Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GBZ21716.3-2008 English PDF

Q: How long will the true-PDF of English version of GBZ21716.3-2008 be delivered?

Upon your order, we will start to translate GBZ21716.3-2008_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time.

Q: Can I share the purchased PDF of GBZ21716.3-2008_English with my colleagues?

Yes. The purchased PDF of GBZ21716.3-2008_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Q: Does the price include tax/VAT?

Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries). Avoidance of Double Taxation Agreements (DTAs) between Singapore and 100+ Countries: https://www.iras.gov.sg/taxes/international-tax

Q: Do you accept my currency other than USD?

Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

US$689.00 · In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email.
GBZ21716.3-2008: Health informatics -- Public key infrastructure -- Part 3: Policy management of certification authority
Status: Valid

Standard ID	USD	BUY PDF	Lead-Days	Standard Title (Description)	Status
GB/Z 21716.3-2008	689	Add to Cart	5 days	Health informatics -- Public key infrastructure -- Part 3: Policy management of certification authority	Valid

Similar standards

GB/T 36388 YBB 00022003 YBB 00032003 GB/T 45938 GB/T 44603 GB/Z 21716.1

Basic data

Standard ID: GB/Z 21716.3-2008 (GB/Z21716.3-2008)
Description (Translated English): Health informatics -- Public key infrastructure -- Part 3: Policy management of certification authority
Sector / Industry: National Standard
Classification of Chinese Standard: C07
Classification of International Standard: 35.240.80
Word Count Estimation: 30,316
Date of Issue: 2008-04-11
Date of Implementation: 2008-09-01
Quoted Standard: GB/T 19716-2005; GB/Z 21716.1-2008; GB/Z 21716.2-2008; IETF/RFC 3647-2003
Adopted Standard: ISO 17090-3/DIS-2006, NEQ
Regulation (derived from): ?National Standard Approval Announcement 2008 No.6 (Total No.119)
Issuing agency(ies): Ministry of Health of the People's Republic of China
Summary: This standard specifies the minimum requirements for the certificate structure and strategies, including structural certification practice statement and so on. This section of the course a certificate in health care management, including configuration, including the use of digital certificates provide guidance. It also presents the basic principles necessary for achieving cross-border healthcare communications security policy. And a minimum level of safety requirements specifically for the health care of.

GBZ21716.3-2008: Health informatics -- Public key infrastructure -- Part 3: Policy management of certification authority

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Health informatics.Public key infrastructure.Part 3. Policy management of certification authority ICS 35.240.80 C07 People's Republic of China national standardization of technical guidance documents Health Informatics Public Key Infrastructure (PKI) Part 3. Strategic Management of Certification Bodies 2008-04-11 released General Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China China National Standardization Administration released Directory Foreword Ⅲ Introduction IV 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Abbreviations 1 5 Digital certificate policy management requirements in the context of health care 1 5.1 Overview 1 5.2 High-level assurance requirements 2 5.3 High-level requirements for infrastructure availability 2 5.4 Senior Trust Requirements 2 5.5 Internet compatibility requirements 2 5.6 To facilitate assessment and comparison of CP requirements 2 6 Structure of Healthcare CP and CPS 2 6.1 CP General Requirements 2 6.2 CPS General Requirements 3 6.3 The relationship between CP and CPS 3 6.4 Applicability 3 7 minimum requirements for health care CP 4 7.1 General requirements 4 7.2 Release and storage responsibilities 4 7.3 Identification and identification 4 7.4 Certificate Lifecycle Operation Request 7 7.5 Physical Control 12 7.6 Technical Security Control 13 7.7 Certificate, CRL and OCSP Profile 17 7.8 Compliance Audit 17 7.9 Other Business and Legal Issues 18 PKI public statement model 22 8.1 Overview 22 8.2 PKI public statement structure 22 References 24

Foreword

GB /Z21716 "Health Informatics Public Key Infrastructure (PKI)" is divided into three parts. --- Part 1. Overview of Digital Certificate Services; --- Part 2. Certificate outline; --- Part 3. Strategic Management of Certification Bodies. This section GB /Z21716 Part 3. This section refers to ISO 17090-3/DIS..2006 "Health Informatics Public Key Infrastructure (PKI) Part 3. The certification body's Strategic Management "and formulated. This section proposed by the China National Institute of Standardization. This part of China Institute of Standardization centralized. This section drafted by. China National Institute of Standardization, Chinese People's Liberation Army General Hospital, Chinese People's Armed Police Command College. The main drafters of this section. Chen Huang, Ren Guanhua, Dong continuous, Liu Bisong, Yin Ling, Yun Li Yu.

Introduction

To reduce costs and costs, the health industry is facing the challenge of shifting from paper processing to automated electronic processing. New medical insurance The health paradigm increases the need to share patient information among professional healthcare providers and to break the boundaries of traditional institutions. In general, each citizen's health information can be accessed by e-mail, remote database access, electronic data interchange, and others Used to exchange. The Internet provides an economical and easily accessible means of information exchange, but it is also an unsafe medium, which requires Take certain measures to protect the confidentiality and confidentiality of information. Unauthorized visits, whether intentional or unintentional, will increase Threat to health information security. It is necessary for health care systems to use reliable information security services to reduce the risk of unauthorized access. How can the health care industry provide an affordable and affordable way to properly protect the data transmitted over the Internet? for this problem, At present, people are trying to meet this challenge by using public key infrastructure (PKI) and digital certificate technology. Correctly configuring digital certificates requires that technologies, policies, and management processes be tied together and that "public-key cryptography" be used to protect the information. Use "certificates" to confirm the identity of individuals or entities to enable the secure exchange of sensitive data in an insecure environment. In the area of health , This technique uses methods of authentication, encryption, and digital signatures to ensure secure access and transmission of personal health records to meet clinical And management needs. The services provided by digital certificate configuration, including encryption, message integrity, and digital signatures, address the More security issues. To this end, many organizations in the world have started using digital certificates. A typical situation is the digital certificate and A well-established standard for information security. If the health application needs to be between different organizations or between jurisdictions (such as between hospitals and community doctors serving the same patient) Exchange of information, digital certificate technology and its support strategy, procedures, operational interoperability is the most important. Achieving interoperability between different digital certificate implementations requires building a trust framework. In this framework, responsible for the protection of personal letters The parties to the entitlement rely on specific tactics and practices and even rely on the validity of digital certificates issued by other established institutions. Many countries are using digital certificates to support domestic secure communications. If standard development activities are limited to countries, There will be inconsistencies and even inconsistencies in the tactics and procedures of the certification bodies (CAs) and registries (RAs) in different countries. There are many aspects of digital certificates not dedicated to healthcare and they are still at a developmental stage. In addition, some important standardization Work and legislative support are also under way. On the other hand, healthcare providers in many countries are using or getting ready for use Digital certificate Therefore, the purpose of this guidance document is to provide guidance for these rapidly evolving international applications. This guidance document describes the general technical, operational, and policy requirements to be able to use digital certificates to protect health Kang information exchange within the field, between different areas and between different jurisdictions. The ultimate goal of this technical guide is to build Establish a platform that enables global interoperability. This guidance document mainly supports cross-border communications using digital certificates, but also for distribution Provide national or regional health care digital certificate to provide guidance. The Internet as a transmission medium is increasingly being used in Medicare The delivery of health data among health organizations is also the only option for cross-border communication. The three parts of this guidance document as a whole define how to use digital certificates in the health sector to provide safety clothing Services, including authentication, confidentiality, data integrity, and technical capabilities that support the quality of digital signatures. Part 1 of this guidance document prescribes the basic concepts of using digital certificates in the field of health and gives guidance on the use of digital certificates Interoperability programs required for health information security communications. This guidance document, Part 2, is based on international standard X. 509 digital certificates for health-specific profiles as well as for no The same type of certificate IETF/RFC3280 outlined in the health care profile. This guidance document, Part 3, addresses management issues related to the implementation and use of digital certificates of health care, provides evidence The structure and minimum requirements of the book strategy (CP) and the structure of the associated certification operation statement. This section is based on IETF/RFC3647 recommendations As the basis for defining the principles required in a security strategy for healthy cross-border communications and setting the minimum level of security required for health Full. Health Informatics Public Key Infrastructure (PKI) Part 3. Strategic Management of Certification Bodies

1 Scope

This section provides guidelines for managing certificate issues, including configuring digital certificates for use in health care. It provides a certificate The structure and minimum requirements of the book strategy, including the structure of the certification implementation statement. It also gives the health care needed to enable cross-border communications The basic principles of health-safety strategies, as well as the minimum level of safety-specific requirements for health care.

2 Normative references

The following documents contain provisions which, through reference in this part of GB /Z21716-2008, become the provisions of this section. All dated Reference documents, all subsequent amendments (not including errata content) or revisions do not apply to this section, however, to encourage the Department The parties to the agreement study whether the latest versions of these documents are available. For undated references, the latest version is applicable In this section. Information technology - Information security management - Practical rules GB/T 19716-2005 GB /Z21716.1-2008 Health Informatics Public Key Infrastructure (PKI) Part 1. Overview of Digital Certificate Services GB /Z21716.2-2008 Health Informatics Public Key Infrastructure (PKI) Part 2. Certificate Outline IETF/RFC3647..2003 InternetX. 509 Public Key Infrastructure Certificate Strategy and Certification Implementation Framework

3 Terms and definitions

GB /Z21716.1 given terms and definitions apply to this section.

4 Abbreviations

The following abbreviations apply to this section. AA Attribute Agency attributeauthority CA certification authority certificationauthority CP certificate policy certificatepolicy CPS certification operating statement certificationpracticestatement CRL certificate revocation list certificaterevocationlist OID object identifier objectidentifier PKC public key certificate publickeycertificate PKI public key infrastructure publickeyinfrastructure RA registration authority registrationauthority TTP Trusted third party trustedthirdparty

5 Requirements for digital certificate policy management in the healthcare context

5.1 Overview The deployment of digital certificates in the healthcare context must meet the following objectives to effectively safeguard the security of personal health information communications. a) All personnel, institutions, applications, equipment, etc., involved in the electronic exchange of personal health information must be associated with a single And easily distinguished names are securely and securely bound. ......

Image

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GBZ21716.3-2008_English be delivered?

Answer: Upon your order, we will start to translate GBZ21716.3-2008_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GBZ21716.3-2008_English with my colleagues?

Answer: Yes. The purchased PDF of GBZ21716.3-2008_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.