| With the development in an all-round way of the society and politics , economy , culture of our country, the health care trade is regarded as the basic trade closely related to national economy and people's lives, the paces of its information construction are accelerated day by day. It is the requirement that the hospital strengthens one's own management, and a requirement of improving working efficiency and making information more accurate that incorporate the computer to the routine and carry on essential management to the work of the hospital with the modernized management tool. Based on high-speed network, conforming all the medical information has already become the tendency of hospital development, such the software or the software functions as for instance the Hospital Information System(HIS), the Telemedicine System , hospitalizing online , etc. have been put into use successively .This inevitably will bring a series of question of information on network safety , for instance keeping the patient's illness case safety and holding dependability on hospitalizing online ,etc. With " the platform of Jinan Military Area Command general hospital integrate medical information " for the backing , this text have made the online security scheme suitable for this system.The thesis introduces the cryptology knowledge involving to the network security plan at first, then introduces the overall function and the network skeleton of this system. After the multianalysis to all kinds of the threat that faced, the paper makes a security plan suitable for this system. This plan involves to the physical security, the network security, and the operating system security as safely as the data security and data transmission security . For many fields in which there are a long time for developing and the technology quite mature, there are many product to supply, the project used some field-leading network security tools with a high cost performance ,which has been good after the practical application, after comparing with other ones. This article regard some themes as its main research content, which there are not ready-made product or there are ready-made product that are not suitable for the solution, such as the access control to core data in database and the long-distance transmission security for sensitive data.Regarding the access control of the core date in database, after analyzing three kinds of common access control model, the thesis adopt the main strategy ofRole-Based Access Control in this system, then frames the implementation proposal and the many kinds of roles set in the Oracle database .Regarding the data transmission security of the Telemedicine System and long-distance consultation with specialists, the thesis sets up a PKI safe system originally, the thesis chooses a third party organization for this system to offer the service with applying the certificate , announcing with the certificate and listing the invalid certificate. For the medical information system and the medical picture system , it proposes to realize the data transmission security through ensuring the data integrality , the privacy of the sensitive data and the data undeniably. It then provides a safety solution combining symmetrical encrypt algorithms , public key algorithm and hash algorithm, and choose OpenSSL as the encrypt library in C to encrypt the transmitting data in channel of SSL, and provide the key source code running in the server and the client. |
PDF Full Text Request