Certain embodiments of the present invention relate to accessing a DICOM server to retrieve or store digital medical images. More particularly, certain embodiments of the present invention relate to a system and method to reduce the security burden of a DICOM server.
Digital Imaging and Communications in Medicine (DICOM) is a well-known standard for transferring images and associated information between devices manufactured by various vendors. Typically, a DICOM server is used to store, organize, and manage medical images. Various external systems may desire to communicate with a DICOM server to store images to the DICOM server and/or to retrieve images from the DICOM server by submitting image requests to the DICOM server.
However, in order to protect patient sensitive information and to comply with certain HIPPA (Health Insurance Portability and Accountability Act) requirements, security measures are used by the DICOM server to prevent unauthorized access to the DICOM server. The DICOM server typically implements a security policy in accordance with a standard security policy format as defined by the DICOM standard to authorize access. The security policy format stores an application entity title (AE_title), and IP address, and a port number associated with each authorized external system as part of the security policy on the DICOM server.
Unfortunately, the DICOM standard security policy format becomes inefficient and difficult to maintain as the number of authorized external systems becomes larger. In other words, the current DICOM standard is not sufficient to handle security for a relatively large number of requesting entities.
Further limitations and disadvantages of conventional, traditional, and proposed approaches will become apparent to one of skill in the art, through comparison of such systems and methods with the present invention as set forth in the remainder of the present application with reference to the drawings.
Certain embodiments of the present invention provide a system to submit image requests to a DICOM server. An image request may comprise a request to store an image or a request to retrieve an image. The system comprises a data manager operationally interfacing between a plurality of computer-based platforms and a DICOM server. The data manager administers a first security policy such that, when any of the computer-based platforms send an image request, the data manager determines if the requesting computer-based platform is authorized, as defined by the first security policy, to access images from or submit images to the DICOM server. The data manager sends authorized image requests to the DICOM server. The DICOM server administers a second security policy to determine if the data manager is authorized to access images from or submit images to the DICOM server. As a result, the data manager acts as a security gateway for the DICOM server. That is, the second security policy of the DICOM server does not have to deal with each individual requesting computer-based platform of the plurality of computer-based platforms since the first security policy of the data manager deals with each individual requesting computer-based platform. The system may further include additional data managers, in accordance with various embodiments of the present invention, operationally interfacing between the DICOM server and other pluralities of computer-based platforms. As a result, the second security policy of the DICOM server only has to deal with authorizing the data managers, not the pluralities of computer-based platforms. Each data manager administers its own security policy. In accordance with various embodiments of the present invention, any data manager may operationally interface to a corresponding plurality of computer-based platforms via a network such as, for example, a local area network (LAN) or a wide area network (WAN). Similarly, any data manager may operationally interface to the DICOM server via a network such as, for example, a WAN, a global information network (e.g., the Internet), or a LAN.
Certain embodiments of the present invention comprise a method to submit image requests to a DICOM server. The method comprises receiving an image request at a data manager from a requesting computer-based platform. As a further step in the method, the data manager administers a first security policy to determine if the requesting computer-based platform is authorized to access images from or submit images to the DICOM server. If the data manager determines that the requesting computer-based platform is authorized, then as another step in the method, the data manager sends the image request to the DICOM server. As still a further step in the method, the DICOM server administers a second security policy to determine if the data manager is authorized to access images from or submit images to the DICOM server. In accordance with various embodiments of the present invention, the data manager may receive many image requests from a plurality of requesting computer-based platforms. The first security policy of the data manager handles authorization of the plurality of requesting computer-based platforms. As a result, the DICOM server is relieved of having to deal with authorizing the plurality of requesting computer-based platforms. In accordance with various embodiments of the present invention, the second security policy of the DICOM server may be used to authorize more than one data manager where each data manager uses its own security policy to authorize a unique plurality of requesting computer-based platforms.
These and other advantages and novel features of the present invention, as well as details of an illustrated embodiment thereof, will be more fully understood from the following description and drawings.
Each of the first plurality of computers 130 may include any processor-based platform such as, for example, a personal computer (PC), a work-station, or an imaging machine. The first data manager 120 operationally interfaces (wired or wirelessly) to the first plurality of computers 130 via a local area network (LAN) 150. The first data manager 120 operationally interfaces to the DICOM server 110 (wired or wirelessly) via a wide area network (WAN) or a global informational network 160 such as, for example, the Internet.
In accordance with various embodiments of the present invention, the system 100 may include additional data managers (e.g., data managers 2 to N) each operationally interfacing to a unique plurality of computers (e.g., K1 to Km). Each additional data manager operationally interfaces to the DICOM server 110 via the WAN or global informational network 160. Each data manager administers a security policy for authorizing the plurality of computers associated with each data manager. The DICOM server 110 administers a security policy only for authorizing the various data managers. As a result, the DICOM server 110 is not burdened with having to administer a security policy for all of the plurality of computers that may try to access images from or store images to the DICOM server 110.
In accordance with various embodiments of the present invention, the data managers follow DICOM protocols to communicate with the DICOM server. However, DICOM protocols may or may not be followed for communication between the plurality of computer-based platforms and the data managers.
Similarly,
As an example,
The table 410 represents the security policy for the data manager #1 (DM #1) 120. The security policy 410 of the data manager #1 (DM #1) 120 is based on a user name and password scheme. Other security policy schemes are possible as well, in accordance with various embodiments of the present invention. Only those computers listed in the table 410 can be authorized by the DM #1120 to submit image requests to the DICOM server 110. As can be seen in the table 410, of the ten computers C1-C10, computers C3 and C7 are not listed in the table 410. Therefore, computers C3 and C7 cannot be authorized to access images from or submit images to the DICOM server 110 via the data manager #1120. Also, in order for any of the listed computers C1, C2, C4, C5, C6, C7, C8, C9, and C10 to be authorized by the data manager #1120 when submitting an image request, that requesting computer must provide the correct user name and password, as defined in the table 410 in order for the data manager #1120 to authorize that requesting computer.
The table 420 represents the security policy for the DICOM server 110. Only those data managers listed in the table 420 can be authorized by the DICOM server 110. As can be seen in the table 420, of the four data managers DM #1 to DM #4, data manager DM #3 is not listed in the table 420. Therefore, DM #3 cannot be authorized to access images from or submit images to the DICOM server 110. Also, in order for any of the listed data managers DM #1, DM #2, and DM #4 to be authorized by the DICOM server 110 when submitting an image request, that requesting data manager must provide the correct application entity title (AE_title), IP_address, and port number (port #), as defined in the table 420 in order for the DICOM server 110 to authorize that requesting data manager. However, other DICOM security policies are possible as well, in accordance with other embodiments of the present invention, as the DICOM standard changes.
As can be seen by the previous example, the DICOM server 110 only has to handle a security policy for the three data managers (DM #1, DM #2, DM #3) and not for the plurality of computers associated with the four data managers that may try to request an image from or submit an image to the DICOM server 110. Such a system 100 and methods 200 and 300 reduce the number of entitites (i.e., processor-based platforms) that need to be stored in the table 420 and also reduces the number of image requests to the DICOM server 110 that have to be checked for authorization by the DICOM server 110. In other words, most of the security policy burden is distributed over the four data managers (DM #1-DM #4), thus relieving the burden on the DICOM server 110.
The DICOM server security policy 420 is in accordance with the DICOM format. The data manager security policy 410 may use a user name/password implementation or may use any other type of security implementation that is deemed appropriate by the corresponding LAN administrator.
In accordance with an embodiment of the present invention, a security policy administered by a data manager can be implemented on the data manager. In accordance with a first alternative embodiment of the present invention, a security policy administered by a data manager may involve the data manager accessing a separate data base to access and administer the security policy. In accordance with a second alternative embodiment of the present invention, a security policy administered by a data manager may involve the data manager using an existing security LAN security policy (e.g., user_name/password security policy of the LAN).
In accordance with a third alternative embodiment of the present invention, a security policy administered by a data manager may involve the data manager relying on a security policy of a LAN which the data manager is an operational part of. For example, if a computer can access the LAN, which the data manager is an operational part of, then the data manager considers the computer authorized (e.g., relying on active directory permission).
Each of the first plurality of computers 530 may include any processor-based platform such as, for example, a personal computer (PC), a work-station, or an imaging machine. The first data manager 520 operationally interfaces (wired or wirelessly) to the first plurality of computers 530 via a local area network (LAN) 550. The first data manager 520 operationally interfaces to the DICOM server 510 (wired or wirelessly) via a first wide area network (WAN) 560.
In accordance with various embodiments of the present invention, the system 500 may include additional data managers (e.g., data managers 2 to N) each operationally interfacing to a unique plurality of computers (e.g., K1 to Km). Each additional data manager operationally interfaces to the DICOM server 510 via an additional WAN (e.g., WAN 570 for data manager #N). Each data manager administers a security policy for authorizing the plurality of computers associated with each data manager. The DICOM server 510 administers a security policy only for authorizing the various data managers. As a result, the DICOM server 510 is not burdened with having to administer a security policy for all of the plurality of computers that may try to access images from or store images to the DICOM server 510.
As opposed to the embodiments of
In accordance with an embodiment of the present invention, a security policy administered by a DICOM server can be implemented on the DICOM server according to the DICOM server format as shown in
In accordance with a third alternative embodiment of the present invention, a security policy administered by a DICOM server may involve the DICOM server relying on a security policy of a LAN which the DICOM is an operational part of. For example, if a data manager can access the LAN, which the DICOM server is an operational part of, then the DICOM server considers the data manager authorized (e.g., relying on active directory permission).
Other system configurations are possible as well, in accordance with various other embodiments of the present invention. A common feature of all embodiments of the present invention is that the security policy burden of a DICOM server is reduced by at least one data manager administering a security policy.
In summary, embodiments of the present invention provide a system and method to reduce the burden on a security policy administered by a DICOM server. Instead of the DICOM server having to consider (via a security policy) every requesting computer-based platform that may try to save an image to the DICOM server or retrieve an image from the DICOM server, at least one data manager is employed to act as a gateway between the DICOM server and the requesting computer-based platforms. The at least one data manager administers a security policy to consider the requesting computer-based platforms for authorization to submit image requests to the DICOM server. The DICOM server administers a security policy to consider only the data managers. As a result, the security policy of the DICOM server may only have to handle several data managers, whereas each data manager may handle, for example, hundreds of computer-based platforms.
While the invention has been described with reference to certain embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted without departing from the scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from its scope. Therefore, it is intended that the invention not be limited to the particular embodiments disclosed, but that the invention will include all embodiments falling within the scope of the appended claims.