Difference between revisions of "Implementation FAQ:Encryption and Security"
Charliemccay (talk | contribs) |
Charliemccay (talk | contribs) |
||
Line 1: | Line 1: | ||
The use of encryption and security is discussed in the security committee, and email questions sent to that list get good answers. This page has been created to capture some of those answers to make them more accessible | The use of encryption and security is discussed in the security committee, and email questions sent to that list get good answers. This page has been created to capture some of those answers to make them more accessible | ||
− | + | == Encryption == | |
+ | In the Security TC we have assumed that encryption happens below the application layer, e.g., via IPSec or TLS, not within HL7 messages. | ||
+ | |||
+ | Any encryption to be done on only part of a message hauls along considerable technical baggage. That includes whole new classes of administrative & infrastructure messages to establish and maintain organizational trust, communicate shared secrets (keys), user/entity authentication, etc. It would require considerable net-new volunteerism to accomplish this work along with other things already on our agendas. | ||
+ | |||
+ | As a practical matter, we also should assume that people want to access healthcare data in a way that resembles the regime used for e-commerce or VPNs. When healthcare consumers access their healthcare information it's proper to assume that they'd use normal browser-based access, which limits the technical choices anyhow. | ||
+ | |||
+ | The Security TC does support the HL7 application-layer necessities, of course, such as the recently-balloted RBAC role vocabulary and the exchange of privacy-consent data. | ||
+ | |||
+ | (email from Glen Marshall 31/8/07) | ||
+ | == Signing == | ||
+ | See the separate page: | ||
*[[Implementation FAQ:Digital Signatures|Digital Signatures]] | *[[Implementation FAQ:Digital Signatures|Digital Signatures]] |
Revision as of 14:31, 31 August 2007
The use of encryption and security is discussed in the security committee, and email questions sent to that list get good answers. This page has been created to capture some of those answers to make them more accessible
Encryption
In the Security TC we have assumed that encryption happens below the application layer, e.g., via IPSec or TLS, not within HL7 messages.
Any encryption to be done on only part of a message hauls along considerable technical baggage. That includes whole new classes of administrative & infrastructure messages to establish and maintain organizational trust, communicate shared secrets (keys), user/entity authentication, etc. It would require considerable net-new volunteerism to accomplish this work along with other things already on our agendas.
As a practical matter, we also should assume that people want to access healthcare data in a way that resembles the regime used for e-commerce or VPNs. When healthcare consumers access their healthcare information it's proper to assume that they'd use normal browser-based access, which limits the technical choices anyhow.
The Security TC does support the HL7 application-layer necessities, of course, such as the recently-balloted RBAC role vocabulary and the exchange of privacy-consent data.
(email from Glen Marshall 31/8/07)
Signing
See the separate page: