ImageVerifierCode 换一换
格式:PDF , 页数:50 ,大小:1.22MB ,
资源ID:585237      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-585237.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(BS ISO 17090-1-2013 Health informatics Public key infrastructure Overview of digital certificate services《健康信息学 公开密钥基础设施 数字证书业务综述》.pdf)为本站会员(fatcommittee260)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

BS ISO 17090-1-2013 Health informatics Public key infrastructure Overview of digital certificate services《健康信息学 公开密钥基础设施 数字证书业务综述》.pdf

1、raising standards worldwideNO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBSI Standards PublicationBS ISO 17090-1:2013Health informatics Publickey infrastructurePart 1: Overview of digital certificateservicesBS ISO 17090-1:2013 BRITISH STANDARDNational forewordThis British Sta

2、ndard is the UK implementation of ISO 17090-1:2013.It supersedes BS ISO 17090-1:2008 which is withdrawn.The UK participation in its preparation was entrusted to TechnicalCommittee IST/35, Health informatics.A list of organizations represented on this committee can beobtained on request to its secret

3、ary.This publication does not purport to include all the necessaryprovisions of a contract. Users are responsible for its correctapplication. The British Standards Institution 2013. Published by BSI StandardsLimited 2013ISBN 978 0 580 81169 2ICS 35.240.80Compliance with a British Standard cannot con

4、fer immunity fromlegal obligations.This British Standard was published under the authority of theStandards Policy and Strategy Committee on 31 May 2013.Amendments issued since publicationDate Text affectedBS ISO 17090-1:2013 ISO 2013Health informatics Public key infrastructure Part 1: Overview of di

5、gital certificate servicesInformatique de sant Infrastructure de cl publique Partie 1: Vue densemble des services de certificat numriqueINTERNATIONAL STANDARDISO17090-1Second edition2013-05-01Reference numberISO 17090-1:2013(E)BS ISO 17090-1:2013ISO 17090-1:2013(E)ii ISO 2013 All rights reservedCOPY

6、RIGHT PROTECTED DOCUMENT ISO 2013All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permis

7、sion. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester.ISO copyright officeCase postale 56 CH-1211 Geneva 20Tel. + 41 22 749 01 11Fax + 41 22 749 09 47E-mail copyrightiso.orgWeb www.iso.orgPublished in SwitzerlandBS ISO 17090-1:2013

8、ISO 17090-1:2013(E) ISO 2013 All rights reserved iiiContents PageForeword ivIntroduction v1 Scope . 12 Normative references 13 Terms and definitions . 13.1 Healthcare context terms . 13.2 Security services terms 33.3 Public key infrastructure related terms 64 Abbreviations. 95 Healthcare context 95.

9、1 Certificate holders and relying parties in healthcare 95.2 Examples of actors 105.3 Applicability of digital certificates to healthcare 116 Requirements for security services in healthcare applications 126.1 Healthcare characteristics 126.2 Digital certificate technical requirements in healthcare1

10、36.3 Healthcare-specific needs and the separation of authentication from data encipherment 146.4 Health industry security management framework for digital certificates .146.5 Policy requirements for digital certificate issuance and use in healthcare .147 Public key cryptography 157.1 Symmetric vs. a

11、symmetric cryptography . 157.2 Digital certificates 157.3 Digital signatures . 157.4 Protecting the private key 168 Deploying digital certificates 178.1 Necessary components . 178.2 Establishing identity using qualified certificates .188.3 Establishing speciality and roles using identity certificate

12、s 188.4 Using attribute certificates for authorisation and access control 199 Interoperability requirements .209.1 Overview . 209.2 Options for deploying healthcare digital certificates across jurisdictions .209.3 Option usage 22Annex A (informative) Scenarios for the use of digital certificates in

13、healthcare 23Bibliography .38BS ISO 17090-1:2013ISO 17090-1:2013(E)ForewordISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical

14、committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with

15、the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.The main task of technical committees is to prepare International Standards. Draft Internati

16、onal Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote.Attention is drawn to the possibility that some of the elements of this document may be t

17、he subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights.ISO 17090-1 was prepared by Technical Committee ISO/TC 215, Health informatics.This second edition cancels and replaces the first edition (ISO 17090-1:2008), of which it constitutes a minor r

18、evision.ISO 17090 consists of the following parts, under the general title Health informatics Public key infrastructure: Part 1: Overview of digital certificate services Part 2: Certificate profile Part 3: Policy management of certification authorityAnnex A of this part of ISO 17090 is for informati

19、on only.iv ISO 2013 All rights reservedBS ISO 17090-1:2013ISO 17090-1:2013(E)IntroductionThe healthcare industry is faced with the challenge of reducing costs by moving from paper-based processes to automated electronic processes. New models of healthcare delivery are emphasizing the need for patien

20、t information to be shared among a growing number of specialist healthcare providers and across traditional organisational boundaries.Healthcare information concerning individual citizens is commonly interchanged by means of electronic mail, remote database access, electronic data interchange, and o

21、ther applications. The Internet provides a highly cost-effective and accessible means of interchanging information, but it is also an insecure vehicle that demands additional measures be taken to maintain the privacy and confidentiality of information. Threats to the security of health information t

22、hrough unauthorised access (either inadvertent or deliberate) are increasing. It is essential to have available to the healthcare system reliable information security services that minimise the risk of unauthorised access.How does the healthcare industry provide appropriate protection for the data c

23、onveyed across the Internet in a practical, cost-effective way? Public key infrastructure (PKI) and digital certificate technology seek to address this challenge.The proper deployment of digital certificates requires a blend of technology, policy, and administrative processes that enable the exchang

24、e of sensitive data in an unsecured environment by the use of “public key cryptography” to protect information in transit and “certificates” to confirm the identity of a person or entity. In healthcare environments, this technology uses authentication, encipherment, and digital signatures to facilit

25、ate confidential access to, and movement of, individual health records to meet both clinical and administrative needs. The services offered by the deployment of digital certificates (including encipherment, information integrity, and digital signatures) are able to address many of these security iss

26、ues. This is especially the case if digital certificates are used in conjunction with an accredited information security standard. Many individual organisations around the world have started to use digital certificates for this purpose.Interoperability of digital certificate technology and supportin

27、g policies, procedures, and practices is of fundamental importance if information is to be exchanged between organisations and between jurisdictions in support of healthcare applications (for example between a hospital and a community physician working with the same patient).Achieving interoperabili

28、ty between different digital certificate implementations requires the establishment of a framework of trust, under which parties responsible for protecting an individuals information rights may rely on the policies and practices and, by extension, the validity of digital certificates issued by other

29、 established authorities.Many countries are deploying digital certificates to support secure communications within their national boundaries. Inconsistencies will arise in policies and procedures between the certification authorities (CAs) and the registration authorities (RAs) of different countrie

30、s if standards development activity is restricted to within national boundaries.Digital certificate technology is still evolving in certain aspects that are not specific to healthcare. Important standardisation efforts and, in some cases, supporting legislation are ongoing. On the other hand, health

31、care providers in many countries are already using or planning to use digital certificates. This International Standard seeks to address the need for guidance of these rapid international developments.This International Standard describes the common technical, operational, and policy requirements th

32、at need to be addressed to enable digital certificates to be used in protecting the exchange of healthcare information within a single domain, between domains, and across jurisdictional boundaries. Its purpose is to create a platform for global interoperability. It specifically supports digital cert

33、ificate-enabled communication across borders, but could also provide guidance for the national or regional deployment of digital certificates in healthcare. The Internet is increasingly used as the vehicle of choice to support the movement of healthcare data between healthcare organisations and is t

34、he only realistic choice for cross-border communication in this sector. ISO 2013 All rights reserved vBS ISO 17090-1:2013ISO 17090-1:2013(E)This International Standard should be approached as a whole, with the three parts all making a contribution to defining how digital certificates can be used to

35、provide security services in the health industry, including authentication, confidentiality, data integrity, and the technical capacity to support the quality of digital signature.ISO 17090-1 defines the basic concepts underlying the use of digital certificates in healthcare and provides a scheme of

36、 interoperability requirements to establish digital certificate-enabled secure communication of health information.ISO 17090-2 provides healthcare specific profiles of digital certificates based on the International Standard X.509 and the profile of this specified in IETF/RFC 3280 for different type

37、s of certificates.ISO 17090-3 deals with management issues involved in implementing and using digital certificates in healthcare. It defines a structure and minimum requirements for certificate policies (CPs) and a structure for associated certification practice statements. ISO 17090-3 is based on t

38、he recommendations of the informational IETF/RFC 3647, Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework, and identifies the principles needed in a healthcare security policy for cross border communication. It also defines the minimum levels of securit

39、y required, concentrating on the aspects unique to healthcare.Comments on the content of this International Standard, as well as comments, suggestions, and information on the application of these standards may be forwarded to the ISO/TC 215 secretariat.vi ISO 2013 All rights reservedBS ISO 17090-1:2

40、013INTERNATIONAL STANDARD ISO 17090-1:2013(E)Health informatics Public key infrastructure Part 1: Overview of digital certificate services1 ScopeThis part of ISO 17090 defines the basic concepts underlying the use of digital certificates in healthcare and provides a scheme of interoperability requir

41、ements to establish a digital certificate-enabled secure communication of health information. It also identifies the major stakeholders who are communicating health-related information, as well as the main security services required for health communication where digital certificates may be required

42、.This part of ISO 17090 gives a brief introduction to public key cryptography and the basic components needed to deploy digital certificates in healthcare. It further introduces different types of digital certificates identity certificates and associated attribute certificates for relying parties, s

43、elf-signed certification authority (CA) certificates, and CA hierarchies and bridging structures.2 Normative referencesThe following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited app

44、lies. For undated references, the latest edition of the referenced document (including any amendments) applies.ISO 17090-2:2008, Health informatics Public key infrastructure Part 2: Certificate profileISO 17090-3:2008, Health informatics Public key infrastructure Part 3: Policy management of certifi

45、cation authority3 Terms and definitionsFor the purposes of this document, the following terms and definitions apply.3.1 Healthcare context terms3.1.1applicationidentifiable computer running software process that is the holder of a private encipherment keyNote 1 to entry: Application, in this context

46、, can be any software process used in healthcare information systems, including those without any direct role in treatment or diagnosis.Note 2 to entry: In some jurisdictions, including software, processes can be regulated medical devices.3.1.2deviceidentifiable computer-controlled apparatus or inst

47、rument that is the holder of a private encipherment keyNote 1 to entry: This includes the class of regulated medical devices that meet the above definition.Note 2 to entry: Device, in this context, is any device used in healthcare information systems, including those without any direct role in treat

48、ment or diagnosis. ISO 2013 All rights reserved 1BS ISO 17090-1:2013ISO 17090-1:2013(E)3.1.3healthcare actorregulated health professional, non-regulated health professional, sponsored healthcare provider, supporting organisation employee, patient/consumer, healthcare organisation, device, or applica

49、tion that acts in a health-related communication and requires a certificate for a digital certificate-enabled security service3.1.4healthcare organisationofficially registered organisation that has a main activity related to healthcare services or health promotionEXAMPLE Hospitals, Internet healthcare website providers, and healthcare research institutions.Note 1 to entry: The organisation is recognised to be legally liable for its activities but need not be registered for its specific role in health.Note 2 to entry: An internal part

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1