BS ISO 17090-1-2013 Health informatics Public key infrastructure Overview of digital certificate services《健康信息学 公开密钥基础设施 数字证书业务综述》.pdf

1、raising standards worldwideNO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBSI Standards PublicationBS ISO 17090-1:2013Health informatics Publickey infrastructurePart 1: Overview of digital certificateservicesBS ISO 17090-1:2013 BRITISH STANDARDNational forewordThis British Sta

2、ndard is the UK implementation of ISO 17090-1:2013.It supersedes BS ISO 17090-1:2008 which is withdrawn.The UK participation in its preparation was entrusted to TechnicalCommittee IST/35, Health informatics.A list of organizations represented on this committee can beobtained on request to its secret

3、ary.This publication does not purport to include all the necessaryprovisions of a contract. Users are responsible for its correctapplication. The British Standards Institution 2013. Published by BSI StandardsLimited 2013ISBN 978 0 580 81169 2ICS 35.240.80Compliance with a British Standard cannot con

4、fer immunity fromlegal obligations.This British Standard was published under the authority of theStandards Policy and Strategy Committee on 31 May 2013.Amendments issued since publicationDate Text affectedBS ISO 17090-1:2013 ISO 2013Health informatics Public key infrastructure Part 1: Overview of di

5、gital certificate servicesInformatique de sant Infrastructure de cl publique Partie 1: Vue densemble des services de certificat numriqueINTERNATIONAL STANDARDISO17090-1Second edition2013-05-01Reference numberISO 17090-1:2013(E)BS ISO 17090-1:2013ISO 17090-1:2013(E)ii ISO 2013 All rights reservedCOPY

6、RIGHT PROTECTED DOCUMENT ISO 2013All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permis

7、sion. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester.ISO copyright officeCase postale 56 CH-1211 Geneva 20Tel. + 41 22 749 01 11Fax + 41 22 749 09 47E-mail copyrightiso.orgWeb www.iso.orgPublished in SwitzerlandBS ISO 17090-1:2013

8、ISO 17090-1:2013(E) ISO 2013 All rights reserved iiiContents PageForeword ivIntroduction v1 Scope . 12 Normative references 13 Terms and definitions . 13.1 Healthcare context terms . 13.2 Security services terms 33.3 Public key infrastructure related terms 64 Abbreviations. 95 Healthcare context 95.

9、1 Certificate holders and relying parties in healthcare 95.2 Examples of actors 105.3 Applicability of digital certificates to healthcare 116 Requirements for security services in healthcare applications 126.1 Healthcare characteristics 126.2 Digital certificate technical requirements in healthcare1

10、36.3 Healthcare-specific needs and the separation of authentication from data encipherment 146.4 Health industry security management framework for digital certificates .146.5 Policy requirements for digital certificate issuance and use in healthcare .147 Public key cryptography 157.1 Symmetric vs. a

11、symmetric cryptography . 157.2 Digital certificates 157.3 Digital signatures . 157.4 Protecting the private key 168 Deploying digital certificates 178.1 Necessary components . 178.2 Establishing identity using qualified certificates .188.3 Establishing speciality and roles using identity certificate

12、s 188.4 Using attribute certificates for authorisation and access control 199 Interoperability requirements .209.1 Overview . 209.2 Options for deploying healthcare digital certificates across jurisdictions .209.3 Option usage 22Annex A (informative) Scenarios for the use of digital certificates in

13、healthcare 23Bibliography .38BS ISO 17090-1:2013ISO 17090-1:2013(E)ForewordISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical

14、committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with

15、the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.The main task of technical committees is to prepare International Standards. Draft Internati

16、onal Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote.Attention is drawn to the possibility that some of the elements of this document may be t

17、he subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights.ISO 17090-1 was prepared by Technical Committee ISO/TC 215, Health informatics.This second edition cancels and replaces the first edition (ISO 17090-1:2008), of which it constitutes a minor r

18、evision.ISO 17090 consists of the following parts, under the general title Health informatics Public key infrastructure: Part 1: Overview of digital certificate services Part 2: Certificate profile Part 3: Policy management of certification authorityAnnex A of this part of ISO 17090 is for informati

19、on only.iv ISO 2013 All rights reservedBS ISO 17090-1:2013ISO 17090-1:2013(E)IntroductionThe healthcare industry is faced with the challenge of reducing costs by moving from paper-based processes to automated electronic processes. New models of healthcare delivery are emphasizing the need for patien

20、t information to be shared among a growing number of specialist healthcare providers and across traditional organisational boundaries.Healthcare information concerning individual citizens is commonly interchanged by means of electronic mail, remote database access, electronic data interchange, and o

21、ther applications. The Internet provides a highly cost-effective and accessible means of interchanging information, but it is also an insecure vehicle that demands additional measures be taken to maintain the privacy and confidentiality of information. Threats to the security of health information t

22、hrough unauthorised access (either inadvertent or deliberate) are increasing. It is essential to have available to the healthcare system reliable information security services that minimise the risk of unauthorised access.How does the healthcare industry provide appropriate protection for the data c

23、onveyed across the Internet in a practical, cost-effective way? Public key infrastructure (PKI) and digital certificate technology seek to address this challenge.The proper deployment of digital certificates requires a blend of technology, policy, and administrative processes that enable the exchang

24、e of sensitive data in an unsecured environment by the use of “public key cryptography” to protect information in transit and “certificates” to confirm the identity of a person or entity. In healthcare environments, this technology uses authentication, encipherment, and digital signatures to facilit

25、ate confidential access to, and movement of, individual health records to meet both clinical and administrative needs. The services offered by the deployment of digital certificates (including encipherment, information integrity, and digital signatures) are able to address many of these security iss

26、ues. This is especially the case if digital certificates are used in conjunction with an accredited information security standard. Many individual organisations around the world have started to use digital certificates for this purpose.Interoperability of digital certificate technology and supportin

27、g policies, procedures, and practices is of fundamental importance if information is to be exchanged between organisations and between jurisdictions in support of healthcare applications (for example between a hospital and a community physician working with the same patient).Achieving interoperabili

28、ty between different digital certificate implementations requires the establishment of a framework of trust, under which parties responsible for protecting an individuals information rights may rely on the policies and practices and, by extension, the validity of digital certificates issued by other

29、 established authorities.Many countries are deploying digital certificates to support secure communications within their national boundaries. Inconsistencies will arise in policies and procedures between the certification authorities (CAs) and the registration authorities (RAs) of different countrie

30、s if standards development activity is restricted to within national boundaries.Digital certificate technology is still evolving in certain aspects that are not specific to healthcare. Important standardisation efforts and, in some cases, supporting legislation are ongoing. On the other hand, health

31、care providers in many countries are already using or planning to use digital certificates. This International Standard seeks to address the need for guidance of these rapid international developments.This International Standard describes the common technical, operational, and policy requirements th

32、at need to be addressed to enable digital certificates to be used in protecting the exchange of healthcare information within a single domain, between domains, and across jurisdictional boundaries. Its purpose is to create a platform for global interoperability. It specifically supports digital cert

33、ificate-enabled communication across borders, but could also provide guidance for the national or regional deployment of digital certificates in healthcare. The Internet is increasingly used as the vehicle of choice to support the movement of healthcare data between healthcare organisations and is t

34、he only realistic choice for cross-border communication in this sector. ISO 2013 All rights reserved vBS ISO 17090-1:2013ISO 17090-1:2013(E)This International Standard should be approached as a whole, with the three parts all making a contribution to defining how digital certificates can be used to

35、provide security services in the health industry, including authentication, confidentiality, data integrity, and the technical capacity to support the quality of digital signature.ISO 17090-1 defines the basic concepts underlying the use of digital certificates in healthcare and provides a scheme of

36、 interoperability requirements to establish digital certificate-enabled secure communication of health information.ISO 17090-2 provides healthcare specific profiles of digital certificates based on the International Standard X.509 and the profile of this specified in IETF/RFC 3280 for different type

37、s of certificates.ISO 17090-3 deals with management issues involved in implementing and using digital certificates in healthcare. It defines a structure and minimum requirements for certificate policies (CPs) and a structure for associated certification practice statements. ISO 17090-3 is based on t

38、he recommendations of the informational IETF/RFC 3647, Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework, and identifies the principles needed in a healthcare security policy for cross border communication. It also defines the minimum levels of securit

39、y required, concentrating on the aspects unique to healthcare.Comments on the content of this International Standard, as well as comments, suggestions, and information on the application of these standards may be forwarded to the ISO/TC 215 secretariat.vi ISO 2013 All rights reservedBS ISO 17090-1:2

40、013INTERNATIONAL STANDARD ISO 17090-1:2013(E)Health informatics Public key infrastructure Part 1: Overview of digital certificate services1 ScopeThis part of ISO 17090 defines the basic concepts underlying the use of digital certificates in healthcare and provides a scheme of interoperability requir

41、ements to establish a digital certificate-enabled secure communication of health information. It also identifies the major stakeholders who are communicating health-related information, as well as the main security services required for health communication where digital certificates may be required

42、.This part of ISO 17090 gives a brief introduction to public key cryptography and the basic components needed to deploy digital certificates in healthcare. It further introduces different types of digital certificates identity certificates and associated attribute certificates for relying parties, s

43、elf-signed certification authority (CA) certificates, and CA hierarchies and bridging structures.2 Normative referencesThe following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited app

44、lies. For undated references, the latest edition of the referenced document (including any amendments) applies.ISO 17090-2:2008, Health informatics Public key infrastructure Part 2: Certificate profileISO 17090-3:2008, Health informatics Public key infrastructure Part 3: Policy management of certifi

45、cation authority3 Terms and definitionsFor the purposes of this document, the following terms and definitions apply.3.1 Healthcare context terms3.1.1applicationidentifiable computer running software process that is the holder of a private encipherment keyNote 1 to entry: Application, in this context

46、, can be any software process used in healthcare information systems, including those without any direct role in treatment or diagnosis.Note 2 to entry: In some jurisdictions, including software, processes can be regulated medical devices.3.1.2deviceidentifiable computer-controlled apparatus or inst

47、rument that is the holder of a private encipherment keyNote 1 to entry: This includes the class of regulated medical devices that meet the above definition.Note 2 to entry: Device, in this context, is any device used in healthcare information systems, including those without any direct role in treat

48、ment or diagnosis. ISO 2013 All rights reserved 1BS ISO 17090-1:2013ISO 17090-1:2013(E)3.1.3healthcare actorregulated health professional, non-regulated health professional, sponsored healthcare provider, supporting organisation employee, patient/consumer, healthcare organisation, device, or applica

49、tion that acts in a health-related communication and requires a certificate for a digital certificate-enabled security service3.1.4healthcare organisationofficially registered organisation that has a main activity related to healthcare services or health promotionEXAMPLE Hospitals, Internet healthcare website providers, and healthcare research institutions.Note 1 to entry: The organisation is recognised to be legally liable for its activities but need not be registered for its specific role in health.Note 2 to entry: An internal part