The goal of TAS³ is to demonstrate that its architecture can deal with the following challenges in a generic and scalable way.
Main TAS³ challenges:
- User & Service Provider Authentication & Credential management
Authorizing end-users and service providers and allowing them to prove their qualifications in a timely and revocable manner. For instance: in healthcare this concerns the role credential for physicians, relationship credentials to prove that a physician is treating a certain patient, etc…).
- Establishing Trust between Users, Information Repositories and Service Providers
Enabling the users and service providers in TAS³ to specify which service providers they trust, and to allow them to provide trust and quality of service related feedback, so that this information can be used while executing the requested business processes. The challenge is to make these business processes take this feedback into account while determining which sub processes can be depended on to complete the transaction, without compromising the trust perception of the actors. This includes adhering to the security & data protection policies that must be enforced while processing this information, possibly over different contexts.
- Data Protection Policies
Exchanging and using information through complex business processes makes the evaluation of data protection policies an extremely complex task for which there is currently no straightforward solution. Controlling the disclosure of personal information throughout the complete architecture is still a challenge with today’s systems, and it may be required, temporarily and in precisely defined conditions, to overrule data protection policies using a “break the glass” or an “emergency override” procedure, which enable healthcare professionals to grant access to information to which they normally have no access.
- Transparency of Business Processes
Empowering service requesters to consult the transaction and audit trail of business processes that they initiated or in which their information was used. This challenges the controlled disclosure of information in the user-centerd TAS³ environment.
- Demonstrator Challenges
The main demonstrator challenge is to prove that the TAS³ system is sufficiently generic to deal with the demanding trust, security and privacy requirements of both the employability and healthcare domain. Within this project’s pilot, equal empowerment of both the user and the service provider is paramount. For employability this will considerably help to grow the nascent employability services market. Personal Health Record services will serve as one of the core components in the healthcare pilot.