VidMid VC Conference Call November 16, 2003

[AI] Jill: will post notes she has made on the case to the list.
[AI] Steve: Jim Jokl and Barry Ribbeck or Bill Weems will be invited to attend the next call to talk about PKI and medical issues.

VidMid VC Conference Call November 16, 2003
*Attendees*
Tyler Johnson, UNC
Jill Gemmill, UAB
Tom Barton, U. Chicago
Jeanette Fielden, Internet2
Steve Olshansky, Internet2
Ann West, Internet2

*Discussion*
Tyler sent a first draft regarding a secure videoconferencing system to the list. Currently there are no secure VC systems on the market. The general design goal is a system profile that different parties can agree on and work from.

One question is how do you design a system that supports a patient using the system from home at some point in the future? Can a federated approach be described that if it doesn’t solve the issue it provides an environment where this use case can be solved? Is there a scalable way you can have non-affiliated patients and customers authenticated?

Would the patient actually be non-affiliated? There would be a pre-existing relationship between the healthcare provider and the patient, which would provide an opportunity to distribute credentials to the patient though scalability of such a solution might be problematic.

Jill suggested that the intent could be to come up with a roadmap that has an initial simple but compelling scenario that can be solved if the application can handle certificates, no matter who issues them. More complex authorization could come later. The focus would be use cases and the elements of trust as opposed to the technology being used.

Tyler felt that hop-to-hop security is not sufficient for videoconferencing because he will want to see/verify the other person’s credentials and not have it done by a gatekeeper. End-to-end security is fundamental to video conferencing.

Tom thought that authenticating a user to a local piece of trusted infrastructure at each end doesn’t necessarily mean there is no hope of having end-to-end authentication or other security. That can plug into federations where there is an origin site, a target site, and another set of infrastructures by which the distinguished architectural elements of the site can trust each other. There is a way for a gatekeeper/registrar at an origin site, to transmit information to a target site that would believe it and have it be a basis to trust the information it’s receiving by that means.

Tyler also wants the end user to be able to set and modify the policies themselves. Having something evaluate the credentials on behalf of the user isn’t appropriate. It’s not clear how you code that into something that a large service provider could use in an automated policy server at the gatekeeper level. That functionality needs to live in the endpoint.

Tom pointed out that if the case is constrained to something like a federation there are extra tools to help solve these kinds of issues. If both endpoints belong to a organization with infrastructure and the organizations belong to something that can pass info between them that they trust for certain purposes. That kind of framework might apply to some scenarios. Users can have the ability to make decisions with excluding enabling the network to make the decision as well.

The draft can also be sent to Keith Hazelton for feedback relating to PKI issues. Tom can act as a liaison to the PKI group. The case could be circulated to the health sciences security list as well for suggestions and feedback on the scenarios and trust issues.

Is there a lot of videoconferencing in a medical setting currently? There is some telemedicine, such as correctional institutions, that is done mostly with leased lines (ISDN) using equipment that does some encryption specific to H.320.

The H.235 standard deals with both authentication and encryption. Those could be handled separately but handling them separately might be an obstacle to deployment.

While there is an attractiveness to one infrastructure for multiple purposes it is not clear how much infrastructure would need to be built and how it would operate. How does the application cert specific CA notion keep you away from the difficulties with vendor and end-user PKI?

End user PKI and application specific CA’s will be topics of discussion for the next meeting. Jim Jokl and Barry Ribbeck or Bill Weems will be invited to attend the call to talk about PKI and medical issues.