Withdrawn Rationale:
This guide covers mechanisms that can be used to protect healthcare information which is being transmitted over networks using the Internet Protocol Suite (IPS). This includes the actual Internet itself, as well as corporate intranets constructed from off–the–shelf components implementing these protocols. An organization's security policy will determine when these mechanisms are used, based on risk analysis.
Formerly under the jurisdiction of Committee E31 on Healthcare Informatics, this guide was withdrawn in February 2009 in accordance with section 10.5.3.1 of the Regulations Governing ASTM Technical Committees, which requires that standards shall be updated by the end of the eighth year since the last approval date.
1. Scope
1.1 This guide covers mechanisms that can be used to protect healthcare information which is being transmitted over networks using the Internet Protocol Suite (IPS). This includes the actual Internet itself, as well as corporate intranets constructed from off-the-shelf components implementing these protocols. An organization's security policy will determine when these mechanisms are used, based on risk analysis.
1.2 The Internet Engineering Task Force (IETF) is defining security standards for use with the IPS. This guide covers the relevant standards and recommends, where needed, particular options (such as cryptographic transformations) to be used with the standards. Most standards referenced here are proposed standards issues as Request for Comments (RFC's). Some are in the draft stage, but are stable enough (and widely enough implemented) to be recommended for use at this time.
FIPS PUB 180-1 Secure Hash Algorithm
RFC 1510 Kerberos Authentication Service
RFC 1777 Lightweight Directory Access Protocol (v2)
RFC 1945 Hypertext Transfer Protocol
RFC 1964 Kerberos v5 GSS-API Mechanism
RFC 2246 The TLS Protocol Version 1.0
RFC 2251 Lightweight Directory Access Protocol (v3)
RFC 2401 Security Architecture for the Internet Protocol
RFC 2402 IP Authentication Header
RFC 2403 The Use of HMAC-MD5-96 within ESP and AH
RFC 2404 The Use of HMAC-SHA-196 within ESP and AH
RFC 2406 IP Encapsulating Security Payload (ESP)
RFC 2407 The Internet IP Security Domain of Interpretation for ISAKMP
RFC 2408 Internet Security Association and Key Management Protocol (ISAKMP)
RFC 2409 The Internet Key Exchange (IKE)
RFC 2411 IP Security Document Roadmap
RFC 2440 OpenPGP Message Format
RFC 2451 The ESP CBC-Mode Cipher Algorithms
RFC 2560 Internet X.509 Public Key Infrastructure Online Certificate Status Protocol
RFC 2630 Cryptographic Message Syntax
RFC 2631 Diffie-Hellman Key Agreement Method
RFC 2632 S/MIME Version 3 Certificate Handling
RFC 2633 S/MIME Version 3 Message Specification
RFC 2634 Enhanced Security Services for S/MIME
RFCs 1901-1910 Simple Network Management Protocol
Index Terms
internet; internet security; intranet; ICS Number Code 35.240.80 (IT applications in health care technology)
DOI: 10.1520/E2086-00
ASTM International is a member of CrossRef.
Citing ASTM Standards
[Back to Top]
