public class SecurityAlertBuilder extends BaseAuditMessageBuilder<SecurityAlertBuilder>
This message describes any event for which a node needs to report a security alert, e.g., a node authentication failure when establishing a secure communications channel.
The Node Authentication event can be used to report both successes and failures. If reporting of success is done, this could generate a very large number of audit messages, since every authenticated DICOM association, HL7 transaction, and HTML connection should result in a successful node authentication. It is expected that in most situations only the failures will be reported.
Constructor and Description |
---|
SecurityAlertBuilder(EventOutcomeIndicator outcome,
String eventOutcomeDescription,
EventType eventType) |
Modifier and Type | Method and Description |
---|---|
SecurityAlertBuilder |
addAlertNodeSubjectParticipantObject(String node,
ParticipantObjectTypeCodeRole role,
String reason) |
SecurityAlertBuilder |
addAlertUriSubjectParticipantObject(String uri,
ParticipantObjectTypeCodeRole role,
String reason) |
SecurityAlertBuilder |
addPerformingActiveParticipant(String userId,
String altUserId,
String userName,
ActiveParticipantRoleId roleId,
String networkId) |
SecurityAlertBuilder |
addReportingActiveParticipant(String userId,
String altUserId,
String userName,
ActiveParticipantRoleId roleId,
String networkId,
boolean userIsRequestor) |
void |
validate()
Validates the constructed audit message against the specification, because API does not completely
prevent constructing incomplete or inconsistent messages.
|
addActiveParticipant, addActiveParticipant, addActiveParticipant, addDestinationActiveParticipant, addParticipantObjectIdentification, addParticipantObjectIdentification, addPatientParticipantObject, addSourceActiveParticipant, addStudyParticipantObject, getMessage, getNetworkAccessPointCodeFromAddress, getTypeValuePair, setAuditSource, setAuditSource, setAuditSource, setAuditSource, setAuditSourceIdentification, setAuditSourceIdentification, setAuditSourceIdentification, setEventIdentification, setEventIdentification
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getMessages, self
public SecurityAlertBuilder(EventOutcomeIndicator outcome, String eventOutcomeDescription, EventType eventType)
outcome
- Success implies an informative alert. The other failure values imply warning codes that indicate
the severity of the alert. A Minor or Serious failure indicates that mitigation efforts were
effective in maintaining system security. A Major failure indicates that mitigation efforts may
not have been effective, and that the security system may have been compromised.eventType
- event typepublic SecurityAlertBuilder addReportingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId, boolean userIsRequestor)
userId
- UserIDaltUserId
- Alternate UserIDuserName
- UserNamenetworkId
- Network Access Point IDuserIsRequestor
- Whether the destination participant represents the requestor (i.e. pull request)public SecurityAlertBuilder addPerformingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId)
userId
- UserIDaltUserId
- Alternate UserIDuserName
- UserNamenetworkId
- Network Access Point IDpublic SecurityAlertBuilder addAlertNodeSubjectParticipantObject(String node, ParticipantObjectTypeCodeRole role, String reason)
node
- the identity of the node that is the subject of the alert either in the form ofnode_name@domain_nameor as an IP addressrole
- ParticipantObjectTypeCodeRole.MasterFile
or ParticipantObjectTypeCodeRole.SecurityResource
reason
- free text description of the nature of the alert as the valuepublic SecurityAlertBuilder addAlertUriSubjectParticipantObject(String uri, ParticipantObjectTypeCodeRole role, String reason)
uri
- the URI of the file or other resource that is the subject of the alertrole
- ParticipantObjectTypeCodeRole.MasterFile
or ParticipantObjectTypeCodeRole.SecurityResource
reason
- free text description of the nature of the alert as the valuepublic void validate()
Validateable
validate
in interface Validateable
validate
in class BaseAuditMessageBuilder<SecurityAlertBuilder>
Copyright © 2018 Open eHealth Foundation. All rights reserved.