1 / 50

Internet

Among Internet protocols, e-mail plays a relevant role in interpersonal ... the association is declared inside a certificate, digitally signed by the CA ...

PamelaLan
Download Presentation

Internet

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    Slide 1:Internet in (Tele)Medicine & Data Security issues

    Vincenzo Della Mea Dept. of Pathology, University of Udine dellamea@dimi.uniud.it VI CATAI Summer Course Athens, Greece, October 1998

    Slide 2:SUMMARY

    The Internet Basic concepts E-mail Mailing lists and newsgroups WWW Security Cryptography Certification Internet and (Tele)medicine

    Slide 3:The Internet is...

    Physically: a collection of networks Technically: a collection of common, standard, machine-independent protocols Socially: An attitude to intercommunicate

    Slide 4:Why to use the Internet?

    it is cheap it is widely available it is easy it is already used for other tasks

    Slide 5:Internet capabilities

    Basic Protocols Personal communications: E-Mail Group collaborations: Newsgroups, mailing lists, web-based discussion groups Dissemination of information: World Wide Web

    Slide 6:Basic Concepts

    four-layer set of protocols each connected computer is designated by a 32-bit number a port number is also associated to each connection TCP/IP are connectionless protocols information is transferred in packets client/server paradigm

    Slide 7:An application protocol defines commands and formats for the exchange of messages of any size between two computers. TCP manages connection-oriented streams of data, by multiplexing the message into datagrams, reassembling them at the other end, and sending again lost data. IP is responsible for routing individual datagrams. IP finds a route for the datagram after adding its own header to it. Common interface to the physical media where data are carried. The most diffused one is Ethernet.

    Communication Layers

    Slide 8:Security Considerations

    Secure Socket Layer (SSL): data encryption on the sockets layer for secure low-level communications, with server authentication, encryption of data in transit, and optional client authentication. Network firewalls: for protecting one network from another untrusted network, by means of, traffic blockage, traffic permission, and tracing. Proxies: high-level applications which act as a gateway between specific applications and the network; this allows to filter and log traffic. Future evolutions in IPng

    Slide 9:Quality of Service

    IP does not provide any guarantee on the delivery of datagrams; this means that information can be lost during transmission. TCP implements quality of service by automatically resending lost datagrams. Currently there aren't guarantees on performance, as well as on priority of messages (but they will be introduced with IPv6). Use of Intranets may allow some QoS guarantee.

    Slide 10:Personal Communications through E-mail

    Among Internet protocols, e-mail plays a relevant role in interpersonal communications on the Internet. Being telemedicine a particular form of dialogue between distant actors, electronic mail may be adopted as a mean for carrying out such dialogue, under precise constraints and with some limitation. Store-and-forward communications

    Slide 11:Basic e-mail protocols

    Store-and-forward transmissions Communication protocol: SMTP, Simple Mail Transfer Protocol Message format: RFC822 (plain text messaging) Protocols for message retrieval: POP3, IMAP4

    Slide 12:E-mail basic protocols

    CLIENT SERVER SMTP POP3, IMAP4 MUA SMTP server; POP server; IMAP4 server; ... outgoing messages ingoing messages

    Slide 13:Message Format

    RFC822 comprises a header with a series of fields, including among other information: sender, recipient, subject, date and the message body given by pairs field:value. Some of these fields are automatically filled by the MUA, some by the user, and finally some by the SMTP server. A user address is designated as follows: user.name@domain.org

    Slide 14:Multimedia E-mail

    MIME (Multipurpose Internet Mail Extensions) internal organization of the message body, and methods for encoding binary data. seven content types: text, multipart, application, message, image, audio, video. the multipart type allows to combine several body parts, also nested and of different type. Standard subtypes: image/jpeg, image/gif, etc. Content-Transfer -Encoding header field: specifies how data are encoded (usually with Base64).

    Slide 15:Security considerations

    Plain e-mail: no privacy of data (readable during all the path between sender and recipient) A recent proposal introduces PEM (Privacy Enhanced Mail) as a natural use of MIME capabilities (through multipart/signed and multipart/encrypted) PGP (Pretty Good Privacy): a DES-based software for PEM, current de-facto standard for personal private communications No standard, diffused implementations No easy way to have certification

    Slide 16:Quality of Service

    E-mail protocols provide for a very accurate range of services, including automatic retry in sending messages with configurable frequence and for a configurable amount of time; different levels of user notification, are available for any failure that can occur. Performance control is not specified, also because the intrinsically asynchronous nature of e-mail makes it less sensitive to delays.

    Slide 17:Newsgroups

    Apparently topic-based public discussion groups based on NNTP protocol very useful for some exchange of information (i.e. the Linux project) in the reality, not very focussed New problem: SPAM

    Slide 18:Mailing lists

    distribution lists based on e-mail sometimes there is a moderator better focussed than newsgroups Our experience: we are running ITAPAT, the mailing list of italian pathologists

    Slide 19:Security considerations

    A main issue is related to the identity of senders: messages can be forged as coming from recognised individuals or institutions, thus inducing trust on readers. Currently no technical solutions are available. Mailing lists are based on e-mail protocols, and thus can rely on these for introducing privacy and security. In addition, moderators and selected subscriptions can reduce noise on information and presence of unauthorized people. Spam

    Slide 20:Quality of Service

    News servers are public services, whose policies are left to the server' owner. Message exchanges occur among servers with a certain time delay that can produce some differences in the content of the servers in a certain time. The content quality can be ensured only by moderation. Mailing lists are based on e-mail, thus inheriting from it quality and perfomance. The content quality can be ensured mainly by moderation on content and on subscribers selection.

    Slide 21:World Wide Web

    Distributed Hypermedia on the Internet through a transfer protocol: HTTP (Hypertext Transfer Protocol) can include any file format the basic one is HTML (HyperText Markup Language) other standards are GIF, JPEG, MPEG

    Slide 22:HTML (Hypertext Markup Language)

    An HTML document is a plain text file containing text interspersed with tags. Usually the tags (which are commands) may be nested. Tags: <tag_name>text</tag_name> <tag_name attribute1=value1 ... attributeN=valueN> text </tag_name> <tag_name> Sample document: <html> <head> <title>This is an HTML document </title> </head> <body> ... </body> </html>

    Slide 23:An example

    <HTML>><HEAD> <TITLE>This is the title</TITLE> </HEAD> <BODY BGCOLOR=White> <H1>Main Header</H1> <H2>2nd header</H2> This is a list: <UL><LI> one <LI> two <LI> three</UL> This is a table: <TABLE BORDER> <TR><TD><B>bold</B> <TD><I>italic</I> <TD><I><B>both...</B></I><TR> <TD><FONT SIZE=5>higher font</FONT> <TD>try to click <A HREF=“link.html”>here</A>... <TD>This is an image <BR> <IMG SRC=“img.gif”></TABLE> </BODY></HTML>

    Slide 24:HTTP

    Basic file transfer aimed at WWW: GET, POST, HEAD Clients able to display images and video PUSH method for live video

    Slide 25:WWW: Ease of use

    WWW clients: unified interface for the most used protocols on the Internet (HTTP, FTP, E-mail, News, ...) WWW currently accounts for the most part of traffic on the Internet Sometimes, too much traffic to guarantee the quality of service

    Slide 26:Security considerations/1 Security risks on the World Wide Web

    Server side security risks, including: Unauthorized access to private or confidential documents; Availability of information about the server's host machine; Bugs that allow active intruders to execute commands on the server's host machine; "Denial of service" attacks. Client-side security risks, including: virus-like active content of web pages; Unauthorized access to personal user information. Network security risks, including: Interception by intruders of private or confidential information sent by the remote user to the server. (e.g. credit card information); Interception by intruders of private or confidential information sent by the server to the remote user.

    Slide 27:Security considerations/2 Solutions

    through SSL (Secure Socket Layer) HTTP+SSL = HTTPS (secure servers) Electronic commerce will find the global solution (SET, Cybercash, OpenMarket) USA restrictions in exporting encryption software is delaying the diffusion of security tools

    Slide 28:Quality of Service

    Currently no guarantees are available on WWW performance. This is particularly important because WWW applications, which involve multimedia communications, are sensitive to delays in the user interface, which is based on remote data and images. Content quality control is left to content providers, although some development is coming in this direction, such as PICS. Medical content: often unaffordable, evaluation mechanisms are being studied

    Slide 29:Other features

    FTP, one of the first Internet protocols, allows the exchange of files between different computers connected to the Internet. Telnet is the virtual terminal protocol in the Internet set of protocols. It allows users of one host to log into a remote host and interact as normal terminal users of that host. Gopher is a distributed document search and retrieval protocol, that allows the hierarchical organisation of documents across different machines on the net.

    Conferencing systems CU-SeeMe, Netscape CoolTalk, Microsoft NetMeeting These systems offer different types of conferencing and collaboration: CU-SeeMe is a public domain software developed by the Cornell University with videophone performance (that is up to 320x240, 16 grey levels and audio), while Cooltalk and NetMeeting are collaboration software.

    Slide 31:MBONE

    Multicast backBONE experimental virtual network superimposed upon the Internet. efficient real-time distribution of data to multiple destinations using IP multicast. Limitations of the current Internet restrict the quality of received audio and video

    Slide 32:IPv6 -or IPng- is a new version of IP, that introduces a number of enhancements: designed to run on high performance networks as well as on low bandwidth networks; addressing and routing issues a larger address space (128 bit addresses) autoconfiguration capabilities simplified IP packets native security Multicast and anycast features "Quality of service" functions

    New Developments: IPng

    Slide 33:Security

    Problems: authentication integrity privacy non-repudiation Cryptography secret-key public-key Certification hierarchies

    Slide 34:Public key cryptography

    M: private key, Y: public key, X: message, Encode(Key,Data), Decode(Key, Data) Decode (Y, Encode(M, X)) = Decode (M, Encode(Y, X)) = M F(M)=Y and F-1(Y)=M: computationally hard To be sure you are receiving the message from ME: I: Encode(M, X) -> Z You: Decode(Y, Z) To be sure your message is read only by ME: You: Encode(Y, X) -> Z I: Decode(M, Z)

    Slide 35:Certification infrastructure

    Communication between: users user and system systems when users or systems from different communities want to communicate, someone is needed to guarantee reciprocal trust: is that public key really held by the user I want to speak with? external (trusted) entities can carry out this task, exactly as the notary do

    Slide 36:Certification Authority (CA)

    an entity which guarantee for the association between public keys and user/system identity the association is declared inside a certificate, digitally signed by the CA the sender which wants to communicate sends his certificate to the recipient the recipient can decide if the CA which signed the certificate is trusted or not, and thus the sender.

    Slide 37:Who certifies the CA? A hierarchy of CAs

    CAs are useful mainly when communicating between unknown communities; thus some way of ensuring trust in CAs is needed the solution is a hierarchy of CAs, where each level certifies the lower, down to the user/system the top level CA is called Policy CA: it establishes the rules all Cas should respect, to be part of the hierarchy

    Slide 38:CA Policy

    identity validation privacy statements certificate emission certificate revocation ...

    Slide 39:Certificates

    Standard format: X.509 (v1-v3) Information inside the certificate: version number serial number signature info issuer validity period subject public key info certificate signature

    Slide 40:Examples

    SENDER Web client encrypt with encrypted form data Email user encrypt with encrypted message encrypt with private key public key RECEIVER HTTP server public key decrypt with private key Email user public key decrypt with private key signed message decode with

    Slide 41:European directions

    ICE-TEL (Interworking public-key Certification Infrastructure for Europe) 1995 - 1997 ICE-CAR (Interworking public-key Certification Infrastructure for Europe for Commerce, Applications and Research) 1997 -

    Slide 42:Medicine...

    is based on many kinds of communication: textual visual spoken expert knowledge is spreaded around the world gains power from easy and wide communication: for diagnostic practice for scientific purposes for teaching aims

    Slide 43:Medical Doctors communicate...

    For diagnostic aims: in the same field, with traditional means (mail, phone) all around the world to reach the right expert in different fields, with written reports (e.g. other examinations) (often inside the hospital) For scientific aims: through conferences in scientific journals For teaching aims: usings books (often with many pictures) using slides usingdirect examinations

    Slide 44:Basic needs

    The physician works with communication: easy and quick use of instruments medical information is multimedia: not only text or voice medical data are often patient’ private data: no public access to them

    Slide 45:Medical uses of e-mail

    among physicians consultation diagnosis continuous education between physician and patient test results and interpretations medication instructions anagraphical data exchange

    Slide 46:Medical uses of newsgroups and mailing lists

    scientific aims continuous education collaborative diagnosis

    Slide 47:Medical uses of WWW Applications

    multimedia for undergraduate and postgraduate education; multimedia for continuing education through: networked implementation of CME credit mat erials; WWW access to medical databases (for ease of use) interface for remote access to databases such as Medline, Genbank etc. Multimedia for patient information and education

    Slide 48:Medical uses of WWW Problems

    Information published on the WWW can reach a wide number of readers; no way for characterizing the quality of WWW information is currently available; the user can equally access correct as well as incorrect information: Incorrect: misinformation and fraud. Correct: ethical problems due the different perception that physicians and patients have about a medical topic (e.g. researches on cancer treatments).

    Slide 49:Internet problems

    The Internet interconnects scientific as well as commercial and entertainment networks. Consequences: almost all scientific institutions are connected, thus also many hospitals, and this is a great incentive for its use in telemedicine. As more people use the Internet, as slower and insecure become communications, and this possibly dissuades from its use for telemedicine. Currently it is difficult to carry out realtime tasks on the Internet

    Slide 50:Internet in Medicine: Is it Telemedicine?

    in the broad sense of telemedicine, yes a widely used mean gives many additional problems Is the Internet adequate for medical uses? a recent estimation accounted medical exchanges for about 25% of the Internet traffic... growing.

More Related