Enterprise Single Sign-On Project

Project Overview

Enterprise Single Sign-On is a project performed at NIST for the Department of Veterans Affairs and their VistA hospital information system. It is designed to add functionality to the existing RPC Broker Single Sign-On facility.

The RPC Broker with Single Sign-On requires:

The user has an account with valid access and verify codes on each VistA server he is to use.
The first connection from a user's workstation to a VistA server, the access and verify codes must be entered.
Subsequent connections (different application / same workstation / same user) do not require access and verify codes.
First connections to other VistA servers require access and verify codes (usually different access and verify codes for different systems).

The Enterprise Single Sign-On Project (ESSO) extends these basic system functions by:

Eliminating the use of access and verify codes for the user workstation's first connection to a VistA server.
Allowing users to visit VistA systems where they do not yet have an account with access and verify codes. This allows providers to access VistA systems where their patients have records without the administrative overhead of obtaining an account and remembering the access and verify codes.
Operating without the RPC Broker Client Agent running on the workstation (library version only).

These enhancements are made possible by integrating the VistA and Windows NT authentication mechanisms. A VistA user in this environment has an account in the Windows NT domain. That account can be accessed from any NT workstation in the facility. Once the user logs into the NT environment (single account name and password) then access to one or more VistA servers is possible without further authentication (access and verify codes).

Given the facilities developed in this project then from a user's point of view there are then two types of VistA servers:

A Home System - a VistA server where the user has an account and valid access and verify codes. This is the collection of VistA servers the user uses now.

A Visit System - a VistA server where the user does not have an account but needs access, possibly to check a patient's progress at a distant medical center. Assuming the necessary agreements between medical centers, the user can "visit" the distant medical center from his workstation and run GUI applications.

All of this works within the same set of security constraints, technically called access controls, that exist on current VistA servers.