Security Profiles - Dicom - NEMA
Security Profiles - Dicom - NEMA
Security Profiles - Dicom - NEMA
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
PS 3.15-2003<br />
Page 8<br />
This Standard assumes that an Application Entity using ISCL has access to an appropriate key<br />
management and distribution system (e.g. smartcards). The nature and use of such a key management<br />
and distribution system is beyond the scope of DICOM, though it may be part of the security policies used<br />
at particular sites.<br />
2 Normative references<br />
The following standards contain provisions that, through reference in this text, constitute provisions of this<br />
Standard. At the time of publication, the editions indicated were valid. All standards are subject to<br />
revision, and parties to agreements based on this Standard are encouraged to investigate the possibilities<br />
of applying the most recent editions of the standards indicated below.<br />
ANSI X9.52 American National Standards Institute. ANSI X9.52-1998, Triple Data Encryption<br />
Algorithm Modes of Operation. 1998.<br />
ECMA 235, The ECMA GSS-API Mechanism<br />
FIPS PUB 46 Data Encryption Standard<br />
FIPS PUB 81 DES Modes of Operation<br />
IETF Internet X.509 Public Key Infrastructure; Time Stamp Protocols; March 2000<br />
ISO/IEC Directives, 1989 Part 3 - Drafting and Presentation of International Standards<br />
ISO/IEC 10118-:1998 Information technology – <strong>Security</strong> techniques – Hash-functions – Part 3:<br />
Dedicated hash-functions (RIPEMD-160 reference)<br />
Note: The draft RIPEMD-160 specification and sample code are also available at<br />
ftp://ftp.esat.kuleuven.ac.be/pub/bosselae/ripemd<br />
ISO 7498-1, Information Processing Systems - Open Systems Interconnection - Basic Reference<br />
Model<br />
ISO 7498-2, Information processing systems – Open Systems Interconnection – Basic reference<br />
Model – Part 2: <strong>Security</strong> Architecture<br />
ISO/TR 8509, Information Processing Systems - Open Systems Interconnection - Service<br />
Conventions<br />
ISO 8649:1987, Information Processing Systems - Open Systems Interconnection - Service<br />
Definition for the Association Control Service Element<br />
Integrated Secure Communication Layer V1.00 MEDIS-DC<br />
ITU-T Recommendation X.509 (03/00) “Information technology - Open Systems Interconnection<br />
- The directory: Public-key and attribute certificate frameworks”<br />
Note: ITU-T Recommendation X.509 is similar to ISO/IEC 9594-8 1990. However, the ITU-T<br />
recommendation is the more familiar form, and was revised in 1993 and 2000, with two<br />
sets of corrections in 2001. ITU-T was formerly known as CCITT.<br />
RFC 2246, Transport Layer <strong>Security</strong> (TLS) 1.0 Internet Engineering Task Force<br />
Note: TLS is derived from SSL 3.0, and is largely compatible with it.<br />
RFC-2313 PKCS #1: RSA Encryption, Version 1.5, March 1998.<br />
RFC 2437 PKCS #1 RSA Cryptography Specifications Version 2.0