Smartcards and PKI at Medicare Australia


A presentation on a semi-customised PKI smartcard deployed to a large public hopsital in support of a range of innovavtive e-health applications.  


[The case] illustrates why PKI so important in complex information management environments like ealthcare. PKI isn’t just about access control; crucially, it allows for transactions to carry the authority information of the originator, bound to the transaction by digital signatures, and forever after instantly verifiable without needing to defer to historical data about the originator’s authority and credentials.

Only PKI has the ability to bind the originator’s credentials and authority information directly to the transaction, resist tampering, and preserve that information binding over arbitrarily long periods of time. Conventionally we may use audit logs to work out who did what to whom when we need to “rewind” electronic transactions, and in simple closed systems like Internet banking, audit logs suffice. But in more complex environments, where logs are not guaranteed over long periods of time, PKI is the only viable way to preserve transaction authority. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I