Hl7 Secure Transactions Special Interest Group

Acronyms and Abbreviations

Yüklə 200,27 Kb.

səhifə	2/3
tarix	03.08.2018
ölçüsü	200,27 Kb.
	#66895

1 2 3

Glossary acceptance

Acronyms and Abbreviations

ANSI	American National Standards Institute
ASC	American Standards Committee
TTP	Trusted Third Party

Glossary
acceptance: The act of accepting; a receiving what is offered, with approbation, satisfaction, or acquiescence (esp. favourable reception, approval).

access: The ability of a subject to view, change, or communicate with an object in a computer system. Typically, access involves a flow of information between the subject and the object (for example, a user reads a file, a program creates a directory). [O’Reilly, 1992]

The provision of an opportunity to approach, inspect, review, make use of data or information. Refers to such actions by the individual receiving healthcare as well as providers of healthcare services and any other individual or entity who has appropriate authorisation for such actions. [CPRI95b]

access control: The prevention of unauthorised use of a resource, including the prevention of use of a resource in an unauthorised manner. [ISO89]

Information-use policy to determine who can have access to what data/ information (both within and external to the organisation adopting the access control policy); policies and procedures preventing access by those who are not authorised to have it. [Institute of Medicine, 1994]

access level: A level associated with an individual who may be accessing information (e.g., a clearance level) or with the information which may be accessed (e.g., a classification level). [National Research Council, 1991]

access control list: A list of entities, together with their access rights, which are authorised to have access to a resource. [OMG97]

access mode: A distinct operation recognised by protection mechanisms as a possible operation on data/information. Read and write are possible modes of access to a computer file; execute is an additional mode of access to a program; and create and delete are access modes for directory objects. [MTR-8201; National Research Council, 1991]

accountability: The property that ensures that the actions of an entity can be traced. [ISO89]

The concept that individual persons or entities can be held responsible for specified actions, such as obtaining informed consent or breaching confidentiality. [National Research Council, 1991]

accuracy: Magnitude of errors in data resulting from miscoding or misrepresenting facts, maintaining out-of-date findings, or commingling of data from more than one person. [Institute of Medicine, 1994]

A security principle that keeps information from being modified or otherwise corrupted either maliciously or accidentally. Accuracy protects against forgery or tampering. Synonymous with integrity. [O’Reilly, 1992]

active threat: A type of threat that involves the alteration, not simply the interception, of information. For example, an active tap is a type of wiretapping that accesses and compromises data, usually by generating false messages or control signals, or by altering communications between legitimate users. The danger of an active threat is primarily the authenticity of the information being transmitted. Contract with passive threat. [O’Reilly, 1992]

algorithm: A procedure for solving a mathematical problem in a finite number of steps that frequently involves repetition of an operation. In 1972 the National Bureau of Standards (NBS; now the National Institute of Standards and Technology) identified the need for a data encryption standard for use in unclassified applications. The Data Encryption Standard (DES) represents the first cryptographic algorithm openly developed by the US government and has become an American National Standards Institute (ANSI) standard (number X3.92-1981/R1987). [National Research Council, 1991]

architecture: An arrangement of components intended to fulfil some need. [Tuttle, 1994]

assurance: A measure of confidence that a system’s security features have been implemented and work property. [O’Reilly]

Justified confidence in the security of a system.

Development, documentation, testing, procedural, and operational activities carried out to ensure that a system’s security services do in fact provide the claimed level of protection. [OMG97]

asymmetric A form of cryptosystem in which encryption and decryption encryption: are performed using two different keys, one of which is referred to
as the public key and one of which is referred to as the private
key. Also known as public-key encryption. [Stallings95]

asymmetric key: One half of a key pair used in an asymmetric ("public-key") encryption system. Asymmetric encryption systems have two important properties: (i) the key used for encryption is different from the one used for decryption (ii) neither key can feasibly be derived from the other. [OMG97]

attack: The act of aggressively trying to bypass security controls. The fact that an attack is made does not necessarily mean that it will succeed. The degree of success depends on the vulnerability of the system and the effectiveness of existing countermeasures. [Fites93]

An attempt to bypass security controls on a system. An active attack alters data. A passive attack releases data. Whether or not an attack will succeed depends on the vulnerability of the system and the effectiveness of existing countermeasures. [O’Reilly, 1992]

attribute: A piece of information associated with the use of a document.

audit: To record independently and later examine system activity (e.g., logins and logouts, file accesses, security violations). See security audit. [O’Reilly, 1992]

audit event: The data collected about a system event for inclusion in the system audit log. [OMG97]

audit trail: Data collected and potentially used to facilitate a security audit. [ISO89]

The chronological set of records that provides evidence of system activity. These records can be used to reconstruct, review, and examine transactions from inception to output of final results. The records can also be used to track system usage and detect and identify intruders. [O’Reilly, 1992]

Documentary evidence of monitoring each operation of individuals on health information. [National Research Council, 1991] Audit trails may be comprehensive or specific to the individual and information. For example, an audit trail may be a record of all actions taken by anyone on a particularly sensitive file. [OTA, 1993]

authentication: The corroboration that an entity is the one claimed. [ISO89]

The process of proving that a subject (e.g., a user or a system) is what the subject claims to be. Authentication is a measure used to verify the eligibility of a subject and the ability of that subject to access certain information. It protects against the fraudulent use of a system or the fraudulent transmission of information. There are three classic ways to authenticate oneself: something you know, something you have, and something you are. [O’Reilly, 1992]

Providing assurance regarding the identity of subject (author) or object (information). Authentication of data origin is corroboration that the source of data is received as is claimed. Authentication of user is the provision of assurance of the claimed identity of an individual or entity. [ASTM95b]

authentication A device allocated to an entity to assist the authentication of that token: entity.

authenticity: A security principle that ensures that a message is received in exactly the form in which it was sent. See also message authentication and message authentication code. [O’Reilly, 1992]

authorise: Granting of rights, which includes granting of access based on access rights. [ISO89]

authorisation: The granting of rights, which includes the granting of access based on access rights. [ISO89]

The mechanism for obtaining consent for the use and disclosure of health information. The American Health Information Management Association has recommended requirements for valid authorisation. Within the context of a computer-based patient record system, these requirements would include that the authorisation: be documented (electronically), be addressed to a specific healthcare provider, specifically identify the patient, identify the individual or entity authorised to receive the information, identify the information that is to be released, specify the purpose for the disclosure, specify under what conditions the authorisation will expire unless revoked earlier, indicate that the authorisation is subject to revocation, be (electronically) signed by the patient or patient's legal representative, and be dated sometime after the information has been collected. [AHIMA94a]

authorised The release of personally identifiable information to a third disclosure: party upon authorisation. [Abdelhak96]

availability: The property of being accessible and useable upon demand by an authorised entity. [ISO89]

biometrics: The statistical study of biological data. In computer security, the use of unique, quantifiable physiological, behavioural, and morphological characteristics to provide positive personal identification. Examples of such characteristics are fingerprints, retina patterns, and signatures. [O’Reilly]

A biometrics based identification system identifies a human from a measurement of a physical feature or repeatable action of the individual (e.g., hand geometry, retinal scan, iris scan, fingerprint patterns, facial characteristics, DNA sequence characteristics, voice prints, and hand written signature). [ASTM95b]

breach of Breach of contract as applied to confidentiality refers to an action
confidentiality: by an individual which reveals a confidence entrusted to that
individual by another without the other's consent. For example,
courts have demonstrated a willingness to apply the ethical
standards of the medical profession to compel physicians to
maintain the confidentiality of information they obtain in the
course of treating their patients. [OTA, 1993]

breach of security: Any action by an authorised or unauthorised user which results in a negative impact upon the data in the system or the system itself, or which causes data or services within a system to suffer unauthorised disclosure, modification, destruction, or denial of service. [CPRI95c]

certification: The technical evaluation performed as part of, and in support of, the accreditation process that establishes the extent to which a particular computer system or network design and implementation meet a pre-specified set of security requirements. [O’Reilly, 1992]

The administrative act of approving a system for use in a particular application. [National Research Council, 1991]

certification A party trusted to vouch for the binding between names or
authority: identities and public keys. In some systems, certification
authorities generate public keys. [OMG97]

A trusted issuer of certification. [National Research Council, 1991]

(Public key) certificate: An agreement that binds a user's name to a public key, signed by a trusted issuer. A framework for the use of public key certificates was defined in Consultative Committee on International Telephony and Telegraphy (CCITT) standard X.509. [National Research Council, 1991] The certificate contains the user's name and public key, the certification authority's name, a serial number, and a validity period. [ASTM95b]

cipher: An algorithm for encryption and decryption. A cipher replaces a piece of information (an element in plaintext) with another object, with the intent to conceal meaning. Typically, the replacement rule is governed by a secret key. [Stallings95]

ciphertext: The result of applying encryption to input data; encrypted text. [OMG97]

checksum: Numbers summed according to a particular set of rules and used to verify that transmitted data has not been modified during transmission. [O’Reilly, 1992]

Digits or bits summed according to arbitrary rules and used to verify the integrity of data. [National Research Council, 1991]

check digit: The resultant representation of a checksum operation. [Verhoeff, 1969]

classification: The hierarchical portion of a sensitivity label. (The non-hierarchical portion is called the ”category set” or the ”compartments.”) A classification is a single level in a stratified set of levels. For example, in a military environment, each of the levels UNCLASSIFIED, CONFIDENTIAL, SECRET and TOP SECRET is more trusted than the level beneath it. When included in a sensitivity label in a system supporting mandatory access controls, a classification is used to limit access to those cleared at that level. [O’Reilly, 1992]

classification level: The security level of information. [National Security Council, 1991] See also sensitivity label.

clearance: A representation of the sensitivity level (the classification and the categories) associated with a user in a system supporting mandatory access controls. A user with a particular clearance can typically access only information with a sensitivity label equal to or lower than the user’s clearance. [O’Reilly, 1992]

clearance level: The security level of an individual who may access information. [National Research Council, 1991]

clinical Data/information related to the health and healthcare of an
data/information: individual collected from or about an individual receiving
healthcare services. Includes a caregiver's objective measurement
or subjective evaluation of a patient's physical or mental state of
health; descriptions of an individual's health history and family
health history; diagnostic studies; decision rationale; descriptions
of procedures performed; findings; therapeutic interventions;
medications prescribed; description of responses to treatment;
prognostic statements; and descriptions of socio-economic and
environmental factors related to the patient's health. [CPRI96b;
ASTM95c]

cleartext: Intelligible data; text which has not been encrypted or which has been decrypted using the correct key. Also known as plaintext. [OMG97]

closed security An environment in which both of the following conditions are environment: true:

Application developers have sufficient clearances and authorisations to provide an acceptable presumption that they have not introduced malicious logic.

Configuration control provides sufficient assurance that applications and equipment are protected against the introduction of malicious logic prior to and during the operation of system applications. [O’Reilly, 1992]

communications Protection of information while it’s being transmitted, particularly
security: via telecommunications. A particular focus of communications
security is message authenticity. [Stallings95]

computer-based The people, data, rules and procedures, processing and storage patient record devices, and communication and support facilities that provide the system: capture, storage, processing, communication, security, and
presentation of computer-based patient record information.
[CPRI95a]

confidential: That which is not freely disclosed; private information which is entrusted to another with the confidence that unauthorised disclosure which would be prejudicial to the individual will not occur. [CPRI94]

confidentiality: A condition in which information is shared or released in a controlled manner. [National Research Council, 1997]

The property that information is not made available or disclosed to unauthorised individuals, entities or processes. [ISO89]

A security principle that keeps information from being disclosed to any one not authorised to access it. [O’Reilly]

The act of limiting disclosure of private matters; maintaining the trust that an individual has placed in one which has been entrusted with private matters. [CPRI95b]

The status accorded to data or information indicating that it is sensitive for some reason, and that therefore it needs to be protected against theft or improper use and must be disseminated only to individuals or organisations authorised to have it. [Ball92; OTA, 1993]

connectivity: The potential (of a computer-based patient record system) to establish links to or interact effectively (with another computer system). [Institute of Medicine, 1994]

consent: The agreement of an individual for a given action relative to the individual. [Huffman, 1985] In healthcare, consent refers to a communication process between the caregiver and the patient, and may refer to consent for treatment, special procedures, release of information, and advanced directives (which give instructions regarding the patient's wishes in special medical situations {Patient Self-Determination Act, December 1991}). [Abdelhak96] Expressed consent Oral or written agreement. Because it is difficult to prove that oral consent was given, most expressed consent is expected to be recorded with a signature. [Huffman, 1985]

Implied consent An action other than an expressed consent on the part of a patient that demonstrates consent. [Huffman, 1985] For example, the presentation of a person to a caregiver implies to a certain extent consent to at least basic consent. [Abdelhak96]

Informed consent The Veteran's Administration defines that for a consent to be valid, the patient must be informed, which is "a freely given consent that follows a careful explanation by a caregiver to a patient or patient's representative of the proposed diagnostic or therapeutic procedure or course of treatment...the patient should be given the opportunity to ask questions, to indicate comprehension of the information provided, and to grant permission freely and without any coercion for performance of a procedure or course of treatment, as well as the opportunity to withhold or revoke such permission at any time without prejudice." [Huffman, 1985] Regulations promulgated by the Department of Health and Human Services for consent by human subjects in medical treatment (4 CFR Section 46.116) provides that informed consent to release of information should include the elements of disclosure, voluntariness, comprehension, and competence to consent. [OTA, 1993]

contingency plan: A plan for responding to a system emergency. The plan includes performing backups, preparing critical facilities that can be used to facilitate continuity of operations in the event of an emergency, and recovering from a disaster. Synonymous with disaster recovery plan. [O’Reilly, 1992]

countermeasure: An action, device, procedure, technique, or other measure that reduces the vulnerability of a system or a threat to that system. [O’Reilly, 1992]

covert channel: A communications channel that allows a process to transfer information in a way that violates a system’s security policy. [O’Reilly, 1992]

credentials: Information describing the security attributes (identity and/or privileges) of a user or other principal. Credentials are claimed through authentication or delegation and used by access control. [OMG97]

criticality: The degree of importance assigned to information denoting is need for protection against integrity and availability security breaches.

crypto-analysis: The branch of cryptology dealing with the breaking of a cipher to recover information, or forging encrypted information that will be accepted as authentic. [Stallings95]

cryptography: The branch of cryptology dealing with the design of algorithms for encryption and decryption, intended to ensure the secrecy and/or authenticity of messages. [Stallings95]

The study of encryption and decryption. From the Greek ”kryptos” meaning ”hidden” and ”graphia” meaning ”writing”. [O’Reilly, 1992]

The art of keeping data secret, primarily through the use of mathematical or logical functions that transform intelligible data into seemingly unintelligible data and back again. [National Research Council, 1991]

cryptology: The study of secure communications, which encompasses both cryptography and crypto analysis. [Stallings95]

cyclic redundancy A mathematical (polynomial division) means to digitally
checks (CRC): fingerprint or perform an error check on a block of data. [Prosise,
1996]

data: A sequence of symbols to which meaning may be assigned. [National Research Council, 1991]

data dictionary: Information describing the specifications and location of all data contained in a system. [WEDI, 1992] It provides the central resource for ensuring that standard definitions for data elements and data structures are used throughout the computer system. [Abdelhak96]

data integrity: The property that data has not been undetectably altered or destroyed in an unauthorised manner or by unauthorised users. [OMG97]

Data Encryption A private key encryption algorithm adopted as the federal standard Standard (DES): for the protection of sensitive unclassified information and used
extensively for the protection of commercial data as well.
[O’Reilly, 1992]

decryption: The translation of encrypted text or data (called ciphertext) into original text or data (called cleartext). [Kratz, 1997]. Also called deciphering.

The process of decoding a message so that its meaning becomes obvious. [OTA, 1993]

The transformation of encrypted text (called ciphertext) into original text (called plaintext). Sometimes called ”deciphering”. [O’Reilly, 1992]

delegation: The act whereby one user or principal authorises another to use his (or her or its) identity or privileges, perhaps with restrictions. [OMG97]

denial of service: The prevention of authorised access to resources or the delaying of time-critical operations. [ISO89]

digest: The result of applying a one-way hash function to a message.

digital signature: Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the unit and protect against forgery e.g. by the recipient. [ISO89]

An authentication mechanism which enables the creator of a message to attach a code that acts as a signature. The signature guarantees the source and integrity of the message. [Stallings95]

An authentication tool that verifies the origin of a message and the identity of the sender and receiver. Can be used to resolve any authentication issues between the sender and receiver. A digital signature is unique for every transaction. [O’Reilly, 1992]

A means to guarantee the authenticity of a set of input data the same way a written signature verifies the authenticity of a paper document. A cryptographic transformation of data that allows a recipient of the data to prove the source and integrity of the data and protect against forgery. Specifically, an asymmetric cryptographic technique in which each user is associated with a public key distributed to potential verifiers of the user's digital signature used to encrypt messages destined for other users, and a private key known only to the user and is used to decrypt incoming messages. To sign a document, the document and private key are input to a cryptographic process which outputs a bit string (the signature). To verify a signature, the signature, document, and user's public key are input to a cryptographic process, which returns an indication of success for failure. Any modification to the document after it is signed will cause the signature verification to fail (integrity). If the signature was computed using a private key other than the one corresponding to the public key used for verification, the verification will fail (authentication). [ASTM95b]

Yüklə 200,27 Kb.

Dostları ilə paylaş:

1 2 3