In my opinion, the largest hurdle to a comprehensive Clinical Trials system, whether you talk about EDC or about traditional CTMS, is identity management.
Think about it:
What is the answer to those problems? Is it SAFE BioPharma? SAFE Digital Signatures absolutely have their advantages, and undoubtedly have a role for verifiable digital signatures, but even with SAFE users have multiple identities – at a minimum they have their corporate identity and a SAFE identity.
Let’s pose a couple scenarios:
Allow me to introduce you to Microsoft “Geneva”, the “Geneva Framework”, and the Microsoft Identity Federation Gateway. http://www.microsoft.com/geneva
Geneva is (essentially) the next version of Active Directory Federation Services with a key additional component: a Microsoft provided cloud based service for sharing Active Directory entries between organizations.
The official line (from the Geneva splash page) is that it is “an open platform that provides simplified user access and single sign-on for on-premises and cloud-based applications in the enterprise, across organizations, and on the Web.”
From a technical standpoint, the Geneva framework is designed to be interoperable, utilizing WS-* and SAML 2.0. The key to understanding Geneva is the notion of “claims” and STS (Security token Service).
A claim is simply a way of expressing who you are – an abstraction layer for authenticating, authorizing, and obtaining information about users and services.
For instance, the following are the claims that are provided when I log into my work machine:
These claims are provided to me by the STS when I authenticate, passed to me in a SAML token, and then provided to the application I want to use.
Applications that I try to use would then evaluate those claims to authenticate and authorize my access. Here is a slide from a recent presentation that gives a visual overview of the process:
There is a great whitepaper that goes into detail on the process located at: Geneva Claims Based Access Platform
From an administrative standpoint, it provides a number of advantages:
Thinking of SharePoint in particular, the following slide gives a brief example of what that would look like:
To wrap up, here is a slide from a presentation I gave recently on what the whole Identity Software + Services stack would look like.
Note: if you aren’t using Active Directory or Identity Lifecycle Manager, the above architecture still is valid as the system is designed for interoperability. There are whitepapers available at http://www.microsoft.com/forefront/geneva/en/us/WhitePapers.aspx that detail use of Geneva with Novell Access Manager as well as with Sun Open SSO.
A more detailed discussion of the Geneva platform will be provided in a Webcast that I would recommend to anyone in the Life Sciences industry on June 23rd. TechNet Webcast- Simplified Access and Single Sign-on with Microsoft
Of course, I’m biased in positing that this is a “game changer” for the Life Sciences industry, but I truly believe it is… the issue of Identity Management, Username and Password proliferation, and cross-company collaboration is an issue that has hindered true (and secure) data availability and collaboration in the Life Sciences industry. Perhaps now we can get the Identity Management issue behind us and move on.