PS 3.15 of the DICOM Standard specifies security and system management profiles to which implementations may claim conformance. Security and system management profiles are defined by referencing externally developed standard protocols, such as DHCP, LDAP, TLS and ISCL. Security protocols may use security techniques like public keys and “smart cards”. Data encryption can use various standardized data encryption schemes.
This part does not address issues of security policies. The standard only provides mechanisms that can be used to implement security policies with regard to the interchange of DICOM objects. It is the local administrator’s responsibility to establish appropriate security policies.