Sequoia Project Healthcare Directory Implementation Guide
0.0.4 - CI Build
US
Sequoia Project Healthcare Directory Implementation Guide
0.0.4 - CI Build
US
Sequoia Project Healthcare Directory Implementation Guide - Local Development build (v0.0.4). See the Directory of published versions
Sequoia maintains several permanent distinct Healthcare Directory operational environments as listed immediately below. Several other environments may be maintained on an as-needed basis, such as to facilitate version upgrades or to provide an early experience for pending updates
The directory directly terminates all TLS connections and directly handles all HTTP responses. Stated differently, the deployed IT architecture does not use firmware firewall appliances to terminate requests for the TLS or HTTP levels. Thus all responses sent to directory clients are serviced directly by the directory core software or a closely-coupled reverse proxy. A transparent buffering proxy is deployed to service the initial HTTP inbound and outbound requests, and the core server implementation only acts on requests once the full request is ready for processing. This is designed to allow greatly improved scalability by off loading work caused by the slow client problem. This architecture allows a thin (low resource) thread to wait for slow clients that would otherwise consume core server resources needlessly and inefficiently.
Each of these environments has distinct features and security considerations, as further detailed elsewhere in this document. Each is secured using an API Key, and, 2-Way TLS with Mutual Authentication. For more information on TLS requirements, see the Security Section below. For more background on the API Key, including how to obtain one for each environment, see the API Key Section below.
All non-development directories have implemented a honey pot for defensive security reasons. The honey pot results in long time out delays for any request that is not valid for the supported functionality and use cases. For example, most attackers without special knowledge send commands such as GET /favicon.gif or POST /contact.html to probe the server of interest. The Sequoia Project Healthcare Directory will only respond to requests such as these after a (configurable) several minute delay which has the effect of slowing down attacking systems. This also can have the effect of reducing the efficiency of developmental and testing activities, and thus the honey pot can be disabled on a case-by-case basis. Note that the PROD honey pot cannot be disabled. To disable the honey pot, please send an email to techsupport@sequoiaproject.org to request such.
The various directory environments are secured using TLS and an API key. In DEV, the API key automatically disables the honey pot logic and enables diagnostic stack traces. In VAL and PROD, TLS successful connection establishment is mandatory requiring a valid VAL or PROD X.509 certificate, respectively, Sequoia Project x.509 certificate using either the correct security domains.
The Development directory is designed to accommodate client software development activities and is configured specifically to accomplish this objective. The DEV API key is required in DEV and automatically disables the honey pot and enables the return of detailed diagnostic information to the client software including stack traces, and human readable messages that may assist the client software development team in tracking down problems more efficiently. To obtain the base URL for DEV, please request access by sending an email to techsupport@sequoiaproject.org.
The eHealth Exchange Validation (VAL) environment is designed to emulate PROD as closely as possible while still maintaining complete partitioning between VAL and PROD. TLS connections are required using FIPS-compatible cipher suites. The VAL environment also differs from PROD in that VAL only has synthetic data. VAL requires the use of the VAL API key. To obtain the base URL for VAL, please request access by sending an email to techsupport@sequoiaproject.org.
VAL is only used by the eHealth Exchange.
The data in VAL is required to be non-PHI content. Restating another way, the eHealth Exchange VAL environment is prohibited from having any PHI.
STAGE is designed to emulate PROD as closely as possible while still maintaining complete partitioning between STAGE and PROD. TLS connections are required using FIPS-compatible cipher suites. The STAGE environment has production end points, but is generally a few weeks out of date, and is can be thought of as a pre-production sandbox for final testing prior to going live with PROD. To obtain the base URL and an API key for STAGE, please request access by sending an email to techsupport@sequoiaproject.org.
The PROD environment is reserved for limited testing and for bona fide production operational use. Extensive testing, or excessive use resulting in performance degradation will be noted and brought to the attention to the offending party for collaboration and remediation. To obtain the base URL and an API key for PROD please request access by sending an email to techsupport@sequoiaproject.org.
The PROD environment is curated by Sequoia Project staff who rely heavily upon the users of the directory to provide high quality information.