*Action Items*
[AI] {Steve} will forward the upcoming Shibboleth v1.2 release announcement to this list when it is available.

[AI] {Nadim} will forward a summary of the Videoconferencing issues from VidMid-VC to the MedMid list.

*Attendees*
Nadim El-Khoury, University of North Carolina – Chapel Hill
Charlie Leonhardt, Georgetown University
Steve Olshansky, Internet2
Renee Frost, Internet2
Terrie Clark, Internet2

*Discussion*
Charlie began with a discussion of Project Sentinel Collaboratory. Georgetown University in partnership with (among others) the D.C. Department of Health, MedStar Washington Hospital Center and MedStar Georgetown University Hospital will build and deploy a data-centric collaboratory to collect and analyze data from hospitals, clinics, satellite images of vegetation, mosquito collection, veterinary clinics and other sources in order to develop indicators and warnings (I&Ws) of emerging threats to human health, such as a bio-terror attack. Appropriate I&Ws will then allow more time for various authorities to prepare for corresponding responses to potential threats. For more information please see http://biodefense.georgetown.edu/project-sentinel.asp

One of the foundations of the Project Sentinel Collaboratory project is the use of middleware released under the NSF Middleware Initiative (NMI), particularly Shibboleth. Longer term, the fruits of the project could be extended to other public health environments in Washington, DC and beyond. The plan consists of using Shibboleth as a mechanism for secure interrealm access to web applications. Phase two further defines security to control levels of access based on roles, applications and geographic location. Phase three encompasses building a prototype. The prototype will be a fully functioning Shibboleth environment, with correctly identified and conveyed attributes, integrating Georgetown Hospital, Washington Hospital Center and the District of Columbia’s Department of Health. The current goal of funded work targets the Washington, DC area. However, DHS has shown an interest in the Shibboleth implementation and expanding its scope. And, DHS may be willing to fund implementation for a larger consortium of ER environments.

The VidMid-VC WG is discussing two items raising issues relevant to the MedMid WG. The items address HIPAA compliance and video over IP, and discuss how the medical field will accommodate firewall/NAT traversal issues, video call initiation authorization issues and privacy issues.

NIST recently released guidelines for securing VOIP. NIST recommends
· Separating voice and data traffic on logically different networks
· Denying access to the voice gateway from the data network
· Using firewalls designed for VOIP traffic
· Using IPsec or SSH as well as strong authentication for remote management and auditing
· Encrypting voice traffic at the router or gateway if performance is a problem.
For further information see http://csrc.nist.gov/publications/drafts/NIST_SP800-58-040502.pdf

VidMid-VC is evaluating addressing the widespread problem of firewall/NAT traversal as a potential project. Traversal of firewalls/NATs is highly problematic for voice and video over IP. And, no generic standard exists solving firewall/NAT traversal encryption. The goal of the proposed project is to create a generic solution and propose it as a standard to the ITU, and possibly the IETF.

The VidMid-VC group is also developing scenarios for Federated Video over IP. Several scenarios have been submitted to Study Group 16 of the International Telecommunication Union (ITU), which is responsible for Multimedia services, systems and terminals. Comments on the scenarios and suggestions for new scenarios have been received from the study group and will be summarized for distribution soon.

Nadim El-Khoury, VidMid-VC Working Group Chair, is circulating a proposal within Internet2 working groups increasing awareness of the proposed projects and soliciting collaboration in creating solutions and proposed standards. Interest in the Firewall/NAT traversal project or the Federated Voice over IP scenarios should be directed to Nadim El-Khoury (Nadim_Elkhoury@unc.edu).

The next call will be June 10 2004 at 2:00PM ET.