Encryption is required to pass HL7 messages across hostile networks such as the internet. Encryption is supported on the following network transport layers:

As there is no published standard for encryption of interfaces, the remote system must also be another HL7Connect to allow the use of encryption. This will be reviewed in the future, when HL7 standards for encryption have been published.

For technical details regarding encryption, consult Encryption Specifications

Encryption always uses TripleDES with rolling Cipher Block Chaining (CBC) across messages. The options that can be configured concern the way that the working session key is generated. A session key is generated for every startup, and any time that CBC fails.

No Encryption

This is only an option for TCP/IP (MLLP) interfaces. HTTP and Email interfaces must be configured to use encryption.

HL7Connect Certificates (Symmetric/Private)

HL7Connect Certificates are a private key based key management system. In this system, both HL7Connect systems must share the same certificate. If you have good control over the distribution channels for the HL7Connect systems, which would often be the case, this is an easy to manage solution to key management.

If a certificate is in use, the Universal Unique Identifier (UUID) for the certificate will be shown. You are able to change the certificate by specifying a valid server file name for a new certificate. As a security precaution, the certificate must already be on the HL7Connect server.

Both HL7Connect systems must share the same certificate and UUID.

Generation of Certificates

You can generate a certificate by:

  1. Choosing Administration from the HL7Connect navigation task bar.
  2. Selecting the Utilities tab
  3. Click on the Certificate button
  4. Fill out the information required (indicated by *)
    NOTE: Ensure that the seed file is a file with sufficient entropy (ie a JPEG or Gif file) over 8K in size.
  5. Click the Create Certificate button.

You will receive a .kcert file, which contains the certificate.

PGP

Pretty Good Privacy (PGP) must be installed on the HL7Connect Server if you would like to use PGP as the key management system.

To use PGP, the following information must be supplied:

Value    Description
Sender    The email address of the sender. The default PGP key ring on the HL7Connect server must have a full private key installed for the sender address.
Receiver    The email address of the receiver. The default PGP Key ring on the HL7Connect server must have a public key for this address.
Passphrase    This is the passphrase for the Sender's PGP Private Key. This passphrase will be stored encrypted in the interface configuration, however, this should not be regarded as a highly secure storage location.

Email Interface

If the interface is an Email interface, then the Sender's and Receiver's address are taken automatically from the email interface configuration.

Other Interfaces

If the interface is not an email address, the addresses given do not need be valid, as they will not be used, but they must be properly installed in the PGP Key ring.

The values of Sender and Receiver must match across the two HL7Connect systems for encryption to work. The remote HL7Connect must have the values of Sender and Receiver reversed, so the sender on one HL7Connect matches the receiver on the other.


© Kestral Computing P/L 2000-2015. HL7Connect v2.00-063 generated on 30-Nov 2015
Keywords: Encryption, Certificates, Email, Encryption / Configuring Interfaces, PGP, Security / Configuring Encryption, X.509