This page provides a list of frequently asked questions (FAQ's) and answers
for Secure Transfer and Secure Email setup and operations.
To
view information about a specific FAQ, please select from the
following categories:
| A-N | O-Z | ||
| Certificates | Operating System | ||
| Digital Signature | |||
| Encryption | PIC (Password) | ||
| Error Messages | Registration | ||
An applet is a small Java application designed to be executed from within
another application. They are cross platform compatible, offer some form of
security (they can not access the hard drive and can not be executed directly
from the operating system) and are most suited to internet applications. They
may be invoked from different applications and require a Java Virtual Machine to
run.
The Secure Transfer application uses applets in the DDU and Pharmacy components.
Organisations need a way to ensure that their communications (Internet, Intranet or Extranet) are secured. A method to ensure authenticated, encrypted communications between clients and servers is via the use of SSL digital certificates and the Secure Sockets Layer (SSL) protocol. An SSL certificate provides information that a web server is trusted by an 3rd party, or a Certificate Authority. The Certificate Authority confirms both the from and to location and provides the public keys.
Thawte (http://www.thawte.com) and VeriSign (http://www.verisign.com) are the most popular SSL Certificate Authorities.
When a browser and a server conduct a session using SSL:
Code signing certificates guarantee the published details and content integrity of downloadable code. Thawte (http://www.thawte.com) and VeriSign (http://www.verisign.com) are the most common Code Signing Certificate Authorities.
Secure Transfer uses a code signing certificate to sign the JAR files prior to being deployed. The Secure Transfer Web Pass Through and File Control Modules contain applets. The JAR files for the respective applets are signed using the code signing certificate.
Does the Code Signing Certificate Authority certify the Secure Transfer code?
No. The Code Signing Certificate Authority certifies that the software comes from the publisher who signed it e.g. Queensland Health. The code signing certificate certifies that the software has not been altered or corrupted, and is therefore safe to install and run.
When using PKI encryption you should update your existing system with the latest service packs, critical upgrades, and security patches.
To access the Microsoft Update site, click here.
Queensland Health is using 168-bit (3DES) encryption. 3DES is one of the longest
and strongest secure key lengths supported by most browsers. 128-bit (and above)
encryption strengths are currently used by large organisations such as Banks and
the Australian Tax Office.
Queensland Health supports Novell GroupWise as its email client which utilises
the 168-bit (3DES) encryption algorithm. Microsoft’s Outlook Express 6, Outlook
2000 and Outlook 2002 support 3DES cipher strength.
A 168-bit key size has 2168 possible combinations. HeSA support 128-bit (and above) key length.
In general the following is true:
Key strengths greater than 168 bit are available. However, the underlining infrastructure (email client(s), browser(s), token(s) etc) to support key strengths greater than 168 bit are not yet readily available. Therefore 168-bit is the longest and most secure key length supported by most browsers and email clients.
Digital Certificates are issued by any Certification Authority (CA), who vouches for the identities of those requesting certificates through the activities of an associated Registration Authority (RA). The CA establishes the association between the certificate holder and the assigned key. In order to prevent forged certificates, the CA's public key must be trustworthy. A CA must publicise and attest to the validity of its public key.
The Health eSignature Authority Pty Ltd (HeSA) issue the certificates using Certificates Australia Pty Ltd (CAPL) as the root certification authority and Baltimore Certificates Australia Pty Ltd (BCAPL) as the intermediate certification authority.
You can obtain digital certificates from various authorities, e.g. Verisign, Thawte, Baltimore Certificates Australia Pty Ltd (BCAPL) etc.
To obtain certificates for the Health Sector you need to apply for registration with the Health eSignature Authority (HeSA). The online Application form can be access on from the HeSA website at http://www.hesa.com.au
To view a Tutorial showing how to apply for Registration,
click here.
To view guidelines showing how to apply for Registration, .click
here.
Note: For Queensland Health staff, the guidelines and tutorial for registering a HealthCare Location can be viewed on the Secure Transfer Service (STS) Intranet at http://qheps.health.qld.gov.au/sts
HeSA will validate and authenticate the Registration Forms. The process includes:
The entire process may take days or weeks. The PIC letter is sent by
Person-to-Person post and may take several days to reach the recipient.
You can check the progress of your Registration by contacting the HeSA
helpdesk (1300 660 035).
There are two types of certificates:
It is not mandatory for both certificates to be issued. A user may only
require an authentication Public Key pair, and not a key exchange Public Key
pair. Only those keys that are actually required (or requested) are issued.
HeSA issues two separate Certificates - one each for authentication and
encryption.
The cost for the initial HIC certificate (and associated tokens) is covered by HeSA and HIC, i.e. the first certificate/tokens are free.
The installation process for Location certificates is determined by the browser or email client that you use. For detailed instructions, refer to the Healthcare Location Certificate Installation Guide and Location Bonus CD supplied by HIC/HeSA
Yes. You can install the Location Certificate on one or more desktops within your Location. The number of desktops to install the Location Certificates is dependent upon your work practise. A large practise, for example, may have several desktops which receive email and each of these may have the Location Certificates. A solo practise or a centralised administrative area may have the Location Certificates installed on only one desktop.
Yes. A desktop can have more than one Location Certificate. A centralised administration area, for example, may have the Location Certificates for several Locations.
Yes. It is a good practice to keep a back-up of your certificates, e.g. for recovery purposes or if the original copies are corrupted.
No. Digital signing does not protect the message from being intercepted and read by someone other than the intended recipient. Digital signing simply authenticates the identity of the sender and ensures that the original content of the message has been sent unaltered.
The Internet was designed to share information, not to
protect it or secure commercially sensitive information. When using the
internet without PKI encryption, you are sending email openly into the world. It is
analogous to sending confidential information on a postcard while secure email
is analogous to sending information in a sealed envelope with a wax seal
stamp.
In September 2003, the Queensland Government enacted Privacy Legislation.
This legislation means that if any private or patient related information is
intercepted and divulged, you may be vulnerable to the possibility of
litigation.
Using PKI encryption ensures the email is secure.
Only the email message body and attachments are sent encrypted/signed. The Subject, From, To, CC or BC are not encrypted. You should be very careful about the subject heading when sending Secure Email. DO NOT include any private or confidential information in the subject.
See Also: What does an encrypted email look like?
This image shows how an authorised recipient (with the relevant Keys and Certificates) sees an encrypted email.
|
|
This image shows the text that an unauthorised recipient (without the relevant Keys and Certificates) sees if they attempt to view an encrypted email.
|
|
Note: The subject field is unencrypted (readable) and the message body and attachments are encrypted (unreadable).
Removing the HCL Location Certificates from the desktop will mean you
cannot open or read any encrypted HCL location email for that particular
desktop.
Re-importing the HCL Location Certificates to the desktop will enable the
user to view any previous encrypted HealthCare Location encrypted email.
HIC digital certificates are valid for two (2) years, after which they should be renewed. The certificates may be revoked, suspended or re-instated prior to this time.
Certificates are valid for a defined period to guard against long-term
crypto analytic attacks. The time to expiration must be much shorter than
the time it would take to break the encrypted message. The validity period
also depends on the circumstances in which the keys are used.
When a Certificate expires, the legitimacy or trustworthiness of the secure email is unknown. Users may not accept messages signed with the expired key as it will appear on a Revocation List. Before a Certificate expires you should renew to ensure business continuity.
To renew your certificates, complete the Revocation / Suspension/
Reinstatement / Re-key (Renew) Request Form that you received from HeSA with the
disk containing your keys and certificates.
Alternatively, you can download the form from the HeSA web site at:
http://www.hesa.com.au/forms_pubs/forms.htm
Note: If your location email address changes, you should complete the same form.
You need to revoke a certificate when:
You no longer wish to use the digital certificate issued by HeSA.
Your private key, or the medium containing the private key corresponding to the public key contained in that digital certificate has been, or is suspected of having been, compromised.
The signatories on the HeSA agreement are no longer valid.
The Revocation needs to be authorised by one of the following representatives:
Subscriber
Duly Authorised Officer (DAO)
HealthCare Location (HCL) Representative
Power of Attorney
Court Order
Health Sector Entity (HSE) Representative
You can download the request form from the HeSA website at http://www.hesa.com.au/ or call HeSA on 1300 660 035.
HIC Certificates are revoked in 48 hours upon receipt of the revocation request. The revocation request can be faxed or sent by Post.
See Also: Do I need to revoke a certificate in a certain time?
Only persons who undertake online transactions that require identification of the individual need a HealthCare Individual Certificate. Examples include:
If you sign and transmit direct-bill claims.
If you prepare patient claims.
If you are identifying yourself as the sender/author of an encrypted email.
HIC Online Medicare claiming requires users to hold at least one HealthCare Individual Certificate and one HealthCare Location Certificate. In this circumstance you will require an Individual Certificate.
There are several reasons for using Location Certificates:
Location Certificates are installed on the desktop and do not need to be carried. This minimises the inconvenience of losing, misplacing or leaving certificates at home.
Location Certificates represent a locality rather than an individual person. As such, any staff member within the Location may use the Location email address to send secure email.
Location Certificate does not carry the non-repudiation liability which is associated with Individual Certificates. The Location Certificates minimise the legal liability to staff members as it is the locality and not the individual who is liable.
The recipient of the secure email is more amenable to receive an email from a Location rather than an individual.
You can store your Personal Identification Code (PIC) in the same way as other information is kept safe, for example, in a safe, secure tokens (such as special floppy disks) or smartcards. You should keep your PIC and certificates stored separately. Whatever you use, the best way to ensure optimum security for your PIC is to simply keep it safe and secret at all times.
If you forget or lose your Personal Identification Code (PIC) you must
advise the HeSA on 1300 660 035. HeSA will suspend the certificate for a
period of 24 hours. If you remember the PIC within the 24 hours,
the certificate will be un-suspended. However, if you cannot remember your
PIC within the 24 hour period your certificate will be revoked and
you will need to be issued with a new certificate.
Passwords and pass-phrases are among the most crucial (and most often exploited) aspects of computer security.
A secure password/pass-phrase is:
At least 8 characters - the longer the password, the more difficult it is to break.
Be composed of:
a. Lower-case characters i.e. a..z
b. Upper-case characters i.e. A..Z
c. Numeric characters i.e. 0..9
d. Non-alphanumeric characters i.e. $,&,” etc.
Easy to remember - if your password is so complex that you need to write it down, you should choose another.
Never be shared with anyone.
Only used on one computer.
Changed frequently - at least every 90 days (3 months).
An un-secure password/pass-phrase is:
Anything that is short - 5 characters or less.
Any word from any dictionary (in any language) - attackers break into a system using computer programs that use dictionary words.
Dictionary words in which the letters have been replaced by numbers e.g. e1ephant.
Dictionary words to which a digit, punctuation mark or space has been appended e.g. March2.
Dictionary words spelt backwards.
Dictionary words with all the vowels deleted.
Dictionary words with number translations e.g. a > 1, e > 3, i > 11, o > $.
Phrases with the white-space deleted.
Simple patterns like qwerty, 74108520 or no password.
Usernames, hostnames, locations or names of anyone on the system.
Any name which is visible around your location e.g. posters, phone lists, calendars, computer names etc.
Your spouse, child, relative, boss or a pets name.
Any personal information such as birthdays, license numbers, phone numbers, favourite songs, movies, quotations etc.
Password/Pass-Phrases composed of all digits or all letters.
Password/Pass-Phrases that have never been changed.
Password/Pass-Phrases that have been used before.
A complex password/pass-phrase that you have written down.
See also: How do I choose a secure Password/Pass-Phrase
An ideal password/pass-phrase is something which is easy to remember and hard to guess. Ideally, it should follow the format outlined in What is a secure password/pass-phrase?
Good techniques for choosing a secure password/pass-phrase are:
Use the initials of a phrase. Don't pick well known phrases like "24 Black Birds baked in a Pie" (24BBbiaP) - choose phrases like "My brother Simon is 24 years old” (MbSi24yo).
Use an easily pronounced non dictionary word/phrases with infrequently used characters such as “_” and “^” e.g. "Kix_on_rte^66" or "Krang_it%2day".
Use homonyms or miss-spelt words/phrases e.g. 2QT2BSingle (Too cute to be Single), 22.twaan (Choo Choo train), vnylEyes (finalise).
Use mixed upper case, lower case and numbers e.g. naN02nd (nanoSecond), piaN02nr (Piano Tuner).
Use unrelated words and join them with numbers.
Use acronyms that only mean something to you e.g. O35Ya6mtR (Only 35 Years and 6 months to Retirement).
What
encryption ciphers are supported over the internet?
At present, the ciphers supported by Transport Layer Security (TLS) protocol
are Rivest Cipher 2 (RC2), Rivest Cipher 4 (RC4), International Data
Encryption Algorithm (IDEA), Data Encryption Standard (DES), and triple DES
(3DES). The addition of the Advanced Encryption Standard (AES) cipher suites
will be supported the near future.
Why use HIC/HeSA certificates and not those issued by other entities?
There are several reasons for using certificates issued by HIC/HeSA:
HIC and its subsidiary HeSA are Australian Government Endorsed Suppliers. The Australian Government actively encourages the use of HIC PKI based facilities e.g. oncology trials. The Australian Government promotes and supports HIC as the chain of trust for the Healthcare industry in Australia.
HIC is Australia's primary health information management and payment agency and consequently employed throughout the Australian healthcare sector. A significant number of healthcare users (pharmacies, general practices etc) use certificates issued by HIC.
HIC/HeSA (and its Certificate Authority, SecureNet) have completed the Commonwealth Government Gatekeeper process and are Accredited Providers of PKI. Recipients of secure email are more amenable to receive an email from accredited providers.
HIC/HeSA issue dual certificates i.e. two (2) separate Certificates - one each for authentication and encryption. Entities such as Verisign and Thawte issue a single certificate for both purposes. Dual certificates offer greater work practice flexibility.
What is PGP?
Pretty Good Privacy (PGP) is a freeware email security program that uses
symmetric algorithm for data encryption. The initial version was developed
and released by Phil Zimmerman in 1991. It is widely distributed and
utilised by small groups of people who know each other, i.e. every user
generates and distributes their own public key thereby creating an
interconnected community of PGP users.
Important Note: PGP only ensures the e-mail address of the sender and does not address fundamental security attributes such as identity management, authentication, non-repudiation, confidentiality and chain of trust. These are all addressed in the Queensland Health PKI facilities that are based on the HIC/HeSA health industry standard Public Key Infrastructure.
What is the S/MIME .p7m file attached to my email?
The S/MIME.p7m attached to your email is a signed and encrypted file. It complies with the PKCS #7 Cryptographic Message Syntax Standard. The file can only be read by another S/MIME compliant client.
There are several generic p7 file types, including:
| Extension | Generic Meaning | |||
| .p7b | PKCS #7 certificates. | |||
| .p7c | Certificate only, no digital signature or encryption. | |||
| .p7m | PKCS #7 MIME message signed and encrypted. | |||
| .p7r | Certificate request response. | |||
| .p7s | PKCS #7 signature - signed but not encrypted. | |||
Can I use one certificate for multiple email addresses?
No. The certificate(s) (Encryption and/or Digital Signature) are issued for a specific email address. This address is supplied during the Individual or Location application/registration process. If you have multiple email addresses you will require multiple certificates.
Can I send an encrypted email to someone who does not have a Digital Certificate?
No. You can not encrypt a message unless you have the recipient's public key.
Can I send a Digitally Signed email to someone who does not have a Digital Certificate?
Yes. You can send a Digitally Signed email to any recipient as long as the recipient has an email client which supports S/MIME, e.g. GroupWise™, MailSecure™, Lotus Notes™, Pegasus™, cc:Mail™, Qualcomm Eudora™, Microsoft Outlook™, Microsoft Outlook Express™ etc.
There are two distinct ways of encoding digitally signed messages - Clear Text and Opaque.
Can I change the
private key PIC (password)?
Yes. The original PIC (password) supplied by HeSA can be difficult to
remember. You are able to change the PIC (password) associated with your
private key by importing and exporting the private key file.
To view a guideline about changing your PIC (password) for Secure Transfer
(including S8 Online) operations, click here.
To view information about changing your PIC (password) for Secure Email
operations, go to the HeSA web site at:
http://www.hesa.com.au/toolkit/faqs/passwords.htm.
Do I need to revoke a certificate in a certain time?
The response time to revoke a certificate is dependent upon the risk. Risk assessment should be conducted to determine the likely impact it may have on the clinical unit/individual. The main criterion for the risk is impact on business continuity. In the worst instance, the revocation and supply of new certificates may take several weeks.
The NOIE Gatekeeper standards (http://www.noie.gov.au/) assign minimum response times as follows:
| Revocation Reason | Response Time | ||
| Compromise of either, or both, keys associated with the certificate | Immediate | ||
| Compromise of the Certificate Authority (CA) keys | Immediate | ||
| Change of affiliation for the entity | 24 Hours | ||
| Certificate superseded | 5 Days | ||
| Cessation of operation of entity | As required | ||
| Other reasons not included above | As required | ||
What
are the various Types/Grades of Digital Certificates?
There are two (2) types of certificates and three (3) grades for each type.
The NOIE Gatekeeper standards (http://www.noie.gov.au/) recommend Types
and Grades of digital certificates.
The certificate Type is based on the manner in which the certificate holder is identified.
The certificate Grade is based on how the certificate holder is verified and the type of use.
In summary, the NOIE Gatekeeper recommended certificate Types and Grades are:
|
Certificate |
|||||||
|
Generic Name |
Type |
Grade |
Evidence Of Identity (EOI) |
Security Information |
Individual Financial Transactions |
||
|
Individual |
1 |
1 |
50 points |
Non Sensitive |
None |
||
|
2 |
100 points |
IN CONFIDENCE |
Up to $1000 |
||||
|
3 |
150 points |
PROTECTED/RESTRICTED |
Up to $10 000 |
||||
|
Non-Individual; or Location |
2 |
1 |
50 points |
Non Sensitive |
Up to $10 000 |
||
|
2 |
100 points |
IN CONFIDENCE |
Up to $10 000 |
||||
|
3 |
150 points |
PROTECTED/RESTRICTED |
Up to $10 000 |
||||
HIC/HeSA are Gatekeeper accredited and issue:
Type 1 (Individual) Grade 2 certificates; and
Type 2 (Non-Individual or Location) Grade 2 certificates.
Are there different types of PKI models?
There are a number of PKI models which use public key encryption, certificates, and digital signatures. Each has different capabilities, strengths and methods to establish a trust relationship among business entities. Some of more established models include:
X.509 International Telecommunication Union Telecommunication standard Public Key Infrastructure (PKI).
Pretty Good Privacy (PGP).
OpenPGP.
Simple Public Key Infrastructure (SPKI).
Simple Distributed Secure Infrastructure (SDSI).
HIC/HeSA issue digital certificates based on the X.509 v3 format.
What is the Windows Address
Book?
The Windows Address Book (WAB) is a Microsoft windows based product that
stores contact/address information via a local database. The application has
a user interface for finding and editing information and can query network
directory servers using Lightweight Directory Access Protocol (LDAP).
Microsoft Outlook and Outlook Express both use the Windows Address book to
store their data and contacts. For more information go to Microsoft website
http://msdn.microsoft.com/ and search for WAB.
Can I check if the Digital Certificates are installed in the Windows
Address Book?
Yes. If you are using Microsoft software and acquire a digital certificate
your private key and public key will be installed into the Microsoft Windows
Address Book. The certificates will automatically become integrated with
Internet Explorer and Outlook/Outlook Express.
After acquiring your digital certificate, you can check the installation by:
Select Start > Control Panel from the Windows main menu.
Select Internet Options > Content tab.
Select the Certificates… button to view the list.
Note: If you are using the MailSecure™ product, the digital certificates are stored in a MailSecure™ local database.
The signature of the message could not be verified
Full message: The signature of the message could not be verified because the sender's certificate is not found in the message.
This message occurs when attempting to open a secure email. It indicates
that the sender did not include the certificates when sending a secure
message. This option can be enabled (or disabled) in various email clients.
The sender should be notified to enable the option.
To set this option in Outlook 2002
From the Tools menu, select Options.
In the Options window, select the Security tab.
Click on the Settings button.
In the Change Security Settings window, select the Send these certificates with signed messages option.
Click OK to close the windows.
Digital ID name cannot be found
Outlook 2000 Error
Complete Error message: OL2000: Error Message: Your Digital ID Name cannot be found by the underlying security system.
Indicates: This behaviour can occur if your digital certificate is damaged or corrupted. This behaviour can also occur if your digital certificate was set up in a single Microsoft Windows 95 or Microsoft Windows 98 profile environment, and multiple user profiles with a domain log on are enabled. The default computer profile has full access to the digital certificate, but other profiles for Windows cannot use it.
Suggestion: Visit the Microsoft Knowledge base at http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B258527 and follow the instructions contained in Article 258527.
Cannot encrypt file for upload
If you have been presented with this error message after changing your Personal Identification Code (PIC) (password), try the following:
Check that Caps Lock is not on. The password is case sensitive
Reload you new key into the applet and use the new PIC.
Reload the original key into the applet and use the original PIC.
Change password again.
To view a guideline about changing a PIC password, click here.
File could not be copied on hard drive
This error only occurs when attempting to copy a selected S8 file to a temporary folder on the hard drive.
The error is most likely the result of:
Your computer is a non-compliant Microsoft Windows platform, i.e. UNIX platform.
Your computer does not permit the temporary directory to be created (permission issue).
Your computer does not permit the creation of the temporary file or opening of the selected file for copying (permission issue).
Your computer denies deletion of the temporary folder/file after processing (permission issue).
Solution:
Contact the DDU on (07) 3896 3900 for assistance.
S8 Online files cannot be updated
Message:
Indicates:
The security settings on your computer are not permitting the renaming, updating or deletion of some S8 Online files.
Solution:
Contact the DDU on (07) 3896 3900 for assistance.
Other languages