The Research And Implementation Of The Security Technology Related To The Medical Information System

With the higher requirements of the healthcare industry and the rapid development of Computer and Network technology, the pace of Medical Information is increasing quickly. It's required that medical institutions use and share human resources and material resources enough, and form a highly efficient and convenient mode of the modern digital information management. The establishment and improvement of the regional coordination system on the medical service information will be an important part of medical information, meanwhile, the information security risk of the medical privacy data also tends to increase, which will affect people's trust in medical institutions and the service quality of medical institutions. So, Medical Information Security is an issue which needs considering and studying in order to pave the way for the medical information highly developed.Based on the in-depth study of the security risk of Medical Information System, the relative medical information standards, and Information Security Technology, this paper mainly researches the access control policy, the secure transport, selective encryption and selective digital signature of medical digital images based on DICOM (Digital Imaging and Communications in Medicine) Standard, and PKI (Public Key Infrastructure) Certificate Management. The access control policy uses role-based access control model to simulate the hospital's management, and takes the method of the permission-code mapping in presenting the corresponding relationships among permissions, roles and users by the code, which is that using the code can directly determine whether the user has some privilege. Under the policy, the privilege distribution system of Medical Information, which is permission-explicit, efficient and extendable based on role-based access control model, is implemented. The secure transport, selective encryption and selective digital signature of medical digital images based on DICOM respectively follow the secure transmission connection profile, the property confidentiality profile and the signature profile of Chapter 15 in DICOM. The implementation rules and workflows of TLS(Transport Layer Security Protocol)secure transport, selective digital signature and selective encryption based on DICOM are analyzed specifically, and with the DCMTK and OpenSSL toolkits, the TLS secure transport of the medical digital image based on DICOM is implemented, and with OpenSSL toolkit, a simple convenient PKI certificate management is implemented to meet the requirement of the information security of the medical information system.