|
US$759.00 · In stock
Delivery: <= 6 days. True-PDF full-copy in English will be manually translated and delivered via email.
GBZ21716.2-2008: Health informatics -- Public Key Infrastructure (PKI) -- Part 2: Certificate profile
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/Z 21716.2-2008 | English | 759 |
Add to Cart
|
6 days [Need to translate]
|
Health informatics -- Public Key Infrastructure (PKI) -- Part 2: Certificate profile
| Valid |
GB/Z 21716.2-2008
|
PDF similar to GBZ21716.2-2008
Basic data | Standard ID | GB/Z 21716.2-2008 (GB/Z21716.2-2008) | | Description (Translated English) | Health informatics -- Public Key Infrastructure (PKI) -- Part 2: Certificate profile | | Sector / Industry | National Standard | | Classification of Chinese Standard | C07 | | Classification of International Standard | 35.240.80 | | Word Count Estimation | 33,357 | | Date of Issue | 2008-04-11 | | Date of Implementation | 2008-09-01 | | Quoted Standard | GB/Z 21716.1-2008; GB/Z 21716.3-2008; IETF/RFC 3280 INTERNET X.509; IETF/RFC 3281; IETF/RFC 3739 INTERNET X.509 | | Adopted Standard | ISO 17090-2 (DIS), NEQ | | Regulation (derived from) | ?National Standard Approval Announcement 2008 No.6 (Total No.119) | | Issuing agency(ies) | Ministry of Health of the People's Republic of China | | Summary | This standard specifies the individual within the organization in, certificate contour jurisdiction between different organizations and across boundaries need healthcare information exchange. This section also describes the application of digital certificate public key infrastructure is formed in the medical industry, and focus is described in which the contour associated with the health care issues certificates. | GBZ21716.2-2008: Health informatics -- Public Key Infrastructure (PKI) -- Part 2: Certificate profile
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Health informatics.Public Key Infrastructure (PKI) .Part 2. Certificate profile
ICS 35.240.80
C07
People's Republic of China national standardization of technical guidance documents
Health Informatics Public Key Infrastructure (PKI)
Part 2. Certificate Outline
2008-04-11 released
General Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China
China National Standardization Administration released
Directory
Foreword Ⅲ
Introduction IV
1 Scope 1
2 Normative references 1
3 Terms and definitions 1
4 Abbreviations 1
5 Health Care Certificate Strategy 1
5.1 Type of health certificate 1
5.2 CA certificate 2
5.3 Cross/Bridge Certificate 2
5.4 end entity certificate 3
6 General Certificate Requirements 4
6.1 Certificate Compliance 4
6.2 Common fields of various types of certificates 5
6.3 General Field Specification 6
6.4 Requirements for various types of health care certificates 8
7 the use of certificate extensions 11
7.1 Introduction 11
7.2 General Extensions 11
7.3 Dedicated Subject Directory Attributes 12
7.4 Certificate Declaration Expansion 14
7.5 Requirements for each type of medical profession certificate 14
Appendix A 17
A. 1 Introduction 17
A. 2 Example 1. Consumer Certificate Outline 17
A. Example 2. Profile of Informal Health Professional Certificates 18
A. Example 3. Formal Health Professionals Certificate Profile 20
A. 5 Example 4. Trustee Health Care Provider Certificate Outline 21
A. Example 5. Supporting Organizational Employee Certificate Outline 22
A. Example 6. Organization Certificate Outline 23
A. 8 Example 7. AC Profile 24
A. Example 8. CA Certificate Outline 25
A. Example 9. Bridge Certificate Outline 25
References 27
Foreword
GB /Z21716 "Health Informatics Public Key Infrastructure (PKI)" is divided into three parts.
--- Part 1. Overview of Digital Certificate Services;
--- Part 2. Certificate outline;
--- Part 3. Strategic Management of Certification Bodies.
This section GB /Z21716 Part 2.
This section with reference to ISO 17090-2 (DIS) "Health Informatics Public Key Infrastructure (PKI) Part 2. Certificate Outline" formulation, its
The main technical content is consistent with ISO 17090-2 (DIS). Relative to the original text, this section with only minor changes, including.
--- According to China's national conditions, the text included in the example of the country name, unit name, etc. into Chinese name in China;
--- Do not change the technical content of the editorial changes.
Appendix A of this section is informative appendix.
This section proposed by the China National Institute of Standardization.
This part of China Institute of Standardization centralized.
This section drafted by. China National Institute of Standardization.
The main drafters of this section. Dong continuous, Ren Guanhua, Chen Huang, Liu Bisong.
Introduction
To reduce costs and costs, the health industry is facing the challenge of shifting from paper processing to automated electronic processing. New medical insurance
The health paradigm increases the need to share patient information among professional healthcare providers and to break the boundaries of traditional institutions.
In general, each citizen's health information can be accessed by e-mail, remote database access, electronic data interchange, and others
Used to exchange. The Internet provides an economical and easily accessible means of information exchange, but it is also an unsafe medium, which requires
Take certain measures to protect the privacy and confidentiality of information. Unauthorized visits, whether intentional or unintentional, will increase
Threat to health information security. It is necessary for health care systems to use reliable information security services to reduce the risk of unauthorized access.
How can the health care industry provide an affordable and affordable way to properly protect the data transmitted over the Internet? for this problem,
At present, people are trying to meet this challenge by using public key infrastructure (PKI) and digital certificate technology.
Correctly configuring digital certificates requires that technologies, policies, and management processes be tied together and that "public-key cryptography" be used to protect the information.
Use "certificates" to confirm the identity of individuals or entities to enable the secure exchange of sensitive data in an insecure environment. In the area of health
, This technique uses methods of authentication, encryption, and digital signatures to ensure secure access and transmission of personal health records to meet clinical
And management needs. The services provided by digital certificate configuration, including encryption, message integrity, and digital signatures, address the
More security issues. To this end, many organizations in the world have started using digital certificates. A typical situation is the digital certificate and
A well-established standard for information security.
If you need to exchange health between different organizations or between jurisdictions (such as hospitals and community doctors serving the same patient)
Information, the digital certificate technology and its support strategy, procedures, operational interoperability is the most important.
Achieving interoperability between different digital certificate implementations requires building a trust framework. In this framework, responsible for the protection of personal letters
The parties to the entitlement rely on specific tactics and practices and even rely on the validity of digital certificates issued by other established institutions.
Many countries are using digital certificates to support domestic secure communications. If standard development activities are limited to countries,
There will be inconsistencies and even inconsistencies in the tactics and procedures of the certification bodies (CAs) and registries (RAs) in different countries.
There are many aspects of digital certificates not dedicated to healthcare and they are still at a developmental stage. In addition, some important standardization
Work and legislative support are also under way. On the other hand, healthcare providers in many countries are using or getting ready for use
Digital certificate Therefore, the purpose of this guidance document is to provide guidance for these rapidly evolving international applications.
This guidance document describes the general technical, operational, and policy requirements to be able to use digital certificates to protect health
Kang information exchange within the field, between different areas and between different jurisdictions. The ultimate goal of this technical guide is to build
Establish a platform that enables global interoperability. This guidance document mainly supports cross-border communications using digital certificates, but also for distribution
Provide national or regional health care digital certificate to provide guidance. The Internet as a transmission medium is increasingly being used in Medicare
The delivery of health data among health organizations is also the only option for cross-border communication.
The three parts of this guidance document as a whole define how to use digital certificates in the health sector to provide safety clothing
Services, including authentication, confidentiality, data integrity, and technical capabilities that support the quality of digital signatures.
Part 1 of this guidance document prescribes the basic concepts of using digital certificates in the field of health and gives guidance on the use of digital certificates
Interoperability programs required for health information security communications.
This guidance document, Part 2, is based on international standard X. 509 digital certificates for health-specific profiles as well as for no
The same type of certificate IETF/RFC3280 outlined in the health care profile.
This guidance document, Part 3, addresses management issues related to the implementation and use of digital certificates of health care, provides evidence
The structure and minimum requirements of the book strategy (CP) and the structure of the associated certification operation statement. This section is based on IETF/RFC3647 recommendations
As the basis for identifying the principles needed in the security strategy for cross-national communications of health information and also setting the minimum level of security required for health
Full.
Health Informatics Public Key Infrastructure (PKI)
Part 2. Certificate Outline
1 Scope
This section specifies the certificates required for the exchange of health care information within and between individual organizations and across regulatory boundaries
contour. This section also details the applications of PKI digital certificates in the medical industry and focuses on the use of
Certificate outline related to health care issues.
2 Normative references
The provisions of the following documents through the GB /Z21716 of this part of the reference and become the provisions of this section. Any reference to the date of the citation
All subsequent amendments (not including errata content) or revisions do not apply to this section, however, encouraged to be reached under this section
The parties to the agreement examine whether the latest versions of these documents are available. For undated references, the latest version applies to this book
section.
GB /Z21716.1-2008 Health Informatics Public Key Infrastructure (PKI) Part 1. Overview of Digital Certificate Services
GB /Z21716.3-2008 Health Informatics Public Key Infrastructure (PKI) Part 3. Strategic Management of Certification Bodies
IETF/RFC3280 InternetX. 509 Public Key Infrastructure Certificate and CRL Profile
IETF/RFC3281 Internet profile for agency profile
IETF/RFC3739 Internet X. 509 Public Key Infrastructure Certificate of Eligibility
3 Terms and definitions
GB /Z21716.1 given terms and definitions apply to this section.
4 Abbreviations
The following abbreviations apply to this section.
AA Attribute Agency attributeauthority
AC attribute certificate attributecertificate
CA certification authority certificationauthority
CP certificate policy certificatepolicy
CPS certification operating statement certificationpracticestatement
CRL certificate revocation list certificaterevocationlist
PKC public key certificate publickeycertificate
PKI public key infrastructure publickeyinfrastructure
RA registration authority registrationauthority
TTP Trusted third party trustedthirdparty
5 Health Care Certificate Strategy
5.1 Type of health care certificate
Identification certificate should be issued to.
--- Individuals (regular health professionals, non-formal health professionals, trusted healthcare providers, employees of supporting organizations, patients /
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GBZ21716.2-2008_English be delivered?Answer: Upon your order, we will start to translate GBZ21716.2-2008_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GBZ21716.2-2008_English with my colleagues?Answer: Yes. The purchased PDF of GBZ21716.2-2008_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|