Get documents about "EHR Certification and Standards for Digital Certificates
Document Sample
HIT Standards Committee
Privacy and Security Workgroup
EHR Certification and Standards for Digital
Certificates
Dixie Baker, Chair, Privacy and Security Workgroup
Walter Suarez, Co-Chair, Privacy and Security Workgroup
February 11, 2011
Agenda
• Welcome and Introductions
• Role of HITSC Privacy & Security Workgroup on
Provider Directories
• Brief Review of Initial Call & Action Items
• Digital Certificates in the ONC Direct Project
• Digital Certificates in the VA Health System
• Nw-HIN Exchange Specifications for Digital Certificates
• Discussion: Guidelines & Evaluation Criteria for Digital
Certificate Standards
• Next Steps
• Public Comments
Role of HITSC Privacy & Security Workgroup
on Provider Directories
Brief Review of Initial Call and Action Items
• Reviewed HIT Policy Committee Recommendations on Provider
Authentication and Digital Certificates
– Recommendation 5 – Standards Committee to a) select/specify
standards for entity-level Digital Certificate (including data fields); and
b) certification criteria for EHRs that test capability to retrieve,
validate, use and revoke digital certificates
• Defined Scope and Focus of Workgroup on Digital Certificates
– Focus on organization to organization exchange and Class 2 (entity-
level) and Class 3 (software-level) digital certificates
– In doing so, consider all other HIT Policy Committee’s
recommendations
• Reviewed key digital certificate related concepts
– PKI, public/private keys, digital certificates, digital signature,
encryption, certificate authorities, certificate policy, registration
authority, certificate revocation lists, etc
– Glossary of Terms provided
Brief Review of Initial Call and Action Items (cont.)
• Reviewed how PKI and digital certificates work, classes
of certificates
– Noted the temporality dimension of the assignment/application
of certificates (temporary use type vs a permanent certificate)
• Reviewed standards available
– IETF (X.509)
– ISO (17090-1/2/3)
• Reviewed core data elements used
– Mainly X.509 standard
• Identified industry initiatives to explore
– NwHIN Exchange, Direct, VA
– Verisign Extended Validation Cert;
Brief Review of Initial Call and Action Items
• Discussed Workplan and Next Steps
– Goal: make recommendation to HIT Standards Committee by
February 16 (first pass/status report) and March 29 (final)
– Organized schedule of upcoming workgroup meetings:
Date Meeting Topic
Feb 11 S&P WG • Review On the Ground Examples of Implementation of Digital
Certificates
• Discuss Guidelines and Evaluation Criteria for Selection of Digital
Certificate Standards
Feb 16 HITSC • Present Status Report
• Discuss Overall Direction and Approach of Recommendations
Feb 28 S&P WG • Develop/discuss use case applications
(2-3:30 pm EST) • Initial discussion of recommendations
Mar 9 S&P WG • Continue discussion/refinement of recommendations
(2:30-4 pm EST)
Mar 24 S&P WG • Finalize Recommendations to Submit to HITSC
2:3:30 pm EST)
Mar 29 HITPC • Recommendations to HITPC on Digital Certificates
Digital Certificates in the ONC Direct Project
------------------
Digital Certificates in the VA Health System
--------------------
Nw-HIN Exchange Specifications for Digital Certificates
Discussion: Guidelines & Evaluation Criteria
for Digital Certificate Standards
• Purpose:
– Establish a set of guidelines and evaluation criteria for the
identification, evaluation and selection of standards for Digital
Certificates
– To be used by the S&I Framework process
– Findings and recommendations from the S&I Framework process
will come back to the Privacy and Security Workgroup and the
HITSC for final action
• Examples of general guidelines
• Simple, scalable, flexible, implementable (or being implemented),
• Interoperable, linkable, mappable, portable, secure, auditable,
verifiable
• Availability, accessability, cost, technology-neutral
Discussion: Guidelines & Evaluation Criteria
for Digital Certificate Standards
• Criteria used in the Health Information Technology Standard Panel
standards evaluation process:
– Suitability
• Discrete naming; meets use case criteria; essential data elements; legal and
regulatory conformance
– Compatibility
• With other standards; support reuse
– Preferred Standards Characteristics
• Formally adopted, Degree of acceptance; lack of barriers/ease of access;
technical/vendor neutrality; international/national
• Codesets: harmonized with other standards; frequency of update/publication;
version control; mapping; robustness/deficiencies
– Data element usage
• Comprehensive; compatibility with other standards; mapability; constraining;
harmonization
– Cost and Conformance
• Conformance clause and criteria; conformance test methods
Discussion: Guidelines & Evaluation Criteria
for Digital Certificate Standards
Discussion of additional guidelines and evaluation criteria to consider
Attachment 1
Recommendations from HIT Policy Committee on
Provider Authentication and Digital Certificates
Review of HIT Policy Committee Recommendations
on Provider Authentication and Digital Certificates
Review of HIT Policy Committee Recommendations
on Provider Authentication and Digital Certificates
Review of HIT Policy Committee Recommendations
on Provider Authentication and Digital Certificates
Review of HIT Policy Committee Recommendations
on Provider Authentication and Digital Certificates
Review of HIT Policy Committee Recommendations
on Provider Authentication and Digital Certificates
Review of HIT Policy Committee Recommendations
on Provider Authentication and Digital Certificates
Attachment 2
Focus and Scope of Work of
HITSC Privacy & Security WG
Focus of HITSC – Privacy and Security Workgroup
Charge
• Select or Specify Standard for Digital Certificate
• Define the standard data fields/content requirements of
certificates
• Define EHR Certification Criteria that ensures EHR is
capable of retrieving, validating, using or revoking digital
certificates that comply with standard
• Focus on organization to organization exchange
– Entity-level digital certificates (Class 2)
– Software-level digital certificates (Class 3)
• Will NOT define standards for individual (person)-level
digital certificate
• Consider all other Policy recommendations, in defining
standards for digital certificates
Attachment 3
Glossary of Terms
Glossary of Terms
(Ref: NIST SP 800-32 - Introduction to Public Key Technology and the Federal PKI Infrastructure)
Term Definition/Source
Authentication Security measure designed to establish the validity of a transmission, message, or originator, or
a means of verifying an individual's authorization to receive specific categories of information.
[NS4009]
Digital Certificate A digital representation of information which at least (1) identifies the certification authority
issuing it, (2) names or identifies its subscriber, (3) contains the subscriber's public key, (4)
identifies its operational period, and (5) is digitally signed by the certification authority issuing it.
[ABADSG].
Certificate Authority An authority trusted by one or more users to issue and manage X.509 Public Key Certificates
and CARLs or CRLs.
Certificate Authority A signed, time-stamped list of serial numbers of CA public key certificates, including cross-
Revocation List certificates that have been revoked.
(CARL)
Certificate Policy A Certificate Policy is a specialized form of administrative policy tuned to electronic transactions
performed during certificate management. A Certificate Policy addresses all aspects associated
with the generation, production, distribution, accounting, compromise recovery and
administration of digital certificates. Indirectly, a certificate policy can also govern the
transactions conducted using a communications system protected by a certificate-based security
system. By controlling critical certificate extensions, such policies and associated enforcement
technology can support provision of the security services required by particular applications
Glossary of Terms
(Ref: NIST SP 800-32 - Introduction to Public Key Technology and the Federal PKI Infrastructure)
Term Definition/Source
Certification Practice A statement of the practices that a CA employs in issuing, suspending, revoking and renewing
Statement (CPS) certificates and providing access to them, in accordance with specific requirements (i.e.,
requirements specified in this CP, or requirements specified in a contract for services).
Certificate Revocation A list maintained by a Certification Authority of the certificates which it has issued that are
List (CRL) revoked prior to their stated expiration date.
Certificate Status A trusted entity that provides on-line verification to a Relying Party of a subject certificate's
Authority trustworthiness, and may also provide additional attribute information for the subject certificate.
Digital Signature The result of a transformation of a message by means of a cryptographic system using keys
such that a Relying Party can determine: (1) whether the transformation was created using the
private key that corresponds to the public key in the signer’s digital certificate; and (2) whether
the message has been altered since the transformation was made.
Duration A field within a certificate that is composed of two subfields; “date of issue” and “date of next
issue”.
Encryption Certificate A certificate containing a public key that is used to encrypt electronic messages, files,
documents, or data transmissions, or to establish or exchange a session key for these same
purposes.
Glossary of Terms
(Ref: NIST SP 800-32 - Introduction to Public Key Technology and the Federal PKI Infrastructure)
Term Definition/Source
Key Escrow A deposit of the private key of a subscriber and other pertinent information pursuant to an escrow
agreement or similar contract binding upon the subscriber, the terms of which require one or more
agents to hold the subscriber's private key for the benefit of the subscriber, an employer, or other
party, upon provisions set forth in the agreement. [adapted from ABADSG, "Commercial key escrow
service"]
Key Exchange The process of exchanging public keys in order to establish secure communications.
Non-Repudiation Assurance that the sender is provided with proof of delivery and that the recipient is provided with
proof of the sender's identity so that neither can later deny having processed the data. [NS4009
Object Identifier (OID) A specialized formatted number that is registered with an internationally recognized standards
organization. The unique alphanumeric/numeric identifier registered under the ISO registration
standard to reference a specific object or object class. In the federal government PKI they are used
to uniquely identify each of the four policies and cryptographic algorithms supported.
Private Key (1) The key of a signature key pair used to create a digital signature. (2) The key of an encryption
key pair that is used to decrypt confidential information. In both cases, this key must be kept secret.
Public Key (1) The key of a signature key pair used to validate a digital signature. (2) The key of an encryption
key pair that is used to encrypt confidential information. In both cases, this key is made publicly
available normally in the form of a digital certificate.
Public Key A set of policies, processes, server platforms, software and workstations used for the purpose of
Infrastructure administering certificates and public-private key pairs, including the ability to issue, maintain, and
revoke public key certificates.
Glossary of Terms
(Ref: NIST SP 800-32 - Introduction to Public Key Technology and the Federal PKI Infrastructure)
Term Definition/Source
Registration Authority An entity that is responsible for identification and authentication of certificate subjects, but that
(RA) does not sign or issue certificates (i.e., a Registration Authority is delegated certain tasks on
behalf of an authorized CA).
Signature Certificate A public key certificate that contains a public key intended for verifying digital signatures rather
than encrypting data or performing any other cryptographic functions.
Subscriber A Subscriber is an entity that (1) is the subject named or identified in a certificate issued to that
entity, (2) holds a private key that corresponds to the public key listed in the certificate, and (3)
does not itself issue certificates to another party. This includes, but is not limited to, an individual
or network device
Trusted Certificate A certificate that is trusted by the Relying Party on the basis of secure and authenticated
delivery. The public keys included in trusted certificates are used to start certification paths. Also
known as a "trust anchor".
