The diagram below shows the actors directly involved in CA:Sec and the relevant transactions between them.

The table below lists the transactions for each actor directly involved in CA:Sec.

To claim compliance with CA:Sec, an actor shall support all required transactions (labeled "R")

Actors

Transactions

Optionality

Secure Application

Authenticate Node [ITI-19]

R

Actor Descriptions and Requirements

Secure Application

A Secure Application provides security and privacy services (user authentication, secure communications, security audit recording, and security policy enforcement) for both grouped IHE actors and for functionality provided by related software and services within control of the Secure Application. Generally, the responsibilities of a Secure Application do not include the security of its environment, e.g., the operating system and database outside of its control. A smartphone app is an example of a Secure Application that has control over the security for the application, but not for the rest of the mobile device software or hardware.

Note that a Secure Application actor is inclusive of clients or servers, thus a Secure Application actor can represent a server agent running on a cloud platform.

A special case of a Secure Application is a Secure Node, that has complete control over the full stack from hardware to user interface and external communications. An ultrasound machine is an example of a Secure Node.

The Secure Application shall:

  1. Use the Authenticate Node transaction for all network connections to or from the application that may expose private information as specified in Authenticate Node [ITI-19].
  2. Provide sufficient authentication methods to ensure that only authorized users access the Secure Application.
  • No labels