Package org.openehealth.ipf.commons.audit.event

Class SecurityAlertBuilder

java.lang.Object

org.openehealth.ipf.commons.audit.event.BaseAuditMessageBuilder<SecurityAlertBuilder>

org.openehealth.ipf.commons.audit.event.SecurityAlertBuilder

All Implemented Interfaces:

AuditMessageBuilder<SecurityAlertBuilder>, Validateable

public class SecurityAlertBuilder
extends BaseAuditMessageBuilder<SecurityAlertBuilder>

Builds an Audit Event representing a Security Alert event as specified in http://dicom.nema.org/medical/dicom/current/output/html/part15.html#sect_A.5.3.11

This message describes any event for which a node needs to report a security alert, e.g., a node authentication failure when establishing a secure communications channel.

The Node Authentication event can be used to report both successes and failures. If reporting of success is done, this could generate a very large number of audit messages, since every authenticated DICOM association, HL7 transaction, and HTML connection should result in a successful node authentication. It is expected that in most situations only the failures will be reported.

Since:

3.5

Author:

Christian Ohr

Constructor Summary

Constructors

Constructor	Description
SecurityAlertBuilder(EventOutcomeIndicator outcome, String eventOutcomeDescription, EventType eventType)

Method Summary

Modifier and Type	Method	Description
SecurityAlertBuilder	addAlertNodeSubjectParticipantObject(String node, ParticipantObjectTypeCodeRole role, String reason)
SecurityAlertBuilder	addAlertUriSubjectParticipantObject(String uri, ParticipantObjectTypeCodeRole role, String reason)
SecurityAlertBuilder	addPerformingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId)
SecurityAlertBuilder	addReportingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId, boolean userIsRequestor)
void	validate()	Validates the constructed audit message against the specification, because API does not completely prevent constructing incomplete or inconsistent messages.

Methods inherited from class org.openehealth.ipf.commons.audit.event.BaseAuditMessageBuilder

addActiveParticipant, addActiveParticipant, addActiveParticipant, addDestinationActiveParticipant, addParticipantObjectIdentification, addParticipantObjectIdentification, addParticipantObjectIdentification, addPatientParticipantObject, addSourceActiveParticipant, addStudyParticipantObject, getMessage, getNetworkAccessPointCodeFromAddress, setAuditSource, setAuditSource, setAuditSource, setAuditSource, setAuditSourceIdentification, setAuditSourceIdentification, setAuditSourceIdentification, setEventIdentification, setEventIdentification

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.openehealth.ipf.commons.audit.event.AuditMessageBuilder

getMessages, getTypeValuePair, getTypeValuePair, getTypeValuePair, getTypeValuePair, self

Constructor Details

SecurityAlertBuilder

public SecurityAlertBuilder(EventOutcomeIndicator outcome,
 String eventOutcomeDescription,
 EventType eventType)

Parameters:

outcome - Success implies an informative alert. The other failure values imply warning codes that indicate the severity of the alert. A Minor or Serious failure indicates that mitigation efforts were effective in maintaining system security. A Major failure indicates that mitigation efforts may not have been effective, and that the security system may have been compromised.

eventType - event type

Method Details

addReportingActiveParticipant

public SecurityAlertBuilder addReportingActiveParticipant(String userId,
 String altUserId,
 String userName,
 ActiveParticipantRoleId roleId,
 String networkId,
 boolean userIsRequestor)

Parameters:

userId - UserID

altUserId - Alternate UserID

userName - UserName

networkId - Network Access Point ID

userIsRequestor - Whether the destination participant represents the requestor (i.e. pull request)

Returns:

this

addPerformingActiveParticipant

public SecurityAlertBuilder addPerformingActiveParticipant(String userId,
 String altUserId,
 String userName,
 ActiveParticipantRoleId roleId,
 String networkId)

Parameters:

userId - UserID

altUserId - Alternate UserID

userName - UserName

networkId - Network Access Point ID

Returns:

this

addAlertNodeSubjectParticipantObject

public SecurityAlertBuilder addAlertNodeSubjectParticipantObject(String node,
 ParticipantObjectTypeCodeRole role,
 String reason)

Parameters:

node - the identity of the node that is the subject of the alert either in the form ofnode_name@domain_nameor as an IP address

role - ParticipantObjectTypeCodeRole.MasterFile or ParticipantObjectTypeCodeRole.SecurityResource

reason - free text description of the nature of the alert as the value

Returns:

this

addAlertUriSubjectParticipantObject

public SecurityAlertBuilder addAlertUriSubjectParticipantObject(String uri,
 ParticipantObjectTypeCodeRole role,
 String reason)

Parameters:

uri - the URI of the file or other resource that is the subject of the alert

role - ParticipantObjectTypeCodeRole.MasterFile or ParticipantObjectTypeCodeRole.SecurityResource

reason - free text description of the nature of the alert as the value

Returns:

this

validate

public void validate()

Description copied from interface: Validateable

Validates the constructed audit message against the specification, because API does not completely prevent constructing incomplete or inconsistent messages.

Specified by:

validate in interface Validateable

Overrides:

validate in class BaseAuditMessageBuilder<SecurityAlertBuilder>