版權(quán)說(shuō)明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)
文檔簡(jiǎn)介
1、電子簽名在醫(yī)院信息系統(tǒng)中的應(yīng)用 The Application of Electronic Signature in the Hospital Information System,廣西壯族自治區(qū)人民醫(yī)院 The People's Hospital Of Guangxi Zhuang Autonomous Region王桂榕May, 20072007年5月,www.gxhospital.com,數(shù)字世界的信息安全要素
2、Information Security Factors in Digital World,PAIN…Privacy(保密性) -確認(rèn)信息的保密,不被竊取 - Ensure information Privacy and not be stolenAuthentication & Authorization(鑒別與授權(quán))-確認(rèn)對(duì)方的身份并確保其不越權(quán)-Authenticate users’ identit
3、y and ensure them don’t exceed their authorityIntegrity(完整性)-確保你收到信息沒(méi)有被篡改- Ensure the received information not to be tamperedNon-Repudiation(抗抵賴)-有證據(jù)保證交易不被否認(rèn)- Evidence to confirm the transaction be undeniable,www.g
4、xhospital.com,,,,,各種安全技術(shù)比較 Comparison of all Kinds of Security Technology,,,身份鑒別Authentication,機(jī)密性Privacy,完整性Integrity,抗抵賴Non-Repudiation,口令Password,動(dòng)態(tài)口令Dynamic Password,密碼技術(shù)Encrypt Technology,PKI/CAPKI/CA,,
5、52;,ü,ü,ü,ü,ü,ü,ü,,,,,ü,,www.gxhospital.com,PKI成為可信網(wǎng)絡(luò)的安全基礎(chǔ)PKI is a Security Infrastructure for Credible Network,,公鑰基礎(chǔ)設(shè)施(Public Key Infrastructure ,PKI),,瀏覽器Browser,E-mail,服務(wù)器Ser
6、ver,防火墻Firewall,目錄Directory,路由器Router,,,,,,遠(yuǎn)程訪問(wèn)控制Remote acc-ess Control,安全電子郵件security EMAIL,網(wǎng)絡(luò)服務(wù)器安全security of network server,文件簽名document signature,VPNVirtual Priv-ate Network,,IP 骨干網(wǎng)絡(luò)IP backbone net,醫(yī)院信息管
7、理系統(tǒng)(Hospital Information System,HIS ),www.gxhospital.com,證書(shū)頒發(fā)機(jī)構(gòu):CACertificate issue institution: CA,證書(shū)認(rèn)證權(quán)威(Certification Authority:CA) 提供網(wǎng)絡(luò)身份認(rèn)證服務(wù) Provide the identity authentication service for network-證明數(shù)字證書(shū)的有效性V
8、erify the validity of the digital certificate負(fù)責(zé)簽發(fā)和管理數(shù)字證書(shū) Be responsible for issuing and manage the digital certificate -具體簽發(fā)證書(shū)Issue certification-對(duì)數(shù)字證書(shū)進(jìn)行簽名Sign to digital certificate-并管理數(shù)字證書(shū)Manage digital certifi
9、cate,www.gxhospital.com,證書(shū)頒發(fā)機(jī)構(gòu):CACertificate awarding institution:CA,具有權(quán)威性和公正性 Authority and Fairness -類似于頒發(fā)身份證的公安局 Be similar to the police station which can issue the ID card -在網(wǎng)絡(luò)世界中人人都信任CA all people trust CA in
10、 the network world,公安局,www.gxhospital.com,證書(shū)注冊(cè)機(jī)構(gòu):RACertificate registration institution: RA,證書(shū)注冊(cè)權(quán)威(Certificate registration Authority)-Registration Authority受理用戶的數(shù)字證書(shū)申請(qǐng) Accept the user’s application of certificati
11、on-對(duì)證書(shū)申請(qǐng)者身份進(jìn)行審核并提交CA制證Verify applicant’s identity and submit applicant related information to CA- 類似于申請(qǐng)身份證的派出所Be similar to the local police station which apply for the ID card,派出所,www.gxhospital.com,證書(shū)注冊(cè)機(jī)構(gòu):RACert
12、ificate registration institution: RA,提供證書(shū)生命期的維護(hù)工作 Offer the maintenance work for the certificate life time-受理用戶證書(shū)申請(qǐng)(Accept the certificate application from users)-協(xié)助頒發(fā)用戶證書(shū)( Assist to issue the certificate to users)-
13、審核用戶真實(shí)身份(Verify the real identity of users)-受理證書(shū)更新請(qǐng)求(Update certificates)-受理證書(shū)吊銷(Revocation certificate ),www.gxhospital.com,電子文檔的安全需求The Security Requirement of Electronic Document,電子文檔包括(The electronic documents inc
14、lude) :-各單位的申報(bào)審批報(bào)告、內(nèi)部通知、公告等 every institution’s reports for application, internal notice, announcement and so on-采用Word、Excel或網(wǎng)頁(yè)等形式 Use Word, Excel, homepage, and so on安全需求(security requirement): -需要多人對(duì)電子文檔進(jìn)行審批并
15、簽字 Need more one person to exam and sign the electronic document-需要實(shí)現(xiàn)(Needs to realize) :身份認(rèn)證 Identity authentication完整性 Integrity抗抵賴 Non-Repudiation,www.gxhospital.com,文檔簽章 Documents signature,針對(duì)電子文檔的安全需求,廣西C
16、A提供文檔簽章產(chǎn)品,解決電子文檔的安全需求。開(kāi)發(fā)了針對(duì)Word、Excel或網(wǎng)頁(yè)等文檔系統(tǒng)的插件——電子簽章插件。使用電子簽章插件和數(shù)字證書(shū),可以對(duì)Word 、Excel或網(wǎng)頁(yè)等文檔進(jìn)行簽名,并添加電子化圖章。點(diǎn)擊文檔上的電子化圖章,可以驗(yàn)證簽名者是誰(shuí),簽名的信息包含哪些,以及電子文檔是否被改動(dòng)等。,In view of the security requirement of electronic documents , G
17、uangXi CA provides the product for document signature. The plug-in unit for Word, Excel ,homepage and other document system - electronic signature plug-in unit By electronic signature plug-in unit and certificate,
18、 we can sign to word, Excel, homepage or other documents, and add electronic stamp on documents. Click the electronic stamp in this document, and confirm who signed, what information about the signature,as well as whe
19、ther the document had been modified and so on.,www.gxhospital.com,電子文檔簽章實(shí)現(xiàn)原理 The Realization Principle about Electronic Documents Signature,unsigned document,Personal identity certificate,Document signature module,Docum
20、ents signature operation,signed document,Signature icon,www.gxhospital.com,HIS應(yīng)用的障礙HIS application barrier,,www.gxhospital.com,HIS應(yīng)用的障礙HIS application barrier,www.gxhospital.com,HIS與電子簽名相結(jié)合的意義the Significance of HIS C
21、ombination with Electronic Signatures,,保密性Privacy,身份鑒證Identity Authentication,授權(quán)Authorization,完整性Integrity,,,,,,抗抵賴Non-Repudiation,www.gxhospital.com,醫(yī)療行業(yè):電子病歷以及各種醫(yī)院信息管理系統(tǒng); Medical profession: electronic medical recor
22、d and all kinds of hospital information management system;藥品監(jiān)督行業(yè):網(wǎng)上電子訂單、藥品監(jiān)管; Drugs surveillance profession: electronic order form on-line, drugs supervised;網(wǎng)站運(yùn)營(yíng):安全站點(diǎn)、網(wǎng)絡(luò)維護(hù)權(quán)限管理系統(tǒng)等; Web station maintenance: Securi
23、ty web site, network maintenance authorization management system, and so on;網(wǎng)上交易平臺(tái):網(wǎng)絡(luò)交易系統(tǒng); Transaction platform on-line: Network transaction system;,PKI在信息化系統(tǒng)中的應(yīng)用The PKI applications for information system,www.gxho
24、spital.com,數(shù)字證書(shū)為醫(yī)療信息系統(tǒng)解決的問(wèn)題,保證了登錄醫(yī)療信息系統(tǒng)用戶的真實(shí)身份 Ensure user identity of system administrator for login the medical service information system 保證臨床醫(yī)療數(shù)據(jù)的保密性、完整性、可靠性 Ensure the clinical medical data secrecy, integrit
25、y and reliability 保證臨床醫(yī)療數(shù)據(jù)的真實(shí)性、不可抵賴性 Ensure the clinical medical data authenticity and undeniableness 為醫(yī)學(xué)研究提供基礎(chǔ)平臺(tái) Provide the foundation platform for the medical research,Digital Certificate Offers One of the M
26、ost Effective Means of Solving Medical Service Information System Trust,www.gxhospital.com,醫(yī)療信息系統(tǒng)安全問(wèn)題的解決方案The Solution for the Medical Service Information System Security,通過(guò)對(duì)醫(yī)療信息系統(tǒng)進(jìn)行以下技術(shù),要求解決醫(yī)療信息系統(tǒng)的各種安
27、全隱患,以及為臨床醫(yī)療數(shù)據(jù)真實(shí)性提供法律依據(jù): Based on the following technical requirements, the reliable medical information system offers means of escaping from all kinds of security hidden danger, and provides the legal basis for the au
28、thenticity of the clinical medical data 對(duì)用戶登錄模塊進(jìn)行身份認(rèn)證; Identity authentication for users through the login module;對(duì)用戶錄入的數(shù)據(jù)進(jìn)行數(shù)字簽名; Digital signature to user’s input data;對(duì)相關(guān)機(jī)密信息進(jìn)行加密保存; Encryption and prese
29、rvation of the related Confidential information ; 對(duì)保存的記錄進(jìn)行時(shí)間認(rèn)證。 The preserved records’ Time Stamp verified.,www.gxhospital.com,,HIS的安全應(yīng)用HIS safe application,,CA中心Guangxi CA,,,,后臺(tái)服務(wù)器backstage server,醫(yī)生,safe audit
30、database安全審計(jì)數(shù)據(jù)庫(kù),醫(yī)院服務(wù)器application server,SSL安全通道,,數(shù)據(jù)庫(kù)database server,提交電子病歷數(shù)據(jù)…(data),醫(yī)生從CA中心申請(qǐng)證書(shū) Doctor apply for certificate from CA center CA中心給醫(yī)院應(yīng)用系統(tǒng)服務(wù)器頒發(fā)服務(wù)器證書(shū),證明接收電子病歷系統(tǒng)(服務(wù)器)的身份 The CA center issues serve
31、r certificate to the hospital application system server, authenticate the sever which received electronic medical record,申請(qǐng)證書(shū),the application certificate,doctor,www.gxhospital.com,醫(yī)生使用證書(shū)登錄應(yīng)用系統(tǒng),由服務(wù)器驗(yàn)證證書(shū)的有效性,建立SSL連接 Do
32、ctor login application system by certificate and server verify the validity of certificate and establishes the SSL connection醫(yī)生向應(yīng)用系統(tǒng)提交電子病歷數(shù)據(jù),用自己的證書(shū)進(jìn)行簽名,經(jīng)SSL通道加密傳輸 Doctor signs to electronic medical record data and
33、submits it to the application system , all the data transmitted by SSL channel are encrypted and authentic.醫(yī)生的數(shù)字簽名由服務(wù)器驗(yàn)證,將保存在安全審計(jì)數(shù)據(jù)庫(kù)中,實(shí)現(xiàn)驗(yàn)證完整性、抗抵賴性 Server verify Doctor's digital signature, which will be preserve
34、d in the safe audit database in order to verify the data integrity and anti-repudiation.,HIS的安全應(yīng)用HIS safe application,www.gxhospital.com,電子病歷、電子醫(yī)囑實(shí)現(xiàn)的意義The significance of realization electronic medical record and elect
35、ronic doctor's advice,電子病歷、電子醫(yī)囑具有如下特點(diǎn):The electronic medical record, the electronic doctor‘s advice have the following characteristics:具備信息共享系統(tǒng),醫(yī)院的各個(gè)部門在任何地方、任何時(shí)候都可以調(diào)閱到所在醫(yī)院病人的全部病歷記錄; Have the information sharing
36、 system, in anyplace and on anytime, every department can read patient's record data in hospital;,www.gxhospital.com,電子病歷、電子醫(yī)囑實(shí)現(xiàn)的意義The significance of realization electronic medical record and electronic doctor'
37、s advice,具備預(yù)警系統(tǒng),能夠揭示藥物的配伍禁忌,甚至不恰當(dāng)?shù)尼t(yī)療措施等,是醫(yī)療智能化的具體表現(xiàn); Have a warning system, which can reveal the incompatibility of medicines, inappropriate medical treatment, and so on. These are concrete manifestation of medical in
38、tellectualization;具備醫(yī)療信息資料庫(kù)支持功能,內(nèi)有電子圖書(shū)、電子雜志以及治療疾病的最新方法。 Support the function of medical information library,in which there are electronic books,magazines as well as the newest methods to treat the disease.,Thank You
溫馨提示
- 1. 本站所有資源如無(wú)特殊說(shuō)明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
- 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
- 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁(yè)內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒(méi)有圖紙預(yù)覽就沒(méi)有圖紙。
- 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
- 5. 眾賞文庫(kù)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
- 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
- 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。
最新文檔
- MPLS在醫(yī)院信息系統(tǒng)中的應(yīng)用分析.pdf
- 數(shù)據(jù)挖掘技術(shù)在醫(yī)院信息系統(tǒng)中的應(yīng)用
- 數(shù)據(jù)挖掘在醫(yī)院信息系統(tǒng)中的應(yīng)用.pdf
- soa在醫(yī)院信息系統(tǒng)中的應(yīng)用研究
- 電子病歷在臨床信息系統(tǒng)中的應(yīng)用.pdf
- 系統(tǒng)評(píng)估在醫(yī)院管理信息系統(tǒng)中的應(yīng)用.pdf
- UML在醫(yī)院管理信息系統(tǒng)中的應(yīng)用.pdf
- SOA在醫(yī)院信息系統(tǒng)中的應(yīng)用研究.pdf
- PKI技術(shù)在醫(yī)院信息系統(tǒng)中的應(yīng)用研究.pdf
- 數(shù)據(jù)挖掘在醫(yī)院信息系統(tǒng)中的研究與應(yīng)用.pdf
- 電子信息工程系統(tǒng)在醫(yī)院管理中的應(yīng)用
- 電子海圖顯示和信息系統(tǒng)在VTS中的應(yīng)用.pdf
- (醫(yī)療電子化)電子簽單技術(shù)在臨床信息系統(tǒng)中的應(yīng)用
- 設(shè)計(jì)模式在電子海圖顯示與信息系統(tǒng)中的應(yīng)用.pdf
- 醫(yī)院信息系統(tǒng)在合理用藥管理中的應(yīng)用研究.pdf
- 身份認(rèn)證和數(shù)字簽名在某銀行安全信息系統(tǒng)中的應(yīng)用.pdf
- 信息系統(tǒng)在油庫(kù)管理中的應(yīng)用
- 多層客戶-服務(wù)器結(jié)構(gòu)在醫(yī)院信息系統(tǒng)中的應(yīng)用.pdf
- 醫(yī)院信息系統(tǒng)在抗菌藥物管理中的應(yīng)用研究.pdf
- 防雷接地在電子信息系統(tǒng)中的作用
評(píng)論
0/150
提交評(píng)論