[Openid-specs-heart] AS authentication

Debbie Bucci debbucci at gmail.com
Tue May 3 14:05:07 UTC 2016 

I was actually focused on the authentication burden by the providers that
will want/need to support their patient/consumers.

We had discussed a webfinger like flow to enable discover consumer
resources as part of the introduction piece ...which in turn may indeed be
an OIDC provider-AS for the consumer.




On Tue, May 3, 2016 at 9:49 AM, Glen Marshall [SRS] <gfm at securityrs.com>
wrote:

> Debbie,
>
>
>
> I share your concern.  A secure AS registry infrastructure is needed for
> multiple AS instances, especially at scale.
>
>
>
>   I am very leery of the business case for them.  In particular, what
> financial burden should the patients/subjects take-on for the AS(s) they
> choose, and how does the consumer evaluate AS product offerings?  Also,
> since the chosen AS URIs can be used to help re-identify patients, we
> probably need a scheme to pseudonymize them in shared patient EHR & PHR
> data.
>
>
>
> Glen
>
>
>
> Glen F. Marshall
>
> Consultant
>
> Security Risk Solutions, Inc.
>
> 698 Fishermans Bend
>
> Mount Pleasant, SC 29464
>
> Tel: (610) 644-2452
>
> Mobile: (610) 613-3084
>
> gfm at securityrs.com
>
> www.SecurityRiskSolutions.com <http://www.securityrisksolutions.com/>
>
>
>
> *From:* Openid-specs-heart [mailto:
> openid-specs-heart-bounces at lists.openid.net] *On Behalf Of *Debbie Bucci
> *Sent:* Tuesday, May 3, 2016 09:37
> *To:* openid-specs-heart at lists.openid.net
> *Subject:* [Openid-specs-heart] AS authentication
>
>
>
>
>
> Are there a methods to register additional OIDC Providers as part of
> the dynamic client registration "dance" or open multiprotocol (sambits ?)
> registries  in place today  where OIDC providers can register in advance to
> aide these type of interactions?
>
>
>
> The thought of a provider (or researcher) having to authenticate to
> potentially hundreds of [UMA] AS  is worrisome and seems unmanageable at
> scale.
>
>
>
> Perhaps I'm missing something ...
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20160503/079d289e/attachment.html>

More information about the Openid-specs-heart mailing list