DICOM PS3.15 2024d - Security and System Management Profiles

C.4 Structured Report RSA Digital Signature Profile

This profile defines a mechanism for adding Digital Signatures to Structured Reports or Key Object Selection Documents where there is no more than one Verifying Observer. Instances that follow this Digital Signature Profile shall include at least one Digital Signature at the top level of the Data Set.

All Digital Signatures that follow this profile shall include a Digital Signature Purpose Code Sequence Attribute (0400,0401).

As a minimum, an implementation shall include the following Attributes in generating the Digital Signature required by this profile:

  1. the SOP Class UID

  2. the Study and Series Instance UIDs

  3. all Attributes of the General Equipment Module that are present

  4. the Current Requested Procedure Evidence Sequence

  5. the Pertinent Other Evidence Sequence

  6. the Predecessor Documents Sequence

  7. the Observation DateTime

  8. all Attributes of the SR Document Content Module that are present

If the Verification Flag is set to "VERIFIED" (and the SOP Instance UID can no longer change) at least one of the Digital Signatures profile shall have the purpose of (5, ASTM-sigpurpose, "Verification Signature") and shall also include the following Attributes in addition to the above Attributes:

  1. the SOP Instance UID

  2. the Verification Flag

  3. the Verifying Observer Sequence

  4. the Verification DateTime

Note

The system may also add a Creator RSA Digital Signature, which could cover other Attributes that the machine can verify.

All occurrences of Referenced SOP Instance MAC Sequence (0400,0403) shall have the Value of MAC Algorithm (0400,0015) set to either "RIPEMD160", "MD5", "SHA1", "SHA256", "SHA384" or "SHA512"..

The Digital Signature shall be created using the methodology described in the Base RSA Digital Signature Profile. The Application Entity shall determine the identity of the signatories and obtain their certificate through an application-specific procedure such as a login mechanism or a smart card. The conformance statement shall specify how the application identifies signatories and obtains certificates.

Note

Structured Report RSA Digital Signatures bear no direct relationship to other Digital Signatures. However, other Digital Signatures, such as the Creator RSA Digital Signature, may be used to corroborate the timestamp of a Structured Report RSA Digital Signature.

DICOM PS3.15 2024d - Security and System Management Profiles