DICOM PS3.15 2024b - Security and System Management Profiles

3 Definitions

For the purposes of this Standard the following definitions apply.

3.1 Reference Model Definitions

This Part of the Standard makes use of the following terms defined in [ISO 7498-1]:

Application Entity

See [ISO 7498-1].

Protocol Data Unit

See [ISO 7498-1].

Transport Connection

See [ISO 7498-1].

3.2 Reference Model Security Architecture Definitions

This Part of the Standard makes use of the following terms defined in [ISO 7498-2]:

Data Confidentiality

See [ISO 7498-2].

Note

The definition is "the property that information is not made available or disclosed to unauthorized individuals, entities or processes."

Data Origin Authentication

See [ISO 7498-2].

Note

The definition is "the corroboration that the source of data received is as claimed."

Data Integrity

See [ISO 7498-2].

Note

The definition is "the property that data has not been altered or destroyed in an unauthorized manner."

Key Management

See [ISO 7498-2].

Note

The definition is "the generation, storage, distribution, deletion, archiving and application of keys in accordance with a security policy."

Digital Signature

See [ISO 7498-2].

Note

The definition is "Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of that unit and protect against forgery e.g., by the recipient."

3.3 ACSE Service Definitions

This Part of the Standard makes use of the following terms defined in [ISO 8649]:

Association

See [ISO 8649].

3.4 Security Definitions

This Part of the Standard makes use of the following terms defined in [ECMA 235]:

Security Context

See [ECMA 235].

Note

The definition is "security information that represents, or will represent a Security Association to an initiator or acceptor that has formed, or is attempting to form such an association."

3.5 DICOM Introduction and Overview Definitions

This Part of the Standard makes use of the following terms defined in PS3.1:

Attribute

See Attribute in PS3.1 .

Service Object Pair Class (SOP Class)

See Service-Object Pair Class in PS3.1 .

3.6 DICOM Conformance Definitions

This Part of the Standard makes use of the following terms defined in PS3.2:

Security Profile

See Security Profile in PS3.2 .

3.7 DICOM Information Object Definitions

This Part of the Standard makes use of the following terms defined in PS3.3:

Module

See Module in PS3.3 .

3.8 DICOM Service Class Definitions

This Part of the Standard makes use of the following terms defined in PS3.4:

Service Class

See Service Class in PS3.4 .

Service-Object Pair Instance (SOP Instance)

See Service-Object Pair Instance in PS3.4 .

3.9 DICOM Communication Support Definitions

This Part of the Standard makes use of the following terms defined in PS3.8:

DICOM Upper Layer Service

See DICOM Upper Layer Service in PS3.4 .

3.10 DICOM Security Profile Definitions

The following definitions are commonly used in this Part of the DICOM Standard:

Secure Transport Connection

A Transport Connection that provides some level of protection against tampering, eavesdropping, masquerading.

Message Authentication Code

A digest or hash code derived from a subset of Data Elements.

Certificate

An electronic document that identifies a party and that party's public encryption algorithm, parameters, and key. The Certificate also includes, among other things, the identity and a digital signature from the entity that created the certificate. The content and format of a Certificate are defined by ITU-T Recommendation X.509.

3.11 DICOM Data Structures and Encoding

This Part of the Standard makes use of the following terms defined in PS3.5:

Data Set

See Data Set in PS3.5 .

DICOM PS3.15 2024b - Security and System Management Profiles