C.3 Authorization RSA Digital Signature Profile

The technician or physician who approves a DICOM SOP Instance for use may request the Application Entity to generate a signature using the Authorization RSA Digital Signature Profile. The Digital Signature produced serves as a lifetime data integrity check that can be used to verify that the pixel data in the SOP instance is the same that the technician or physician saw when they made the approval.

As a minimum, an implementation shall include the following attributes in generating the Authorization RSA Digital Signature:

  1. the SOP Class and Instance UIDs

  2. the Study and Series Instance UIDs

  3. any attributes whose Values are verifiable by the technician or physician (e.g., their Values are displayed to the technician or physician)

  4. any attributes of the Overlay Plane, Curve or Graphic Annotation modules that are present

  5. any attributes of the General Image and Image Pixel modules that are present

  6. any attributes of the SR Document General and SR Document Content modules that are present

  7. any attributes of the Waveform and Waveform Annotation modules that are present

  8. any attributes of the Multi-frame Functional Groups module that are present

  9. any attributes of the Enhanced MR Image module that are present

  10. any attributes of the MR Spectroscopy modules that are present

  11. any attributes of the Raw Data module that are present

  12. any attributes of the Enhanced CT Image module that are present

  13. any attributes of the Enhanced XA/XRF Image module that are present

  14. any attributes of the Segmentation Image module that are present

  15. any attributes of the Encapsulated Document module that are present

  16. any attributes of the X-Ray 3D Image module that are present

  17. any attributes of the Enhanced PET Image module that are present

  18. any attributes of the Enhanced US Image module that are present

  19. any attributes of the Surface Segmentation module that are present

  20. any attributes of the Surface Mesh Module that are present

  21. any attributes of the Structured Display, Structured Display Annotation, and Structured Display Image Box modules that are present

  22. any Attributes of the Implant Template module that are present

  23. any Attributes of the Implant Assembly Template module that are present

  24. any Attributes of the Implant Template Group module that are present

The Digital Signature shall be created using the methodology described in the Base RSA Digital Signature Profile. The Application Entity shall determine the identity of the technician or physician and obtain their certificate through a site-specific procedure such as a login mechanism or a smart card.

Authorization RSA Digital Signatures bear no direct relationship to other Digital Signatures. However, other Digital Signatures, such as the Creator RSA Digital Signature, may be used to collaborate the timestamp of an Authorization RSA Digital Signature.