DICOMwebTM 2015 Conference & Hands-on Workshop University of Pennsylvania, Philadelphia, PA September 10-11, 2015 Keeping it Safe – Securing DICOM Robert.

Slides:

Advertisements

Similar presentations

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Advertisements

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.

January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

Core Web Service Security Patterns

Secure Data Transmission James Matheke Information Security Architect Ohio Department of Job and Family Services.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

THE DICOM 2014 Chengdu Workshop August 25, 2014 Chengdu, China Keeping It Safe Brad Genereaux, Agfa HealthCare Product Manager Industry Co-Chair, DICOM.

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

THE DICOM 2013 INTERNATIONAL CONFERENCE & SEMINAR March 14-16Bangalore, India Keeping It Safe: Securing DICOM Lawrence Tarbox, Ph.D. Mallinckrodt Institute.

Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

S Security and DICOM Lawrence Tarbox, Ph.D Chair, DICOM WG 14 (Security) Siemens Corporate Research.

Security and DICOM Lawrence Tarbox, Ph.D. Chair, DICOM Working Group 14 Siemens Corporate Research.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

What IHE Delivers Healthcare Provider Directories IHE IT Infrastructure Planning Committee Eric Heflin – Medicity/THSA.

Storage Security and Management: Security Framework

Defining Security Issues

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

S New Security Developments in DICOM Lawrence Tarbox, Ph.D Chair, DICOM WG 14 (Security) Siemens Corporate Research.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Audit Trail and Node Authentication Robert Horn Agfa Healthcare.

7 February 2005IHE Europe Educational Event 1 Audit Trail and Node Authentication Integrating the Healthcare Enterprise G. Claeys Agfa Healthcare R&D Vendor.

September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Vendors Webinar 2006 IHE IT Infrastructure Education Robert Horn, Agfa Healthcare.

September, 2005What IHE Delivers 1 G. Claeys, Agfa Healthcare Audit Trail and Node Authentication.

Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

DICOM Security Lawrence Tarbox, Ph.D. Chair, WG 14 Mallinckrodt Institute of Radiology Washington University in St. Louis School of Medicine.

General Key Management Guidance. Key Management Policy  Governs the lifecycle for the keying material  Hope to minimize additional required documentation.

September, 2005What IHE Delivers 1 Radiology Option for Audit Trail and Node Authentication IHE Vendors Workshop 2006 IHE IT Infrastructure Education Robert.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Geneva, Switzerland, September 2014 Identity Based Attestation and Open Exchange Protocol (IBOPS) Scott Streit Chief Scientist.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.

September, 2005What IHE Delivers 1 Cross-Enterprise Document Point-to-point Interchange (XDP) IHE Vendors Workshop 2006 IHE IT Infrastructure Education.

DICOM Security Andrei Leontiev, M.S. Dynamic Imaging.

Chapter 21 Distributed System Security Copyright © 2008.

Integrating the Healthcare Enterprise Audit Trail and Node Authentication Profile Name of Presenter IHE affiliation.

PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

February 8, 2005IHE Europe Educational Event 1 Integrating the Healthcare Enterprise Basic Security Robert Horn Agfa Healthcare.

DICOM INTERNATIONAL CONFERENCE & SEMINAR Oct 9-11, 2010 Rio de Janeiro, Brazil Security, Privacy & Networking Lawrence Tarbox, Ph.D. Washington University.

SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.

September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Education Workshop 2007 IHE IT Infrastructure Education John Moehrke GE Healthcare.

HIT Policy Committee Report from HIT Standards Committee Privacy and Security Workgroup Dixie Baker, SAIC December 15, 2009.

Topic 5: Basic Security.

CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.

Java Security Session 19. Java Security / 2 of 23 Objectives Discuss Java cryptography Explain the Java Security Model Discuss each of the components.

IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.

Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.

September, 2005What IHE Delivers 1 Cross-Enterprise Document Point-to-point Interchange (XDM) IHE Vendors Workshop 2006 IHE IT Infrastructure Education.

Engineering Secure Software. Agenda  What is IoT?  Security implications of IoT  IoT Attack Surface Areas  IoT Testing Guidelines  Top IoT Vulnerabilities.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

Cross-Enterprise User Authentication Year 2 March 16, 2006 Cross-Enterprise User Authentication Year 2 March 16, 2006 John F. Moehrke GE Healthcare IT.

DICOM Security Andrei Leontiev, Dynamic Imaging Presentation prepared by: Lawrence Tarbox, Ph.D. Chair, WG 14 Mallinckrodt Institute of Radiology Washington.

Basic Security Cor Loef Philips Medical Systems Co-Chair IHE Radiology Technical Committee.

Web Database Security Session 12 & 13 Matakuliah: Web Database Tahun: 2008.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

Integrating the Healthcare Enterprise The Integration Profiles: Basic Security Profile.

What IHE Delivers Healthcare Provider Directories IHE IT Infrastructure Planning Committee Eric Heflin - Medicity.

Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.

Security Issues in Information Technology

Radiology Option for Audit Trail and Node Authentication Robert Horn

Integrating the Healthcare Enterprise

Virtual Private Networks (VPN)

CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION

X-Road as a Platform to Exchange MyData

Security in SDR & cognitive radio

Presentation transcript:

DICOMwebTM 2015 Conference & Hands-on Workshop University of Pennsylvania, Philadelphia, PA September 10-11, 2015 Keeping it Safe – Securing DICOM Robert Horn, Interoperability Architect, Agfa Healthcare Chair, DICOM Working Group 6, Base Standard

What is security? Protecting data access (against unauthorized access) Protecting data integrity (against unauthorized changes) Protecting data loss (against unauthorized deletions) Protecting data availability (against denial of service) Protecting other systems (against indirect attacks)

The threat environment is changing Healthcare applications are now on the front line for malicious attackers. –Old attitude of “they won’t attack us” is wrong. –Hiding behind firewalls is becoming insufficient.

What are the implications if security is compromised? Data corruption and loss Fraud against those victimized –Approximate median cost to a patient from stolen medical identity: $14,000 (2014) Civil penalties (fines and lawsuits) –Some fines over $1,000,000 in 2014 (US) Criminal penalties –Multiple felony convictions (over 1 yr) in 2014, (US) Serious harm and death

Keeping DICOM Safe 5 DICOM Simple workflow Modality transmits images to archive Radiologist requests images for reading : Out to cause security issues

DICOM Security Profiles Defined in PS3.15, “Security and System Management Profiles” Describes methods to mitigate various security concerns Items in red describe solutions that are used in the industry but not explicity part of the DICOM standard 6

DICOM in Transit (unprotected) Who sees this image? The modality, who sends the image The archive, who receives the image Anyone on the network between 7 DICOM

DICOM-TLS Transport Level Security encryption (defined in PS3.15 Section B.1) Encryption algorithm and temporary key is negotiated using public certificates as part of TLS Traffic is encrypted using temporary private key DICOMweb should use TLS (aka HTTPS) Network VPN tunnels and VLAN are other network protection mechanisms 8 DICOM

DICOM in Transit (Authentication) 9 Who are the actors in transmission? The modality, who sends the image The archive, who receives the image Anyone pretending to be these actors DICOM

Node Identity (Authentication) DICOM-TLS certificates provide identifying information about the end point machines Certificates may be self-signed, private CA signed, or public CA signed. Private CA and self-signed are more appropriate for healthcare. AE title verification is a weak authentication alternative if TLS is used 10 DICOM

User Authentication Who can retrieve images? Device is validated by DICOM-TLS User can retrieve images Anyone else using device can, too 11 DICOM

User Authentication Defined in PS3.15 B.4-7 Authentication of users can occur via Mutual TLS authentication plus local authentication (trust a known counterparty) Authentication during association negotiation (SAML, Kerberos, etc) OAuth when using DICOMWeb Authenticating users at the application level and making trusted calls to the imaging backend is an alternative approach 12 DICOM

Auditing Described in PS 3.15 Part A.5 User should be known Events for authentication, query, access, transfer, import/export, and deletion This is used in the IHE ITI ATNA profile Logs must be analyzed, not just gathered. 13

DICOM at Rest Who ensures the images are genuine as the modality provides them? The creating device Anyone who can manipulate the archive 14 DICOM

Digital Signatures DICOM supports digital signatures which provides integrity check and other features Defined in PS3.15 Section C Individual fields can also be selectively encrypted 15 DICOM

Media Storage Used when DICOM is transmitted via physical media (CD, DVD, USB key) Guarantees confidentiality, integrity, and media origin Defined in PS3.15 section D Disk-level encryption can also be used to maintain protection for both removable media and built-in media. 16

Anonymization Anonymization profiles exist to support masking of data for various purposes Clinical trials Teaching files Risk Reduction Defined in PS3.15 section E Addresses removal and replacement of DICOM attributes that may reveal protected health information 17

DICOM’s Stance DICOM enables a very wide variety of authentication and access control policies, but does not mandate them DICOMweb does the same through the use of standard internet technologies 18

Suggestions Use DICOM-TLS and HTTPS for DICOMweb Use appropriate authentication and authorization measures Use appropriate at-rest encryption mechanisms Control access via managed environments, strong identity management, firewalls Consider security throughout your project lifecycle, not at the end Consider government guidance, e.g. DISA STIGs, NIST 800 series. 19

Useful Guidance Links More and more general guidance is available Manageable Network Plan – NIST 800 family – DISA –

Keep It Safe! Questions? Thank you! 21 DICOM

Image Sources