Standards
Back to Computerized System Standards

ASTM E1985 - 98(2013)


ASTM E1985 - 98(2013) Standard Guide for User Authentication and Authorization


Active Standard ASTM E1985 Developed by Subcommittee: E31.25 |Book of Standards Volume: 14.01

more info 5 pages $ 41.00
more info 5 pages $ 41.00

Historical (view previous versions of standard) ASTM License Agreement Shipping & Handling

More E31.25 Standards Related Products
Copyright/Permissions Standard References

ASTM E1985

Significance and Use

4.1 This guide has three purposes:

4.1.1 To serve as a guide for developers of computer software that provides or makes use of authentication and authorization processes,

4.1.2 To serve as a guide to healthcare providers who are implementing authentication and authorization mechanisms, and

4.1.3 To be a consensus standard on the design, implementation, and use of authentication and authorization mechanisms.

4.2 Additional standards will define interoperable protocols and message formats that can be used to implement these mechanisms in a distributed environment, using specific commercial technologies such as digital signatures.

1. Scope

1.1 This guide covers mechanisms that may be used to authenticate healthcare information (both administrative and clinical) users to computer systems, as well as mechanisms to authorize particular actions by users. These actions may include access to healthcare information documents, as well as specific operations on those documents (for example, review by a physician).

1.2 This guide addresses both centralized and distributed environments, by defining the requirements that a single system shall meet and the kinds of information which shall be transmitted between systems to provide distributed authentication and authorization services.

1.3 This guide addresses the technical specifications for how to perform user authentication and authorization. The actual definition of who can access what is based on organizational policy.


2. Referenced Documents (purchase separately) The documents listed below are referenced within the subject standard but are not provided as part of the standard.

ASTM Standards

E1762 Guide for Electronic Authentication of Health Care Information

PS100 Provisional Specification for Authentication of Healthcare Information Using Digital Signatures

Other Standards

ECMA1-219 Authentication and Privilege Attribute Security Applications with Related Key Distribution Functions Available from ECMA International, Rue du Rhone 114, CH, 1204, Geneva.

FIPS PUB 112 Password Usage Available from National Technical Information Service, U.S. Department of Commerce, Springfield, VA. http://csrc.nist.gov or www.ntis.gov.

ANSI Standard

X9.45 Enhanced Management Controls Using Digital Signatures and Attribute Certificates Available from American National Standards Institute, 11 W. 42nd St., 13th Floor, New York, NY 10036.


Keywords


ICS Code

ICS Number Code 35.240.80 (IT applications in health care technology)


DOI: 10.1520/E1985-98R13

ASTM International is a member of CrossRef.

Citing ASTM Standards

[Back to Top]
Standards Tracker

Standards Subscriptions



Back to Computerized System Standards