13 July 1998 Security concepts in clinical applications using DICOM
Author Affiliations +
Abstract
Local area networks in hospitals with connection to the Internet enable remote access to medical data and the deployment of distributed medical services. The use of standardized protocols like DICOM as required by the heterogeneous hard- and software infrastructure aggravates the problem that intruders can potentially gain access to sensitive data. Different levels of data protection are therefore required depending on the utilization of secured or publicly accessible networks, the use of standardized communication, and the differing national data security regulations. To investigate different speed-optimized data security concepts, we constructed exemplary scenarios with distributed telemedical services utilizing DICOM-conform software systems. The hospital networks are separated from the Internet by firewalls. Communication between the DICOM applications was made possible by integrating a security level between the DICOM upper layer protocol and the TCP/IP interface, while encrypting the whole datastream using the Secure Socket Layer Protocol (SSL). A DICOM-conform encryption of selected parts of the DICOM messages and files was developed, that encodes only patient-relevant data. Additionally a security proposal of the DICOM working group on security was implemented and analyzed. Data were encrypted by using either symmetric (public and private key) or symmetric (secret key) methods. This sped up the overall data transfer rate and allowed the DICOM-conform, off-line data storage.
© (1998) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Andreas Thiel, Andreas Thiel, Johannes Bernarding, Johannes Bernarding, Johachim Hohmann, Johachim Hohmann, Domagoi Cosic, Domagoi Cosic, Thomas Tolxdorff, Thomas Tolxdorff, } "Security concepts in clinical applications using DICOM", Proc. SPIE 3339, Medical Imaging 1998: PACS Design and Evaluation: Engineering and Clinical Issues, (13 July 1998); doi: 10.1117/12.319767; https://doi.org/10.1117/12.319767
PROCEEDINGS
12 PAGES


SHARE
RELATED CONTENT

PACS image security server
Proceedings of SPIE (April 19 2004)
Survey of cyber security issues in smart grids
Proceedings of SPIE (April 28 2010)
End-to-end communications security
Proceedings of SPIE (April 18 2006)

Back to Top