Enterprise User Authentication

From IHE Wiki
Jump to: navigation, search


The Enterprise User Authentication (EUA) Integration Profile defines a means to establish one name per user that can then be used on all of the devices and software that participate in this integration profile. This profile leverages Kerberos (RFC 1510) and the HL7 CCOW standard (user subject). User authentication is a necessary step for most application and data access operations and it is a workflow improvement for the users. The IHE EUA Profile adds value to the CCOW specification for the user subject by specifying the user subject and CCOW user subject suffix.


Single Sign-on

  • This profile greatly facilitates centralized user authentication management and provides users with the convenience and speed of a single sign-on.


The Enterprise User Authentication (EUA) Integration Profile:

  • A number of transactions used in this profile conform to the Kerberos v5 standard, defined in RFC 1510. This standard has been stable since 1993, is widely implemented on current operating system platforms, has successfully withstood attacks in its 15-year history, and is fully interoperable among platforms. For example, Sun Solaris, Linux, AIX, HPUX, IBM-z/OS, IBM-OS400, Novell, MAC OS X, and Microsoft Windows 2000/XP all implement Kerberos in an interoperable manner. This is not a complete list; many other vendors also support Kerberos.

Systems Affected

Systems involved in this profile are:

  • Any healthcare information system that requires user authentication (sign-on)

Actors & Transactions:



Profile Status: Final Text

Documents: IHE IT Infrastructure Technical Framework Version 1 or later

  • Vol. 1 - Section 4
  • Vol. 2 - Sections 3.2-3.7, 3.13

Underlying Standards:

See Also

Related Profiles

This page is based on the Profile Template

Current: IT Infrastructure Technical Framework.