- 1、本文档共32页,可阅读全部内容。
- 2、原创力文档(book118)网站文档一经付费(服务费),不意味着购买了该文档的版权,仅供个人/单位学习、研究之用,不得用于商业用途,未经授权,严禁复制、发行、汇编、翻译或者网络传播等,侵权必究。
- 3、本站所有内容均由合作方或网友上传,本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺!文档内容仅供研究参考,付费前请自行鉴别。如您付费,意味着您自己接受本站规则且自行承担风险,本站不退款、不进行额外附加服务;查看《如何避免下载的几个坑》。如果您已付费下载过本站文档,您可以点击 这里二次下载。
- 4、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等,请点击“版权申诉”(推荐),也可以打举报电话:400-050-0827(电话支持时间:9:00-18:30)。
查看更多
Audit Trail and Node Authentication (ATNA) - IHE.ppt
June 28-29, 2005 Interoperability Strategy Workshop IT Infrastructure Security Profiles 2004 Consistent Time (CT) Enterprise User Authentication (EUA) 2005 Audit Trail and Note Authentication (ATNA) 2006 Cross-Enterprise User Authentication (XUA) Document Digital Signature (DSG) Assets being Protected All security systems exist to protect some asset. IHE follows the legal, regulatory, and medical ethics selection of assets: Patient and staff safety Patient and staff health Patient and staff privacy Consistent Time (CT) Network Time Protocol ( NTP) version 3 (RFC 1305) Actor must support manual configuration: Manual IP address or hostname for time server preferably 3 or more servers should be supported Automatic discovery and broadcast will not be tested Required accuracy: 1 second Optional Secure NTP may be tested Required for use of ATNA, EUA, XUA. All time tags must be time synchronized. See for extensive technical details on the protocol, and your vendor documentation for installation and configuration. Compatibility with RadiologyBasic Security “But, what if I already have systems that support Basic Security?” ATNA + Radiology Option is backward compatible with Basic Security Integration Statements should change support claim from “Basic Security” to “Radiology Option for ATNA” For some actors there will be scenario requirements for the connectathon. This emulates having a hospital security office setting a security policy. It is not an official recommendation that these requirements are universally applicable. ATNAIHE Goal IHE makes cross-node security management easy: Only a simple manual certificate installation is needed, although more sophisticated systems (LDAP, PKI) can be used. Implementations should separate the authentication, authorization, and accountability functions to accommodate the needs of different locations. Enforcement is driven by ‘a posteriori audits’ and real-time visibility, not detailed access controls. ATNANetwork Enviro
您可能关注的文档
- 01.Android自动化测试(基础篇).pptx
- 06-自下而上的语法分析.ppt
- 06转变松弛_新12.ppt
- 1 香港爱护动物协会介绍.ppt
- 08-1st-thirst.ppt
- 106975__罗密欧与朱丽叶__卞建容.ppt
- 05第4讲Chaucer.ppt
- 10_brutal_torture_methods.ppt
- 15-胰岛素类似物的设计.ppt
- 15iir_v102.ppt
- 南非糖果巧克力目标客户分析报告-外文版培训课件2024.7,temu.pdf
- 芬兰先购买后付款目标客户分析报告-外文版培训课件2024.7,temu.pdf
- 荷兰播客听众目标客户分析报告-外文版培训课件2024.7,temu.pdf
- 西班牙时尚爱好者目标客户分析报告-外文版培训课件2024.7,temu.pdf
- 西班牙贵金属目标客户分析报告-外文版培训课件2024.7,temu.pdf
- 荷兰贵金属目标客户分析报告-外文版培训课件2024.7,temu.pdf
- 荷兰在线相亲(约会)目标客户分析报告-外文版培训课件2024.7,temu.pdf
- 南非能源管理智能家居设备目标客户分析报告-外文版培训课件2024.7,temu.pdf
- 西班牙足球行业目标客户分析报告-外文版培训课件2024.7,temu.pdf
- 南非舞蹈行业目标客户分析报告-外文版培训课件2024.7,temu.pdf
文档评论(0)