digital Music" Brand
- VoIP Update: Yahoo! Buys DialPad
- Free Guest Passes for the SOA World Conference & Expo in NYC
- SYS-CON i-Technology Podcast August 30, 2005
- A Flair for Food - Health-Conscious Cooking Is This Chef's Cup Of Tea
- Sony PSP May Feature Porn
- Kapow Helps Seiko UK, Provides SMS Text-Alert Services
- South Korea is World's Largest Phisher