BS ISO 17090-5:2017 pdf download – Health informatics — Public key infrastructure Part 5: Authentication using Healthcare PKI credentials

BS ISO 17090-5:2017 pdf download – Health informatics — Public key infrastructure Part 5: Authentication using Healthcare PKI credentials 1 Scope This document defines the procedural requirements for validating an entity credential based on Healthcare PKI defined in the ISO 17090 series used in healthcare information systems including accessing remote systems. Authorization procedures and protocols are out of scope of this document. The data format of digital signatures is also out of scope of this document. 2 Normative references The following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO 17090-1, Health informatics — Public key infrastructure — Part 1: Overview of digital certificate services 3 Terms and definitions For the purposes of this document, the terms and definitions given in ISO 17090-1 apply. ISO and IEC maintain terminological databases for use in standardization at the following addresses: — ISO Online browsing platform: available at http:// www .iso .org/ obp — IEC Electropedia: available at http:// www .electropedia .org/ 4 Abbreviated terms For the purposes of this document, the following abbreviated terms apply. CRL Certificate Revocation List CSP Cryptographic Service Provider HPKI Healthcare Public Key Infrastructure OCSP Online Certificate Status Protocol OID Object Identifier PC/SC Personal Computer/Smart Card PKCS Public-Key Cryptography Standards 5 Scope of application 5.1General The healthcare information system authenticates healthcare organizations or professionals for accesscontrol to healthcare information, such as EHR or PHR. Inappropriate process in end entity authentication verification may increase the risk of spoofing.impersonation, and many other identity-based attacks.As result, that may cause security incidentsleading to critical information leakage and system and data misuse. This document describes target systems, methods of identification,threats, vulnerabilities and controlsof health software which authenticate using PKl based on the IS0 17090 series. These controls decrease risks of spoofing. 5.2Target systems The target systems of this document are as follows: a)digital signature library with digital signature creation function and digital signature verification function for healthcare application; b) digital signature creation program and digital signature verification program as stand-alone software or with healthcare application. Examples of authentication technology to which healthcare PKI can be applied are shown in Annex A.The following are out of scope: 一 healthcare application that does not process digital signature data directly; healthcare application that processes digital signature and the result of signature...