|
US$759.00 · In stock
Delivery: <= 6 days. True-PDF full-copy in English will be manually translated and delivered via email.
GBZ21716.1-2008: Health informatics -- Public Key Infrastructure (PKI) -- Part 1: Overview of digital certificate services
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/Z 21716.1-2008 | English | 759 |
Add to Cart
|
6 days [Need to translate]
|
Health informatics -- Public Key Infrastructure (PKI) -- Part 1: Overview of digital certificate services
| Valid |
GB/Z 21716.1-2008
|
PDF similar to GBZ21716.1-2008
Basic data | Standard ID | GB/Z 21716.1-2008 (GB/Z21716.1-2008) | | Description (Translated English) | Health informatics -- Public Key Infrastructure (PKI) -- Part 1: Overview of digital certificate services | | Sector / Industry | National Standard | | Classification of Chinese Standard | C07 | | Classification of International Standard | 35.240.80 | | Word Count Estimation | 33,391 | | Date of Issue | 2008-04-11 | | Date of Implementation | 2008-09-01 | | Quoted Standard | GB/Z 21716.2-2008; GB/Z 21716.3-2008 | | Adopted Standard | ISO 17090-1 (DIS), NEQ | | Regulation (derived from) | ?National Standard Approval Announcement 2008 No.6 (Total No.119) | | Issuing agency(ies) | Ministry of Health of the People's Republic of China | | Summary | This standard specifies the basic concepts of healthcare digital certificates. Designers and developers to use it health information applications. | GBZ21716.1-2008: Health informatics -- Public Key Infrastructure (PKI) -- Part 1: Overview of digital certificate services
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Health informatics. Public Key Infrastructure (PKI). Part 1. Overview of digital certificate services
ICS 35.240.80
C07
People's Republic of China national standardization of technical guidance documents
Health Informatics Public Key Infrastructure (PKI)
Part 1. Overview of Digital Certificate Services
2008-04-11 released
General Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China
China National Standardization Administration released
Directory
Foreword Ⅲ
Introduction IV
1 Scope 1
2 Normative references 1
3 Terms and definitions 1
3.1 Healthcare Context Terminology 1
3.2 Terms of service 2
3.3 Public key infrastructure related terminology 5
4 Abbreviations 7
5 Healthcare Context 8
5.1 Healthcare certificate holder and relying party 8
5.2 Participant Example 8
5.3 The applicability of medical digital certificates 9
6 Security Services Requirements in Healthcare Applications 10
6.1 Healthcare Features 10
6.2 Digital Certificate Technology Requirements in the Health Sector 10
6.3 Separation of encryption and identification 11
6.4 Healthcare Digital Certificate Security Management Framework 11
6.5 Strategy Needs for Issue and Use of Digital Health Care Certificates 12
Public Key Cryptography Algorithm
7.1 symmetric password algorithm and asymmetric password algorithm 12
7.2 Digital Certificate 12
7.3 Digital Signature 12
7.4 protect the private key 13
8 Configure digital certificate 13
8.1 Essential Components 13
8.2 using the certificate to create a logo 14
8.3 Use of Identity Certificates to Establish Professionals and Roles 14
8.4 Using Attribute Certificates for Authorization and Access Control 15
Interoperability requirements
9.1 Overview 16
9.2 Options for Configuring Digital Health Care Certificates Across Jurisdictions 16
9.3 Usage of Options 17
Appendix A (informative) script that uses a medical digital certificate 18
A. 1 Introduction 18
A. 2 Description of the script 18
A. 3 Health care scripts in the service example 18
A. 4 Description of the script 19
A. 4.1 First Aid Department's Access to Records 19
A. 4.2 Temporary Services (First Aid) 19
A. 4.3 Member Registration 19
A. 4.4 Remote Image 20
A. 4.5 Report of results automatically sent to doctors 20
A. 4.6 Outcome Report with Doctor's Message 20
A. 4.7 discuss the treatment program between doctors and patients 21
A. 4.8 Patient Care Registration Summary 21
A. 4.9 Patient Consult a pharmacist 22
A. 4.10 Not for specific diagnosis of the exchange of information between doctors and patients 22
A. 4.11 Remote Access to Clinical Information System 22
A. 4.12 First Aid visit 23
A. 4.13 Remote Transcription 23
A. 4.14 Electronic Prescriptions 23
A. 4.15 Identification of doctor's advice 23
A. 4.16 Potential Applications of Health Care Digital Signatures 24
References 26
Foreword
GB /Z21716 "Health Informatics Public Key Infrastructure (PKI)" is divided into three parts.
--- Part 1. Overview of Digital Certificate Services;
--- Part 2. Certificate outline;
--- Part 3. Strategic Management of Certification Bodies.
This section GB /Z21716 Part 1.
This section refers to ISO 17090-1 (DIS) "Health Informatics Public Key Infrastructure (PKI) Part 1. Digital Certificate Services Comprehensive
Described "and formulated.
This part of ISO 17090-1 (DIS) in some of the wrong place to be corrected, as follows.
--- The original note in the note in 3.2.4 to refer to "data primary authentication" and "peer entity authentication", but not in the original text
Now the term "peer-to-peer identification", this section adds the term "peer-to-peer authentication" in 3.2.28.
--- The original paragraph 5.3 in the final paragraph pointed out that "the use of digital scripts script see Appendix B." But this section does not have Appendix B, root
According to the content of context should be changed to read "script using digital certificates, see Appendix A."
--- The original sentence states in the last sentence of the third paragraph of 8.3 that "in these circumstances, in accordance with IETF/RFC3281 and this Guidance
Article 5 of 6.3.3 and the provisions of 7.1.5 in Part 2 of the Technical Paper, "but Part 2 does not have 7.1.5.
The context-based judgment should read "In these cases, in accordance with IETF/RFC3281 and this Part 2 of the guidance document
Article 6.3 of Article 6.3.3 and the provisions of 7.2.5, ".
The original sentence states in the last sentence of the sixth paragraph of 8.3 that "Therefore, in paragraph 4.1 of Part 2 of this guidance document
The PKC ID type gives an extension called HCRole. However, judging by the context should be changed to "Therefore, at
Section 5.1 of this guidance document gives an extension of the PKC identity certificate type called HCRole. "
--- In the original text, References 3, 8, 9, 17, 18, 20, 21, 23-30 did not indicate the reference position, so according to expert advice to its
delete.
Appendix A of this section is informative appendix.
This section proposed by the China National Institute of Standardization.
This part of China Institute of Standardization centralized.
This section drafted by. China National Institute of Standardization, Chinese People's Liberation Army General Hospital, Chinese People's Armed Police Command College.
The main drafters of this section. Ren Guanhua, Chen Huang, Dong continuous, Liu Bisson, Yin Ling, Yun Li Yu.
Introduction
To reduce costs and costs, the health industry is facing the challenge of shifting from paper processing to automated electronic processing. New medical insurance
The health paradigm increases the need to share patient information among professional healthcare providers and to break the boundaries of traditional institutions.
In general, each citizen's health information can be accessed by e-mail, remote database access, electronic data interchange, and others
Used to exchange. The Internet provides an economical and easily accessible means of information exchange, but it is also an unsafe medium, which requires
Take certain measures to protect the privacy and confidentiality of information. Unauthorized visits, whether intentional or unintentional, will increase
Threat to health information security. It is necessary for health care systems to use reliable information security services to reduce the risk of unauthorized access.
How can the health care industry provide an affordable and affordable way to properly protect the data transmitted over the Internet? for this problem,
At present, people are trying to meet this challenge by using public key infrastructure (PKI) and digital certificate technology.
Correctly configuring digital certificates requires that technologies, policies, and management processes be tied together and that "public-key cryptography" be used to protect the information.
Use "certificates" to confirm the identity of individuals or entities to enable the secure exchange of sensitive data in an insecure environment. In the area of health
, This technique uses methods of authentication, encryption, and digital signatures to ensure secure access and transmission of personal health records to meet clinical
And management needs. The services provided by digital certificate configuration, including encryption, message integrity, and digital signatures, address the
More security issues. To this end, many organizations in the world have started using digital certificates. A typical situation is the digital certificate and
A well-established standard for information security.
If you need to exchange health between different organizations or between jurisdictions (such as hospitals and community doctors serving the same patient)
Information, the digital certificate technology and its support strategy, procedures, operational interoperability is the most important.
Achieving interoperability between different digital certificate implementations requires building a trust framework. In this framework, responsible for the protection of personal letters
The parties to the entitlement rely on specific tactics and practices and even rely on the validity of digital certificates issued by other established institutions.
Many countries are using digital certificates to support domestic secure communications. If standard development activities are limited to countries,
There will be inconsistencies and even inconsistencies in the tactics and procedures of the certification bodies (CAs) and registries (RAs) in different countries.
There are many aspects of digital certificates not dedicated to healthcare and they are still at a developmental stage. In addition, some important standardization
Work and legislative support are also under way. On the other hand, healthcare providers in many countries are using or getting ready for use
Digital certificate Therefore, the purpose of this guidance document is to provide guidance for these rapidly evolving international applications.
This guidance document describes the general technical, operational, and policy requirements to be able to use digital certificates to protect health
Kang information exchange within the field, between different areas and between different jurisdictions. The ultimate goal of this technical guide is to build
Establish a platform that enables global interoperability. This guidance document mainly supports cross-border communications using digital certificates, but also for distribution
Provide national or regional health care digital certificate to provide guidance. The Internet as a transmission medium is increasingly being used in Medicare
The delivery of health data among health organizations is also the only option for cross-border communication.
The three parts of this guidance document as a whole define how to use digital certificates in the health sector to provide safety clothing
Services, including authentication, confidentiality, data integrity, and technical capabilities that support the quality of digital signatures.
Part 1 of this guidance document prescribes the basic concepts of using digital certificates in the field of health and gives guidance on the use of digital certificates
Interoperability programs required for health information security communications.
This guidance document, Part 2, is based on international standard X. 509 digital certificates for health-specific profiles as well as for no
The same type of certificate IETF/RFC3280 outlined in the health care profile.
This guidance document, Part 3, addresses management issues related to the implementation and use of digital certificates of health care, provides evidence
The structure and minimum requirements of the book strategy (CP) and the structure of the associated certification operation statement. This section is based on IETF/RFC3647 recommendations
As the basis for identifying the principles needed in the security strategy for cross-national communications of health information and also setting the minimum level of security required for health
Full.
Health Informatics Public Key Infrastructure (PKI)
Part 1. Overview of Digital Certificate Services
1 Scope
This section defines the basic concepts of digital health care certificates, given the use of digital certificates for health information security communications required
Interoperability program. This section also gives the main stakeholders for health information and communication and digital certificates for health information
The main security services required for the letter.
This section outlines the public key cryptography algorithms and basic components required to configure a health care digital certificate, and further describes the different types
Digital certificates (including identification certificates, association attribute certificates for relying parties, self-signed certificate authority (CA) certificates), and CA level
System and bridge structure.
This section applies to health information security personnel, specializing in the health information application software designers and developers.
2 Normative references
The provisions of the following documents through the GB /Z21716 of this part of the reference and become the provisions of this section. Any reference to the date of the citation
All subsequent amendments (not including errata content) or revisions do not apply to this section, however, encouraged to be reached under this section
The parties to the agreement examine whether the latest versions of these documents are available. For undated references, the latest version applies to this book
section.
GB /Z21716.2-2008 Health Informatics Public Key Infrastructure (PKI) Part 2. Certificate Outline
GB /Z21716.3-2008 Health Informatics Public Key Infrastructure (PKI) Part 3. Strategic Management of Certification Bodies
3 Terms and definitions
The following terms and definitions apply to this section.
3.1 Healthcare context terms
3.1.1
A personally identifiable computer running a software program as a holder of a private encryption key.
NOTE 1 In this context, the application may be any software program used in healthcare information systems. It also includes those that are not directly in therapy or diagnosis
Use of the application.
Note 2. In certain jurisdictions, formal medical device software programs may be included.
3.1.2
An identifiable computer control instrument or instrument that is the owner of a private encryption key.
Note 1. The device includes a regular medical device that meets the above definition.
Note 2. In this context, equipment refers to any device used in the health information system. It also includes equipment that is not directly used in the treatment or diagnosis.
3.1.3
Formal health professionals who are involved in health-related communications and who have a need for digital certificates for security services, informal health professionals
Personnel, Entrusted Healthcare Provider, Support Organizational Employee, Patient/Consumer, Healthcare Organization, Device or Application.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GBZ21716.1-2008_English be delivered?Answer: Upon your order, we will start to translate GBZ21716.1-2008_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GBZ21716.1-2008_English with my colleagues?Answer: Yes. The purchased PDF of GBZ21716.1-2008_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|