isis-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stephen Cameron <steve.cameron...@gmail.com>
Subject Re: Accessing confidential data - 2 step authentication support
Date Wed, 29 Nov 2017 11:37:15 GMT
Hi Nikil,

Good to know someone else is using Apache Isis in Australia, if you need
another resource I am in Hobart.

I started to look a two factor authentication via Apache Shiro, maybe an
external authentication server/service/product already has the capacity to
have separate kinds of authentication for the same user and its just a case
of in Apache Isis forcing a reauthentication (using the two level protocol
with the external service if the user attempts to access a medical record ?

I think its difficult to store and update very complex medical records in a
relational database model. Hospital systems make use of specialised
databases i read, for performance reasons. So you are looking at a second
system to do that well, but that is not to say that Apache Isis cannot have
functionality added.

Just my two bits.

Steve Cameron

On Wed, Nov 29, 2017 at 10:13 PM, Nikhil Dhamapurkar <
nikhil.dhamapurkar@healthengine.com.au> wrote:

> Hi Everyone,
>
> We have a use case where an entity Patient has data with 2 parts.  1) non
> confidential details ( like name, last name)  &  2) some confidential data
> associated with it (like medical records).
>
> We want to enable a 2 factor Authentication when retrieving the
> confidential data when calling ISIS from the REST based swagger API has
> someone came across a similar use case ?
>
> I would like to know if it will be advisable to have apache ISIS own the
> Model and have both the details confidential and non confidential as part
> of the entity and do validation via ISIS or will be better
> To keep the confidential data in an entity/data store outside of apache
> ISIS ?
>
> Application requests → level 1 Authentication → (Gets  non confidential
> data) → based on the data and encrypted key → sends request to another
> source to get confidential data from it.
>
> OR
>
> Application Requests → with level 1 and Level 2 access Identifiers→ apache
> ISIS Identifies it has both tokens → returns the confidential data as well
> in the response.
>
> Regards
> Nikhil
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message