170.302 (o-v) Security requirements

From OpenEMR Project Wiki

Integrity SHA1 170.302()

Email discussion moved to discussion tab --Tony - www.mi-squared.com 19:05, 3 March 2011 (UTC)

Basic Visolve Actions

   (1) Audit log - its a straightforward change.
   (2) User Passwords -
      (a)  For New installations - again its a straightforward change
      (b)  For Upgrades -
       Isolated one issue:
          -- Already existing users will have their passwords encrypted in MD5
           -- If we change the algorithm to SHA1, how the existing MD5 passwords are validated?
       
        Our proposed solution (only after upgrade):
        (a) When the user logins, the length of the password string is retrieved.
        (b) If the lenght is less than 40 bytes, the user is validated with MD5 and allowed to login 
              1. On successful login, the user is prompted to "reset his/her password"  
                 (This activity has to be forced through some mechanism)
              2. If fails, it lands again to login page.
         Note:
            SHA1 and MD5 have different hash lengths.
            The MD5 hash is 128 bits (or 32 bytes as a hex string); The SHA-1 hash is 160 bits
             (or 40 bytes as a hex string)

Proposal for Generate/Display and confirm HASH Key

File:Screen.jpg

New features:

  • On upload form, add a "Destination File" field so that the user can rename the file as it's being uploaded.
  • On upload, generate a SHA-1 hash code and store it in the database documents table along with the file's meta-data
  • When browsing the document, provide a method for renaming the document (See screenshot)
  • When browsing the document, provide a visual method of validating the document's integrity by displaying it's hash code (see screenshot). When the user clicks "validate," we will run the SHA algorithm over the file in its current state, and make sure that the hash codes match. Visual feedback will be provided to the users using a popup displaying the original hash, and the newly generated hash, and a message stating whether or not the values match.