Medical network as connecting Hospital Information Systems are needed in order to exchange, compare and make accessible data. The use of OSI standard communication protocols (open-network environment) will allow to interconnect multiple vendor systems and to accommodate a wide range of underlaying of communication technologies.
The security of information on a given host may become dependent of the security measures employed by the network and by other hosts. Computer viruses modifies the executable code and thrive in network environment filled with personal computers and third-party software. Most networks and computers, permit users to share files; this, let the viruses to bypass the security mechanisms of almost every commercial operating system. However, computer viruses ares not the only threat to the information in a network environment. Other as deliberate (passive attacks -wire-tapping-) and accidental threat (unauthorized access to the information) are potential risks to the security information. Cryptographic techniques that now are widely used can resolve the external security problems of the network and improve the internal security ones.
This paper begins describing the threats to security that arise in an open-network environment, and goes to establish the security requirements of medical communication networks. This is followed by a description of security services as: confidentiality, integrity, authentication, access control, etc., that will be provided to include security mechanisms in such network. The integration of these security mechanisms into the communication protocols allows to implement secure communication systems that not only must provide the adequate security, but also must minimize the impact of security on other features as for example the efficiency.
The remainder of the paper describes how the security mechanisms are formed using current cryptographic facilities as algorithms, one-way functions, cryptographic systems (symmetric and asymmetric), etc. Emphasis is placed on the method to obtain these mechanisms. We will obtain several mechanisms of varying strength for the provision of each security service. Finally, the security mechanisms are structured into several mutually related areas of network security and are presented in a formal form.