Authorized Access Only: Providing Secure Internet Access to Patient Information using Windows 2000 Server - PowerPoint PPT Presentation

bernad
slide1 l.
Skip this Video
Loading SlideShow in 5 Seconds..
Authorized Access Only: Providing Secure Internet Access to Patient Information using Windows 2000 Server PowerPoint Presentation
Download Presentation
Authorized Access Only: Providing Secure Internet Access to Patient Information using Windows 2000 Server

play fullscreen
1 / 22
Download Presentation
Authorized Access Only: Providing Secure Internet Access to Patient Information using Windows 2000 Server
705 Views
Download Presentation

Authorized Access Only: Providing Secure Internet Access to Patient Information using Windows 2000 Server

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Authorized Access Only: Providing Secure Internet Access to Patient Information using Windows 2000 Server Rex E. Gantenbein, Ph.D. Center for Rural Health Research and Education University of Wyoming

  2. Wyoming: “like no place on earth”

  3. Geographic distances

  4. Natural obstacles

  5. Sparse population, isolated communities

  6. Technological solutions • Telecommunications • Databases • Geographic information systems (GIS) • Internetworking Information Portal

  7. Technological problems • Interoperability • Scalability • Data integration • Quality of service • Privacy and security

  8. Creating a secure information portal • Security requires us to maintain: • Integrity of data • Confidentiality of data (storage and transit) • Availability of data • Authorization of users • Accountability of users

  9. Basis for our solution • NASA JSC Countermeasures and Evaluation Project (CEVP) database • Developed by Wyoming research team • Designed to efficiently disseminate life science data to discipline experts and extramural investigators • Centralized storage and distribution center for NASA life science research data • Provides multi-level security and Internet access to data • Resulting technology now being adapted for a secure health information portal

  10. Internet SECURE LAN Firewall Domain controller Firewall/Router UPS Datamart Hub UPS Data warehouse JetDirect UPS Switch Data warehouse Printer LAN printer Tape backup Desktop workstations UPS Local printer Public Web server www.health.uwyo.edu Creating a secure information portal

  11. Creating a secure information portal • Firewall • 2 NIC Server Cards w/onboard encryption capability, i.e. 3COM 3CR990SVR97) • Microsoft Windows 2000 Server • Microsoft ISA Server, Enterprise Edition • Domain Controller • NIC Server Cards w/onboard encryption capability • Microsoft Windows 2000 Server • Microsoft Access 2000 or Office 2000 w/Access • Microsoft Visual Studio

  12. Creating a secure information portal • Datamart • NIC Server Cards w/onboard encryption capability • Microsoft Windows 2000 Advanced Server • Microsoft Internet Information Server • Microsoft SQL Server • Microsoft Access 2000 or Office 2000 w/Access • Data warehouse • NIC Server Cards w/onboard encryption capability • Microsoft Windows 2000 Advanced Server • Microsoft Internet Information Server • Microsoft SQL Server

  13. Creating a secure information portal • Public Web server • NIC (Server card) • Microsoft Windows 2000 Advanced Server • Microsoft Internet Information Server

  14. Creating a secure information portal • Tape backup unit • HP SureStore robotic tape drive • Seven 80-GB tapes • Networking • 24-port switch for secure LAN • 8-port hub for external LAN • Firewall/router for Internet protection • Printers • Internal printer for secure LAN • Network printer for external LAN • Local printer for public Web server

  15. Supporting secure connections • Secure data storage • Multiple levels of authorization • Virtual private networking

  16. Data warehousing • Public Web server and non-secure machines reside in DMZ (semi-public LAN) • Data warehouses reside in secure LAN • Local (administrator) access only • Physically secure • Can be disconnected from network • Datamart also resides in secure LAN • Accessible from Internet • Stores data authorized for off-site use

  17. DMZ implementation • Internet connections protected by virtual private networking (Windows 2000) • Authorization (ticket) via Kerberos utility • Authentication via passwords • Encrypted communication between server and remote user • IP addresses of servers locally defined • No public DNS names except entry point

  18. DMZ implementation • Firewall is configured to deny all requests from machines outside the network except through VPN • Domain controller acts as Kerberos key distribution center for authentication and public key encryption • These machines cooperate to carry out local network address translation

  19. Virtual private networking • VPN extends the secure LAN over the Internet • Authenticates both ends of the connection and encrypts information passing between them • Built into Windows 2000 Server

  20. Benefits of a secure portal • Improved access to health-related data (overcoming geography) • Increased confidence in use of Internet for health information (overcoming fear)

  21. Center for Rural Health Research and Education http://www.health.uwyo.edu/ Rex Gantenbein, Technical Director Voice: 307.766.6549 Fax: 307.766.6608 Email: rex@uwyo.edu

  22. Thank you very much!