ISO INTERNATIONAL STANDARD 17090-1 Third edition 2021-02 Health informatics - Public key infrastructure Part 1: Overview of digital certificate services Informatiquede sante-Infrastructure decle publique- Partie 1: Vue d'ensemble des services de certificat numerique Reference number ISO 17090-1:2021(E) ISO @IS0 2021 IS0 17090-1:2021(E) COPYRIGHTPROTECTEDDOCUMENT IS02021 All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may below or ISo's member body in the country of the requester. ISO copyright office CP 40i : Ch. de Blandonnet 8 CH-1214 Vernier, Geneva Phone: +41 22 749 01 11 Email: [email protected] Website: www.iso.org Published in Switzerland ii IS02021-Allrights reserved IS0 17090-1:2021(E) Contents Page Foreword V Introduction. vi 1 Scope. .1 2 Normativereferences .1 3 Terms and definitions. .1 3.1 Healthcarecontextterms 1 3.2 Security services terms. 3 3.3 Public key infrastructure related terms 6 4 Abbreviations. .9 5 Healthcare context .9 5.1 Certificateholders and relying parties in healthcare .9 5.2 Examples ofactors .10 5.2.1 Regulated healthprofessional .10 5.2.2 Non-regulated healthprofessional .10 5.2.3 Patient/consumer. .10 5.2.4 Sponsored healthcare provider .10 5.2.5 Supportingorganizationemployee 10 5.2.6 Healthcare organization. 10 5.2.7 Supportingorganization .11 5.2.8 Devices.. 11 5.2.9 Applications .11 5.3 Applicability of digital certificates to healthcare. .11 Requirements for security services in healthcare applications .12 6.1 Healthcare characteristics 12 6.2 Digital certificate technical requirements in healthcare. .12 6.2.1 General. 12 6.2.2 Authentication 13 .13 6.2.3 Integrity.. 6.2.4 Confidentiality .13 6.2.5 Digital signature 13 6.2.6 .13 Authorization 6.2.7 .13 Access control 6.3 Healthcare-specific needs and the separation of authentication from data .14 encipherment 6.4 Health industry security management framework for digital certificates. .14 6.5 Policy requirements for digital certificate issuance and use in healthcare .14 Public key cryptography .14 7.1 Symmetricvs.asymmetriccryptography ..14 7.2 Digital certificates. .15 7.3 Digital signatures .15 7.4 Protecting the private key .16 8 Deployingdigital certificates. .17 8.1 Necessary components 17 8.1.1 General. 17 8.1.2 CP 17 8.1.3 CPS. .17 8.1.4 CA. .17 8.1.5 .17 RA 8.2 Establishing identity using qualified certificates. .18 8.3 Establishing speciality and roles using identity certificates .18 8.4 Using attribute certificates for authorization and access control .19 @ IS0 2021 - All rights reserved iii