Coleman Robert M, Ralston Matthew D, Szafran Alexander, Beaulieu David M
Maine Medical Center, Portland, ME 04102, USA.
J Digit Imaging. 2004 Sep;17(3):196-204. doi: 10.1007/s10278-004-1012-8. Epub 2004 Jul 13.
Most RIS and PACS systems include extensive auditing capabilities as part of their security model, but inspecting those audit logs to obtain useful information can be a daunting task. Manual analysis of audit trails, though cumbersome, is often resorted to because of the difficulty to construct queries to extract complex information from the audit logs. The approach proposed by the authors uses standard off-the-shelf multidimensional analysis software tools to assist the PACS/RIS administrator and/or security officer in analyzing those audit logs to identify and scrutinize suspicious events. Large amounts of data can be quickly reviewed and graphical analysis tools help explore system utilization. While additional efforts are required to fully satisfy the demands of the ever-increasing security and confidentiality pressures, multidimensional analysis tools are a practical step toward actually using the information that is already being captured in the systems' audit logs. In addition, once the work is performed to capture and manipulate the audit logs into a viable format for the multidimensional analysis tool, it is relatively easy to extend the system to incorporate other pertinent data, thereby enabling the ongoing analysis of other aspects of the department's workflow.
大多数放射信息系统(RIS)和医学影像存档与通信系统(PACS)都将广泛的审计功能作为其安全模型的一部分,但检查这些审计日志以获取有用信息可能是一项艰巨的任务。对审计跟踪进行人工分析虽然繁琐,但由于难以构建从审计日志中提取复杂信息的查询,人们常常采用这种方法。作者提出的方法使用标准的现成多维分析软件工具,协助PACS/RIS管理员和/或安全官员分析这些审计日志,以识别和审查可疑事件。可以快速查看大量数据,并且图形分析工具有助于探索系统利用率。虽然需要付出额外努力才能完全满足日益增长的安全和保密压力的要求,但多维分析工具是朝着实际利用系统审计日志中已捕获的信息迈出的切实一步。此外,一旦开展工作将审计日志捕获并处理成适合多维分析工具的可行格式,相对容易扩展系统以纳入其他相关数据,从而能够对部门工作流程的其他方面进行持续分析。
