Enterprise Refactoring with Apache

Enterprise Refactoring with Apache

Evolving VistA Open Architecture

Edward Ost

Agenda

➜

Enterprise Refactoring Strategy

➜

Apache Solution Architecture

➜

Refactoring Use Cases

•

HL7 Event Subscription

•

Security

•

Value Added Mediation

➜

Q&A

Enterprise Refactoring Strategy

Refactoring Definition

Refactoring is a disciplined technique for restructuring an existing

body of code, altering its internal structure without changing its

external behavior.

•

Its heart is a series of small behavior preserving transformations.

•

Each transformation (called a 'refactoring') does little, but a sequence of

transformations can produce a significant restructuring.

•

Since each refactoring is small, it's less likely to go wrong.

•

The system is also kept fully working after each small refactoring,

reducing the chances that a system can get seriously broken during the

restructuring.

© Talend 2013

Refactoring Benefits

Refactoring is undertaken in order to improve some of

the nonfunctional attributes of the software.

Advantages include improved code readability and

reduced complexity to improve the maintainability of

the source code, as well as a more expressive internal

architecture or object model to improve extensibility.

Wikipedia

© Talend 2013

Refactoring in an OSEHRA Context

➜

Refactoring assures stakeholder investments will be preserved

➜

Refactor to ease the introduction of new features without

disrupting existing functionality

➜

Refactoring combined with Continuous Integration and Test

Driven SOA allow teams to work in parallel

➜

Refactoring enables market driven innovation while providing

structure and stability necessary for community

Enterprise Architecture Alignment

Definition of Layers

➜

Only a small part of the stack is built by traditional application development

groups

➜

Security will be implemented by multiple groups in accordance with security

policies and procedures

8 7 6 5 4

Layer

2 1 3

Virtual Hardware / OS Environment Provisioning Physical Hardware / OS Environment Virtual Management Environment Provisioning System Management and Control

Virtual Data Layer SQL Physical Data Layer

Encryption-Anti Virus Audit Logs Data Access Controls

Software Distribution System Monitoring

Data Replication

Virtual Enterprise Software Environment Configuration Physical Middleware Environment Security Domains

Performance Mgmt

COTS Software Environment Service Facades Physical COTS Environment Security Domains

Performance Mgmt

System

Management

Security &

Privacy

_{Virtual Stack}

Transformation

Physical Stack

Enterprise Standard Message Layer Message Adapters Legacy Point-to-Point Communication SOA Services Layer Service Facade Legacy Systems

Standard Headers Vulnerability Detection

Network Latency Service Contracts

Virtual Interface Layer Message Adapters Physical Interface Layer Encryption

Application Firewalls

Overview of the VA Target Enterprise Application Architecture (EAA)

OpenMash Layer Mapping

9

© Talend 2011

8 7 6 5 4

Layer

2 1 3

Virtual Hardware / OS Environment Provisioning Physical Hardware / OS Environment Virtual Management Environment Provisioning System Management and Control

Virtual Data Layer SQL Physical Data Layer

Encryption-Anti Virus Audit Logs Data Access Controls

Software Distribution System Monitoring

Data Replication

Virtual Enterprise Software Environment Configuration Physical Middleware Environment Security Domains

Performance Mgmt

COTS Software Environment Service Facades Physical COTS Environment Security Domains

Performance Mgmt

System

Management

Security &

Privacy

_{Virtual Stack}

Transformation

Physical Stack

Enterprise Standard Message Layer Message Adapters Legacy Point-to-Point Communication SOA Services Layer Service Facade Legacy Systems

Standard Headers Vulnerability Detection

Network Latency Service Contracts

Virtual Interface Layer Message Adapters Physical Interface Layer Encryption

Application Firewalls

RPC, CIA, HL7, iCal,

CalDav

Google Calendar API,

CIA, MDWS

oAuth

Syncope

WS-Security

GAE, GCE

MedSphere

Scheduling Client

VistA Evolution 1.0 Draft

➜

Infrastructure

•

IEHR ESB

•

VistA Service Backplane

•

VistA Core

➜

The preferred method for exposing the notification to

the ESB is via HL7 message queued for transmission as

the event occurs.

➜

Event Driven Architecture (EDA)

•

Callbacks

•

Pub-sub

VistA Evolution 1.0 Draft – API List

➜

Allergies

➜

Authorization Subscription Utility

(ASU)

➜

Bar Code Medication Administration

(BCMA)

➜

Clinical Reminders

➜

Computerized Patient Record System

(CPRS) Order Management Modules

➜

Discharge summary

➜

Health Level Seven (HL7)

➜

Kernel

➜

Mailman

➜

Medication List

➜

Notes/Clinical Documentation

© Talend 2013

➜

Patient Selection (Scheduling API)

➜

Postings (Crisis notes, Warnings,

Adverse reactions, Directives)

➜

Problem List (under CPRS)

➜

Remote Data View

➜

Remote Procedure Call (RPC) Broker

➜

Sign In (from Kernel)

➜

Text Integration Utility (TIU)

➜

VA FileMan

➜

Virtual Patient Record

➜

VistA Data Extraction Framework

(VDEF)

➜

VistA Imaging

VistA Evolution 1.0 Draft – API Categories

Pure Medical Domain API

➜

Allergies

➜

Authorization Subscription Utility

(ASU)

➜

Bar Code Medication Administration

(BCMA)

➜

Computerized Patient Record System

(CPRS) Order Management Modules

➜

Discharge summary

➜

Health Level Seven (HL7)

➜

Medication List

➜

Postings (Crisis notes, Warnings,

Adverse reactions, Directives)

➜

Virtual Patient Record

➜

Problem List (under CPRS)

© Talend 2013

Pure IT Domain API

➜

Kernel

➜

Mailman

➜

Remote Procedure Call (RPC) Broker

➜

Sign In (from Kernel)

➜

Text Integration Utility (TIU)

➜

VA FileMan

➜

VistALink

Application Extension

➜

Notes/Clinical Documentation

➜

Patient Selection (Scheduling API)

➜

Remote Data View

➜

VistA Data Extraction Framework

(VDEF)

M Platform

(Caché or open source platform (ie. GT.M), 130+ instances in production in VA)

VistA Evolution

© Talend 2013

VistA M Routine Calling Adapter (VMRCA)

Enterprise Service Bus (ESB)

Registry and Repository

(Websphere)

Core ESB

(Websphere)

VistA SOA Service

Registry Entries

VistA SOA Service

Proxies

VistA Service Backplane (VSB) - Regional

SOA Service Descriptors

VistA SOA Services

All Other Packages

VistA M Routine Calling Service (VMRCS)

Site

Specific

Generated by

VistA Service

Assembler

(VSA) Wizard

VistA

Derived from

VistA Service Assembler (VSA)

Conceptual and Technical Overview

Keith Cox & Travis Hilton

ESS AWG

VistA Service Backplane (VSB)

➜

Refactor existing functionality (e.g. Ray Group)

➜

Expose interfaces and API’s

➜

Delegate responsibility to the Bus

•

Security

•

Reliable Delivery

•

Composition

•

Transformation

➜

Service Enable legacy technologies

•

First class transport adaptors for performance (RPC)

•

Standards based external transport (SOAP, JMS, MLLP)

•

Standards based data protocols (HL7, iCal)

© Talend 2013

Responsibility Driven Design – VSB

➜

Adapts interfaces to standards & specifications

➜

Message Exchange Patterns: request-reply and pub-sub

➜

Event driven loose coupling with callback support

➜

Value added mediation

➜

Manages both consumers and providers

➜

Standard invocation framework for composition

➜

Integration with other Services (OSEHRA)

15

© Talend 2011

Apache Solution Architecture

Eclipse STP/WTP

REST & W eb Services

Apache Maven

Build & Deploy

Apache CXF

REST & W eb Services

Apache Camel

Mediation

Apache ActiveMQ

Message Broker

Apache Karaf

OSGi

Eclipse Equinox

OSGi

Development

Runtime

Apache Integration with Talend

Service Backplane versus ESB

➜

An ESB provides dedicated integration nodes as

separate processes.

➜

The purpose of the service backplane is to allow a

flexible architecture that deploys mediation modules

in either the server, the client, or dedicated

integration nodes in a single managed environment.

➜

A service backplane can refactor a client-server

architecture to a more distributed data service

architecture.

Service Taxonomy

© Talend 2013

The term “Service” is overloaded.

Services exist at multiple levels of abstraction

➜

Service Distributed

Computing Challenges

•

IPC overhead

•

Network topology

•

Security constraints

•

Transaction Support

•

Reliable Delivery

Component API

Basic Service

Managed Service

Business Activity

Business Process

Architecture – Layered Integration

➜

Process

•

Human-in-the-loop, long running, asynchronous

•

Orchestrates Business Activities

➜

Mediation

•

Choreograph Managed Services into Business Activities

•

Transform Events into Command Messages

•

Correlate Events with Business Process

➜

Managed Services

•

Adapt Basic Services to provide consistent integration semantics for

security, reliable messaging, and other cross-cutting concerns

•

Enrich data messages into Events with Process Id for correlation

•

Correlate requests-replies from Basic Services

➜

Basic Services

•

Stateless business logic and data services

M Platform

(Caché or open source platform (ie. GT.M), 130+ instances in production in VA)

VistA Evolution

© Talend 2013

VistA M Routine Calling Adapter (VMRCA)

Enterprise Service Bus (ESB)

Registry and Repository

(Websphere)

Core ESB

(Websphere)

VistA SOA Service

Registry Entries

VistA SOA Service

Proxies

VistA Service Backplane (VSB) - Regional

SOA Service Descriptors

VistA SOA Services

All Other Packages

VistA M Routine Calling Service (VMRCS)

VistA

Managed Services

Basic Services

HL7 Event Subscription

Basic VistA Data Services

➜

VMRCS composes M routines into Basic Data Services

➜

May compose multiple routines previously exposed as

RPC

➜

Avoid IPC overhead

➜

Avoid overly fine-grained Basic Services

➜

Single M Platform security context per call

➜

M security delegated to VMRCA

➜

Responsible for System level security

© Talend 2013

ESB

(Websphere)

VSB Integration Routes

© Talend 2013

Splitter

_{Transform Aggregator}

Message

Correlation

Enrichment

Event

Validate

Endpoint

Command

Message

Routing

Slip

Normalize

Recipient

List

RPC

HTTPS / EWD

HL7

SOAP

JMS

Message Adaptors

Security

Publish-Subscribe

Routing

VSB

Extensible Camel Adaptor Framework

© Talend 2013

RPC

_iCal

_HL7

Extensible

Component

Framework

Camel HL7

➜

MLLP transport

➜

HL7 data format

➜

HL7 v2 Messages

➜

HAPI Library

© Talend 2013

<bean id="hl7codec" class="org.apache.camel.component.hl7.HL7MLLPCodec">

<property name="charset" value="iso-8859-1"/>

</bean>

<bean id="patientLookupService" class="com.mycompany.healthcare.service.PatientLookupService"/>

<endpoint id="hl7listener" uri="mina2:

tcp://localhost:8888?sync=true&amp;codec=

#hl7codec"/>

Subscription Mediation for Data Security

© Talend 2013

Subscription Mediation Logic

Integration Server

Clustered

Subscriber Route Instance

Message Broker

Clustered

AMQ Topic

Camel vm:

Topic

Subscriber

Filter

Subscription

Mediation

Logic

CXF

Invocation

BC

RouteBuilder

Builds

Provider

Filter

Subscriber

Filter

Provider

Transform

Enteprise

Transform

Enterprise

Filter

Subscriber

Transform

Security Mediation

Security Entity and Session Scope

➜

Security Entity

•

System / Server

•

Application / Consumer

•

User

➜

Authentication / Authorization

➜

Session / Message

➜

Transport / Message

➜

Mixing these potentially requires multiplexing which message

level secured entity is being used across a transport session

Credentials - why SAML x.509?

➜

TLS with mutual Auth?

•

Subject tied to Connection certificate of the intermediary instead of initiator

➜

WS-Security Binary Security Token?

•

Subject tied to signing Certificate of the intermediary instead of initiator

➜

WS-Security Username Token?

•

Username Token identifies the subject and is independent of the SOAP message

•

Clear Password within the token and the ID store

➜

SAML Assertion

•

Assertion provides subject independent of SOAP message signature or transport

•

Assertion signed by issuer ties assertions to intermediary’s request

Value Added Mediation – Security

➜

Security Profile Alternatives

•

Transport layer security (SSL V3.0 and TLS V1.0)

•

SessionId and SSO at App transport layer for Server / Service

•

Per-message message-level security using WS-Security

•

Per-session message-level security using WS-Security

•

SecureConversation Message Layer for User or Service with

SAML x.509

➜

Security Gateway Solution Pattern

•

Connect to ESB using Transport Security

Sample Basic Security Profile

Encryption

Server Auth

App Auth

User Auth

Data Authz

Human to

App

N/A

OS Login

OS Logic

App Login

App Logic

App to ESB

Transport

(HTTPS,

JMS/SSL)

HTTPS

SAML

N/A

N/A

ESB to VSB

Transport

(HTTPS,

JMS/SSL)

HTTPS

SAML

N/A

N/A

VSB to

VMRCS

Transport

(HTTPS)

HTTPS

Trusted

Basic Auth

N/A

VSB

Transform

VMRCS to

VMRCA

N/A

N/A

VistA or

M Kernel

N/A

VistA

© Talend 2013

WS-Security Scenarios

STS Server Roles

➜

Identity Provider (IP-STS)

•

Authenticates a client locally, e.g. Windows or LDAP.

•

Creates a assertions based on local identity

•

May add additional assertions

➜

Relying Party STS(RP-STS).

•

RP-STS does not authenticate the client

•

WS-Trust between IP-STS and RP-STS

•

RP-STS relies on token provided by IP-STS

•

PDP authorizes client assertions

WebApp Security

© Talend 2013

Service consumers such as web portals can use SAML

assertions for SSO subject propagation

Must be careful to distinguish between Transport Session

and Message level security

Bus Security

© Talend 2013

Federated Claim Transformation

© Talend 2013

ESB

Proxy

Client

CXF

Keystore / Truststore

Server

CXF

Keystore / Truststore SOAP/HTTPS Mutual Auth WS-* Interceptor Pairs

STS

IP-STS WSDL WS-Policy

WS-Trust

RST / RSTR Message IDTimestamp SAML Assertion Digital Signature

Client

CXF

Keystore / Truststore

Proxy

Server

CXF

Keystore / Truststore SOAP/HTTPS Mutual Auth WS-* Interceptor Pairs WSDL WS-Policy

WS-Trust

RST / RSTR Timestamp Message ID SAML Assertion Digital Signature

STS

RP-STS

WS-Trust

En te rp ris e B o u n d ar y

IP-STS and RP-STS share common Claims which are translated into local

privileges by RP-STS

Value Added Mediation

Pass-through Mediation

VistA HA

© Talend 2013

Service Backplane

Federated Query

© Talend 2013

Service Backplane

Summary

Questions

Edward Ost

[email protected]

301-666-1039