Within an IHE XDS environment the security of the information is very important. IHE has several profiles that work together to ensure that the information is only accessable by authorised persons.
The first profile that is implemented is the ATNA profile. This stands for Audit Trail and Node Authentication.
Audit trails
Each IHE XDS component will send audit logs to a central server that can be accessed by a security officer to check who accessed what data at what time. See Audit trails for more information.
Connection Authentication
The profile also describes that all components should communicate with eachother with encrypted TLS connections. These connections are Mutual secure, this means both sides present their certificate to the other side for authentication. See Certificates for more information on how to supply your public certificate to Brusafe+.
Authorisation
The Audit Trail and Node Authentication Integration Profile requires only local user authentication. The profile allows each secure node to use the access control technology of its choice to authenticate users. The use of Enterprise User Authentication is one such choice, but it is not necessary to use this profile. Within the Brusafe+ environment user authentication is handled through the Brusafe+ portal. Here users can login using their eID (see portal information for more details)