Changes between Version 8 and Version 9 of security/electronic_signatures
- Timestamp:
- Feb 28, 2013, 6:28:09 PM (12 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
security/electronic_signatures
v8 v9 283 283 I didn't write example code for Radiology/Nuclear Medicine as I don't have test data in that package. 284 284 285 Once the new algorithm is in use, to reuse an example presented above, here is what to expect if the document is tampered with: 286 Original Signature: 287 {{{ 288 /es/ DOCTOR MCDUCK, MD 289 ENT PHYSICIAN 290 Signed: 02/27/2013 09:34 291 }}} 292 293 After tampering with the document 294 {{{ 295 /es/ bad decrypt 296 bad decrypt 297 Signed: 02/27/2013 09:34 298 }}} 299 300 285 301 == Impact on the rest of VISTA == 286 302 Analysis of the impact will take two phases: That of the Hash and that of the change in encryption. … … 371 387 Casting these issues aside, there is one way in which encryption can be strengthened: basing it on a hardware token. You will need one of these for each server, but this ensures that the encrypted data will be unreadable outside the machine at which it was encrypted. 372 388 373 It's best to know what attack vectors to protect against. The biggest security risks are internal. External protection of the entire database can be done using full database encryption.389 It's best to know what attack vectors to protect against. The encryption system here is not designed to hide the data; rather only detect if it has been tampered with outside of the official APIs. 374 390 375 391 = Appendix 1: How does TIU encrypt the signature blocks = 392 TIU encrypts these fields in file TIU DOCUMENT (#8925) 393 {{{ 394 1503 SIGNATURE BLOCK NAME 395 1504 SIGNATURE BLOCK TITLE 396 1509 COSIGNATURE BLOCK NAME 397 1510 COSIGNATURE BLOCK TITLE 398 }}} 399 400 The encryption and decryption are done seamlessly in Fileman. Because of that, an end user and even an API programmer will not even detect that it exists. 401 402 The input transform for each field is responsible for the encryption. It looks like this: 403 {{{ 404 S X=$$ENCRYPT^TIULC1(X,1,$$CHKSUM^TIULC("^TIU(8925,"_+DA_",""TEXT"")")) K:$L(X)>120!($L(X)<3) X 405 }}} 406 407 The output transform for each field is responsible for decryption. It looks like this: 408 {{{ 409 S Y=$$DECRYPT^TIULC1(Y,1,$$CHKSUM^TIULC("^TIU(8925,"_$S(+$G(DA):+DA,+$G(D0):+D0,1:"")_",""TEXT"")")) 410 }}} 411 412 The algorithm is simple: Encrypt and decrypt based on a vector of the checksum of the text. If the text changes, the originally computed encrypted string won't be decrypted successfully.
