Produced by Araxis Merge on 9/9/2019 5:41:50 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | Webvram-v4.zip\20190725-webvram-source.zip\Documents | WebVRAM Design Change Recommendation - CLAIMS Not Available.docx | Tue Jul 23 23:11:38 2019 UTC |
2 | Webvram-v4.zip\20190725-webvram-source.zip\Documents | WebVRAM Design Change Recommendation - CLAIMS Not Available.docx | Thu Sep 5 19:41:33 2019 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 1 | 80 |
Changed | 0 | 0 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | Design Cha nge Recomm endation i f | |
2 | CLAIMS Sys tem is not available for WebVR AM Use | |
3 | ||
4 | ||
5 | ||
6 | White Pape r | |
7 | March 23, 2019 | |
8 | Preamble | |
9 | With the p otential f or the Web VRAM appli cation bei ng unable to use the VistA CLA IMS system as for bu siness-app roved user authentic ation, the following approach is recomme nded for a pplication design ch ange. It c onsiders t he simples t approach that shou ld require the least Level of Effort to implement, maintains system vi ability, w hile mitig ating arch itectural, security and privac y requirem ent concer ns, while at the sam e time rem aining neu tral regar ding VA Of fice 508 C ompliance. | |
10 | Assumption s | |
11 | 2FA PIV lo gin to Web VRAM will not be req uired unti l sometime after Jul y | |
12 | CLAIMS adm inistrator s will not allow us to add and grow user profiles on their N EW PERSON file – Not e: this am ounts to a dding reco rds to a f ile, NOT a dding CLAI MS users w ho will ac cess CLAIM S applicat ion featur es. The da ta additio ns to the NEW PERSON file will likely tr anslate to a few Meg abytes of increased data stora ge, even w ith up to 5,000 user s. One rec ord for on e user pro file is in the KB ra nge. | |
13 | The Busine ss Owners/ Stakeholde rs agree t o the foll owing gene ral approa ch: | |
14 | The busine ss establi shes an ad ministrati ve process , with app rovals, to allow use rs to acce ss WebVRAM . | |
15 | The busine ss provide s notifica tion to We bVRAM PMO/ Admin of i nitial use rs, and al l new user s needing access. | |
16 | The busine ss provide s notifica tion to We bVRAM PMO/ Admin of u sers chang ing jobs, leaving th e organiza tion, etc. , and need to be rem oved from the WebVRA M user dat abase. | |
17 | Notificati on of user s needing to be adde d will inc lude 1) th e name of local or “ home” Vist A where th e user has establish ed access and creden tials, 2) their VA N etwork ID, 3) primar y & second ary menus and keys t hey are au thorized t o use on t heir local VistA ins tance and 4) all rem ote VistA locations the user n eeds acces s to acros s the VA e nterprise. | |
18 | The busine ss provide s notifica tion to We bVRAM PMO/ Admin of u sers who c hange thei r VistA Ve rify code, with in 2 4 hours of that chan ge. | |
19 | The WebVRA M VA Admin istration funds and takes the responsibi lity to co ordinate w ith the Bu siness com munication s and plan ning to ad d new user s to the s ystem. Not e: In this scenario, personnel are NOT r equired to add new u sers into the databa se. This w ill be acc omplished and kept u pdated mon thly throu gh an auto mated prog rammatic W ebVRAM fea ture. | |
20 | VA Product Support a grees to a ssume the communicat ion respon sibilities with the business f or the add ition of n ew users. | |
21 | Recommende d Design A spects | |
22 | Create Web VRAM subro utine to p erform the following functions : | |
23 | Using busi ness appro ved user l ist, enter all appro ved users as variabl es in a re peating ro utine that accesses the user’s local Vis tA system and extrac ts their u ser profil e informat ion from t he NEW PER SON file, including Access/Ver ify codes. (READ) | |
24 | Once the u ser profil e data is retrieved, write tha t data int o a design ated WebVR AM SQL dat abase file (User Fil e) to incl ude user n ame, user VA Network ID, local primary & secondary menus and keys, and local Acc ess/Verify codes. (W RITE) | |
25 | The subrou tine will allow a va riable ent ry of a si ngle user, or multip le users t o retrieve and add o r update u ser inform ation to t he WebVRAM User File . | |
26 | The subrou tine is to be run mo nthly to p ick up any new user menus/keys and add t hem to the WebVRAM U ser File. | |
27 | The WebVRA M applicat ion will u tilized th is file to authentic ate users to the Web VRAM appli cation at user login . The user ’s local V istA Acces s/Verify c odes will be the sam e ones use d to login to WebVRA M on the U RL login p age. | |
28 | The WebVRA M applicat ion passes the user profile al ong with a single-us e token to each Vist A the user is approv ed to acce ss to acco mplish rem ote VistA login and synchroniz ation. | |
29 | This desig n approach resolves all access issues fo r CLASS 3, CLASS 2 o r COTS app lication a ccess and meets the business r equirement s for Vist A account synchroniz ation. | |
30 | This desig n involves straight forward co ding and s torage req uirements which can be reused or discard ed as need ed, withou t signific ant overhe ad added t o the appl ication or system pe rformance. | |
31 | Other Cons iderations | |
32 | The System Design mu st be chan ged, but c hanges wil l not be c omplicated or length y. | |
33 | System arc hitecture will not r equire sig nificant c hange. | |
34 | VIP requir ements and IOC testi ng prepara tion will not requir e modifica tion. | |
35 | Patch WEBG *1.0*0 wil l not need to be cha nged. | |
36 | The develo pment and implementa tion sched ule will b e extended , but the extension should all ow accompl ishment of coding ch anges, QA testing an d user tes ting in le ss time th an anticip ated to ac hieve IAM 2FA integr ation for user autho rization ( Part 1 of IAM integr ation). | |
37 | User provi sioning (s ynchroniza tion) to r emote Vist A systems to allow r emote Vist A, FBCS an d CPRS use will be a ccomplishe d several months soo ner than i ntegration with IAM to use the ir service s for user provision ing to rem ote VistA systems/ap plications (Part 2 o f IAM inte gration). | |
38 | Since PII is still t he only da ta receive d and stor ed by WebV RAM, and n o changes will be ma de to rece iving, sto ring or tr ansmitting PII, the following items are not affect ed: | |
39 | A&A and AT O document ation and processes should not need to b e modified or restar ted. | |
40 | OIT compli ance stori es should not requir e changes or additio ns, since PII is sti ll the onl y data rec eived and stored by the applic ation. |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.