keeping it safe: securing dicom
DESCRIPTION
Presentation I gave at the DICOM Workshop, held in Chengdu, China, in August 2014. Topics include: DICOM over TLS, DICOM file encryption, DICOM content in other transports, security profiles, and DICOM anonymization profiles.TRANSCRIPT
![Page 1: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/1.jpg)
THE DICOM 2014 Chengdu Workshop
August 25, 2014 Chengdu, China
Keeping It Safe
Brad Genereaux, Agfa HealthCare
Product Manager
Industry Co-Chair, DICOM WG-27, Web Technologies
Securing DICOM
![Page 2: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/2.jpg)
What is security?
• Protecting data security (against unauthorized access)
• Protecting data integrity (against unauthorized changes)
• Protecting data loss (against unauthorized deletions)
• Protecting data availability (against denial of service)
![Page 3: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/3.jpg)
What are the implications if security is compromised?
• Data corruption and loss• Fraud against those victimized• Civil penalties (fines and lawsuits)• Criminal penalties• Serious harm and death
![Page 4: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/4.jpg)
What is NOT security?
• Changing names of parameters, servers or functions to make it harder to guess
• Including dangerous functions in a release but not including them in documentation
![Page 5: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/5.jpg)
Keeping DICOM Safe
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 6
DICOMDICOM
Simple workflow• Modality transmits images to archive• Radiologist requests images for reading
: Out to cause security issues
![Page 6: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/6.jpg)
DICOM Security Profiles
• Defined in PS3.15, “Security and System Management Profiles”
• Describes methods to mitigate various security concerns
• Items in red describe solutions that are used in the industry but not explicity part of the DICOM standard
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 7
![Page 7: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/7.jpg)
DICOM in Transit
Who sees this image?• The modality, who sends the image• The archive, who receives the image• Anyone on the network between
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 8
DICOMDICOM
![Page 8: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/8.jpg)
DICOM-TLS
• Transport Level Security encryption (defined in PS3.15 Section B.1)
• Encryption is negotiated as part of TLS• Traffic encrypted with public certificate and
decrypted by private key• Network VPN tunnels is another mechanism• DICOMweb can leverage HTTPS (TLS based)
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 9
DICOMDICOM
![Page 9: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/9.jpg)
DICOM in Transit
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 10
Who are the actors in transmission?• The modality, who sends the image• The archive, who receives the image• Anyone pretending to be these actors
DICOMDICOM
![Page 10: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/10.jpg)
Node Identity
• DICOM-TLS certificates specifies identifying information about the owner
• Verification of certificates are done against a signing authority
• AE titles are a less secure alternativeAugust 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 11
DICOMDICOM
![Page 11: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/11.jpg)
User Authentication
Who can retrieve images?• Device is validated by DICOM-TLS• User can retrieve images• Anyone else using device can, too
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 12
DICOMDICOM
![Page 12: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/12.jpg)
User Authentication
• Defined in PS3.15 B.4-7• Authentication of users can occur via
• Mutual TLS authentication (each side presents certificates)• Authentication during association negotiation (SAML,
Kerberos, etc)
• Authenticating users at the application level and making trusted calls to the imaging backend is an alternative approach
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 13
DICOMDICOM
![Page 13: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/13.jpg)
Auditing
• Described in PS 3.15 Part A.5• User should be known• Events for authentication, query,
access, transfer, import/export, and deletion
• This is used in the IHE ITI ATNA profile with Radiology option
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 14
![Page 14: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/14.jpg)
DICOM at Rest
Who ensures the images are genuine as the modality provides them?• The archive accomplishes this task• Anyone else who can manipulate the
archive
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 15
DICOMDICOM
![Page 15: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/15.jpg)
Digital Signatures
• DICOM supports digital signatures which provides integrity check and other features
• Defined in PS3.15 Section C• Individual fields can also be selectively encrypted• Disk-level encryption can also be used to maintain
integrity at rest
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 16
DICOMDICOM
![Page 16: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/16.jpg)
Media Storage
• Used when DICOM is transmitted via physical media (CD, DVD, USB key)
• Guarantees confidentiality, integrity, and media origin
• Defined in PS3.15 section D
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 17
![Page 17: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/17.jpg)
Anonymization
• Anonymization profiles exist to support masking of data for various purposes
• Clinical trials• Teaching files
• Defined in PS3.15 section E• Addresses removal and replacement of
DICOM attributes that may reveal protected health information
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 18
![Page 18: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/18.jpg)
DICOM’s Stance
• DICOM enables a very wide variety of authentication and access control policies, but does not mandate them
• DICOMweb shares the same position through the use of standard internet technologies
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 19
![Page 19: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/19.jpg)
Suggestions
Use DICOM-TLS, and HTTPS for DICOMweb Use appropriate authentication and
authorization measures Use appropriate at-rest encryption
mechanisms Control access via managed environments,
strong identity management, firewalls Consider security throughout your project
lifecycle, not at the end
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 20
![Page 20: Keeping it safe: Securing DICOM](https://reader035.vdocument.in/reader035/viewer/2022062406/558ea7f41a28abf6118b469a/html5/thumbnails/20.jpg)
Keep It Safe!
Questions? Thank you!
August 2014, THE DICOM 2014 Chengdu Workshop Keeping It Safe – Brad Genereaux 21
DICOMDICOM