Re: [Gnumed-devel] GNUmed (debian) servers and security

[Karsten Hilbert]

> Many doctors have a need to connect to their EMR from inside the  
> hospital. Even the doctors who let others look after their patients  
> when in hospital, in many cases, still visit the patients at least in  
> special cases or may be at the hospital for other reasons. It would  
> not be unusual for at least some GPs to spend 30 or more minutes per  
> day at a hospital at least a couple of times per week (in some cases  
> they might spend a full morning or afternoon) and the inability to  
> connect to their EMR from inside the hospital is not going to be  
> acceptable.
I see the use case (it is *very* rare here in Germany).

I think that it is the hospital IT staff's job to provide medical staff with 
the tools they need. Which includes port 5432 access to certain outside 
machines from within the hospital. But I can just see it happen the need to be 
denied.

> Some hospitals might soon provide enough wireless access that a  
> doctor with their own laptop might be able to set up a VPN, but the  
> majority I am sure will find ports and VPNs blocked. So I think that  
> doctors who could have a copy of GNUmed on a hospital machine (or USB  
> stick) still have to be able to connect via ports 80 or 443 without a  
> VPN.
Sure.

> For the purpose of a doctor accessing a single patient (or small  
> number of patients' EMR) it is acceptable to let the hospital proxy  
> decrypt and re-encrypt the doctor's SSL traffic to their GNUmed EMR.
I wouldn't recommend that.

> I think it is important to prevent man-in-the-middle attacks on the  
> connection between the hospital and the GNUmed server so unless the  
> hospital offered some tunnel to this server then the SSL would be  
> needed unless people figure some other way for a secure connection

I would go about it like this:

- bring along a bootable Debian-CD with the GNUmed client on it
  and boot that on a hospital machine
- or bring a laptop and connect that
- setup a proxy in my practice listening on port 80 and
  forwarding that to port 5432 on the database machine
- in the hospital point the client at port 80 of the proxy in
  my practice - the connect should work as port 80 is open
- make sure my client and my server both support SSL

That way end-to-end encryption from my laptop/live CD to my server is ensured 
and accessibility is achieved by tunneling over port 80.

Karsten
-- 
Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten 
Browser-Versionen downloaden: http://www.gmx.net/de/go/browser