7.1. Security Profiles¶
7.1.1. Secure Transport Connection Profiles¶
dcm4che DICOM Archive 5 supports the Basic TLS Secure Transport Connection Profile and the AES TLS Secure Transport Connection Profile as specified in DICOM Standard, Part 15, Annex B.1 and Annex B.3.
By default configuration, TLS 1.0, TLS 1.1 and TLS 1.2 are enabled, use of TLS 1.2 is preferred.
Also other cipher suite options than the two in compliance with AES TLS Secure Transport Connection Profile:
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
may be configured.
Beside DICOM DIMSE service connections, also HL7 v2 and HTTP connections can be secured by use of TLS.
IP ports on which an implementation accepts TLS connections are configurable.
The private key and the Certificate used by an instance of dcm4che DICOM Archive 5 to identify itself in the TLS negotiation with remote applications has to be provided in a local keystore file in PKCS12 or JKS (Java Key Store) format on the application host. Certificates of Certificate Authorities (CA) to validate Certificates received from remote applications during the TLS negotiation can also be provided in a local keystore file in JKS format or at the central LDAP server, used as configuration backend for all instances of dcm4che DICOM Archive 5.
7.1.2. Network Address Management Profiles¶
dcm4che DICOM Archive 5 supports the Basic Network Address Management Profile as DHCP Client and DNS Client actor utilizing network configuration options of the underlying operating system. S. DICOM Standard, Part 15, Annex F.1.
7.1.3. Time Synchronization Profiles¶
dcm4che DICOM Archive 5 supports the Basic Time Synchronization Profile as DHCP Client and NTP Client actor utilizing time synchronization options of the underlying operating system. S. DICOM Standard, Part 15, Annex G.1.
7.1.4. Application Configuration Management Profiles¶
dcm4che DICOM Archive 5 supports the Application Configuration Management Profile as LDAP Client actor. Any LDAP v3 compatible LDAP server can be used as configuration backend for multiple instances of dcm4che DICOM Archive 5 - and may also be shared with external DICOM applications which also supports the Application Configuration Management Profile as LDAP Client actor. S. DICOM Standard, Part 15, Annex H.1.
7.1.5. Audit Trail Profiles¶
7.1.5.1. Audit Trail Message Format Profile¶
dcm4che DICOM Archive 5 supports the Audit Trail Message Format Profile as specified in DICOM Standard, Part 15, Annex A.5.
7.1.5.1.1. Audit Messages¶
- 7.1.5.1.1.1. General Message Format Conventions
- 7.1.5.1.1.2. Application Activity
- 7.1.5.1.1.2.1. Trigger Events
- 7.1.5.1.1.2.2. Message Structure
- 7.1.5.1.1.2.3. Sample Messages
- 7.1.5.1.1.2.3.1. Application Activity Message - Application Start - Startup of archive / Deploy archive ear file
- 7.1.5.1.1.2.3.2. Application Activity Message - Application Start - Using REST service
- 7.1.5.1.1.2.3.3. Application Activity Message - Application Stop - Shutdown of archive / Undeploy archive ear file
- 7.1.5.1.1.2.3.4. Application Activity Message - Application Stop - Using REST service
- 7.1.5.1.1.3. Audit Log Used
- 7.1.5.1.1.4. Begin Transferring DICOM Instances
- 7.1.5.1.1.5. Data Export
- 7.1.5.1.1.6. DICOM Instances Accessed
- 7.1.5.1.1.7. DICOM Instances Transferred
- 7.1.5.1.1.8. DICOM Study Deleted
- 7.1.5.1.1.8.1. Trigger Events
- 7.1.5.1.1.8.2. Message Structure
- 7.1.5.1.1.8.3. Sample Messages
- 7.1.5.1.1.8.3.1. Study completely rejected using unsecured archive UI
- 7.1.5.1.1.8.3.2. Study completely rejected on store of rejection note by STOW-RS REST Services
- 7.1.5.1.1.8.3.3. Study completely rejected on store of rejection note over DICOM C-Store
- 7.1.5.1.1.8.3.4. Study permanently deleted using unsecured archive UI
- 7.1.5.1.1.8.3.5. Study permanently deleted on deletion of patient using unsecured archive UI
- 7.1.5.1.1.8.3.6. Study deleted on reimporting a study using unsecured archive UI
- 7.1.5.1.1.8.3.7. Expired study completely rejected by Reject Expired Studies Scheduler
- 7.1.5.1.1.8.3.8. Study completely deleted by Purge Storage Scheduler
- 7.1.5.1.1.8.3.9. Previous study completely rejected on subsequent receive of objects with same SOP Instance UID but different Study/Series Instance UIDs
- 7.1.5.1.1.8.3.10. Study completely rejected in external archive
- 7.1.5.1.1.9. Query
- 7.1.5.1.1.10. Patient Record
- 7.1.5.1.1.11. Procedure Record
- 7.1.5.1.1.12. Security Alert
- 7.1.5.1.1.13. User Authentication
7.1.5.2. Audit Trail Message Transmission Profile - SYSLOG-TLS¶
dcm4che DICOM Archive 5 supports the Audit Trail Message Transmission Profile - SYSLOG-TLS as specified in DICOM Standard, Part 15, Annex A.6.
7.1.5.3. Audit Trail Message Transmission Profile - SYSLOG-UDP¶
dcm4che DICOM Archive 5 supports the Audit Trail Message Transmission Profile - SYSLOG-UDP as specified in DICOM Standard, Part 15, Annex A.7.
7.1.6. Attribute Confidentiality Profiles¶
7.1.6.1. Basic Application Level Confidentiality Profile¶
dcm4che DICOM Archive 5 supports the Basic Application Level Confidentiality Profile as specified in DICOM Standard, Part 15, Annex E.2 with the Basic Application Level Confidentiality Options:
Retain Longitudinal Temporal Information Full Dates Option as specified in DICOM Standard, Part 15, Annex E.3.6
Retain Device Identity Option as specified in DICOM Standard, Part 15, Annex E.3.8
Retain UIDs Option as specified in DICOM Standard, Part 15, Annex E.3.9
Retain Institution Identity Option as specified in DICOM Standard, Part 15, Annex E.3.11
7.1.6.1.1. Attributes removed or replaced¶
One can directly refer the table Application Level Confidentiality Profile Attributes with different action codes to see the list of attributes supported dependent on the applied Basic Application Level Confidentiality Option.
In addition to the above list of attributes, below table lists out the private attributes and some more DICOM attributes which are missing in Application Level Confidentiality Profile Attributes to be removed.
Attributes |
---|
Private Attributes |
Patient Create Date Time (7777,0010) |
Patient Update Date Time (7777,0011) |
Study Receive Date Time (7777,0020) |
Study Update Date Time (7777,0021) |
Study Access Date Time (7777,0022) |
Study Expiration Date (7777,0023) |
Study Rejection State (7777,0024) |
Study Completeness (7777,0025) |
Failed Retrieves Of Study (7777,0026) |
Study Access Control ID (7777,0027) |
Storage IDs of Study (7777,0028) |
Study Size in KB (7777,0029) |
Study Size Bytes (7777,002A) |
Series Receive Date Time (7777,0030) |
Series Update Date Time (7777,0031) |
Series Expiration Date (7777,0033) |
Series Rejection State (7777,0034) |
Series Completeness (7777,0035) |
Failed Retrieves Of Series (7777,0036) |
Sending Application Entity Title Of Series (7777,0037) |
Scheduled Metadata Update Date Time Of Series (7777,0038) |
Scheduled Instance Record Purge Date Time Of Series (7777,0039) |
Instance Record Purge State Of Series (7777,003A) |
Series Metadata Storage ID (7777,003B) |
Series Metadata Storage Path (7777,003C) |
Series Metadata Storage Object Size (7777,003D) |
Series Metadata Storage Object Digest (7777,003E) |
Instance Receive Date Time (7777,0040) |
Instance Update Date Time (7777,0041) |
Rejection Code Sequence (7777,0042) |
Instance External Retrieve AE Title (7777,0043) |
Storage ID (7777,0050) |
Storage Path (7777,0051) |
Storage Transfer Syntax UID (7777,0052) |
Storage Object Size (7777,0053) |
Storage Object Digest (7777,0054) |
Other Storage Sequence (7777,0055) |
X Road Person Status (7777,00E0) |
X Road Data Status (7777,00E1) |
X - Remove (missing in Part 15) |
Human Performer Code Sequence (0040,4009) |
Issuer of Accession Number Sequence (0008,0051) |
Issuer of Admission ID Sequence (0038,0014) |
Issuer of Patient ID Qualifiers Sequence (0010,0024) |
Patient’s Size Code Sequence (0010,1021) |
Requesting Physician Identification Sequence (0032,1031) |
Requesting Service Code Sequence (0032,1034) |
Series Description Code Sequence (0008,103F) |
X - Remove (missing in Part 15) if Retain Longitudinal Temporal Information Full Dates Option not configured |
Instance Creation Date (0008,0012) |
Instance Creation Time (0008,0013) |
7.1.6.1.2. Inserted dummy values¶
Following table lists attributes and the dummy values which are used to replace the attributes’ values
Attributes |
VR |
Dummy Value |
---|---|---|
Series Date (0008,0021) |
DA |
19991111 |
Content Date (0008,0023) |
||
Patient’s Birth Date (0010,0030) |
||
Acquisition Date (0008,0022) |
||
Admitting Date (0038,0020) |
||
Study Date (0008,0020) |
||
Acquisition Date Time (0008,002A) |
DT |
19991111111111 |
Start Acquisition Date Time (0018,9516) |
||
End Acquisition Date Time (0018,9517) |
||
Verification Date Time (0040,A030) |
||
Series Time (0008,0031) |
TM |
111111 |
Content Time (0008,0033) |
||
Acquisition Time (0008,0032) |
||
Admitting Time (0038,0021) |
||
Study Time (0008,0030) |
||
Acquisition Device Processing Description (0018,1400) |
LO |
REMOVED |
Contrast Bolus Agent (0018,0010) |
||
Protocol Name (0018,1030) |
||
Verifying Organization (0040,A027) |
||
Device Serial Number (0018,1000) |
||
Institution Name (0008,0080) |
||
Filler Order Number / Imaging Service Request (0040,2017) |
||
Patient ID (0010,0020) |
||
Placer Order Number / Imaging Service Request (0040,2016) |
||
Requested Procedure Description (0032,1060) |
||
Patient’s Sex Neutered (0010,2203) |
CS |
|
Patient’s Sex (0010,0040) |
||
Detector ID (0018,700A) |
SH |
|
Station Name (0008,1010) |
||
Accession Number (0008,0050) |
||
Study ID (0020,0010) |
||
Dose Reference UID (300A,0013) |
UI |
|
Operators Name (0008,1070) |
PN |
|
Person Name (0040,A123) |
||
Verifying Observer Name (0040,A075) |
||
Consulting Physician’s Name (0008,009C) |
||
Content Creator’s Name (0070,0084) |
||
Patient’s Name (0010,0010) |
||
Referring Physician’s Name (0008,0090) |
||
Reviewer Name (300E,0008) |
7.1.6.1.3. Encrypted Attributes Data Sets¶
Encryption of attributes data sets for later re-identification is not supported.
7.1.6.1.4. Scope of Referential Integrity of Replacement Values for UIDs¶
Replacement UIDs are derived from the original UID by using the algorithm for Creating Name-Based UUIDs as specified in RFC 4122: A Universally Unique Identifier (UUID) URN Namespace, encoded as UID according Object Identifier (OID) Repository. Therefore equal original UIDs in different DICOM objects also across Studies or Patients are replaced by equal new UIDs in resulting objects.