Class SecurityAlertBuilder
- java.lang.Object
-
- org.openehealth.ipf.commons.audit.event.BaseAuditMessageBuilder<SecurityAlertBuilder>
-
- org.openehealth.ipf.commons.audit.event.SecurityAlertBuilder
-
- All Implemented Interfaces:
AuditMessageBuilder<SecurityAlertBuilder>
,Validateable
public class SecurityAlertBuilder extends BaseAuditMessageBuilder<SecurityAlertBuilder>
Builds an Audit Event representing a Security Alert event as specified in http://dicom.nema.org/medical/dicom/current/output/html/part15.html#sect_A.5.3.11This message describes any event for which a node needs to report a security alert, e.g., a node authentication failure when establishing a secure communications channel.
The Node Authentication event can be used to report both successes and failures. If reporting of success is done, this could generate a very large number of audit messages, since every authenticated DICOM association, HL7 transaction, and HTML connection should result in a successful node authentication. It is expected that in most situations only the failures will be reported.
- Since:
- 3.5
- Author:
- Christian Ohr
-
-
Constructor Summary
Constructors Constructor Description SecurityAlertBuilder(EventOutcomeIndicator outcome, String eventOutcomeDescription, EventType eventType)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description SecurityAlertBuilder
addAlertNodeSubjectParticipantObject(String node, ParticipantObjectTypeCodeRole role, String reason)
SecurityAlertBuilder
addAlertUriSubjectParticipantObject(String uri, ParticipantObjectTypeCodeRole role, String reason)
SecurityAlertBuilder
addPerformingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId)
SecurityAlertBuilder
addReportingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId, boolean userIsRequestor)
void
validate()
Validates the constructed audit message against the specification, because API does not completely prevent constructing incomplete or inconsistent messages.-
Methods inherited from class org.openehealth.ipf.commons.audit.event.BaseAuditMessageBuilder
addActiveParticipant, addActiveParticipant, addActiveParticipant, addDestinationActiveParticipant, addParticipantObjectIdentification, addParticipantObjectIdentification, addParticipantObjectIdentification, addPatientParticipantObject, addSourceActiveParticipant, addStudyParticipantObject, getMessage, getNetworkAccessPointCodeFromAddress, setAuditSource, setAuditSource, setAuditSource, setAuditSource, setAuditSourceIdentification, setAuditSourceIdentification, setAuditSourceIdentification, setEventIdentification, setEventIdentification
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.openehealth.ipf.commons.audit.event.AuditMessageBuilder
getMessages, getTypeValuePair, getTypeValuePair, getTypeValuePair, getTypeValuePair, self
-
-
-
-
Constructor Detail
-
SecurityAlertBuilder
public SecurityAlertBuilder(EventOutcomeIndicator outcome, String eventOutcomeDescription, EventType eventType)
- Parameters:
outcome
- Success implies an informative alert. The other failure values imply warning codes that indicate the severity of the alert. A Minor or Serious failure indicates that mitigation efforts were effective in maintaining system security. A Major failure indicates that mitigation efforts may not have been effective, and that the security system may have been compromised.eventType
- event type
-
-
Method Detail
-
addReportingActiveParticipant
public SecurityAlertBuilder addReportingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId, boolean userIsRequestor)
- Parameters:
userId
- UserIDaltUserId
- Alternate UserIDuserName
- UserNamenetworkId
- Network Access Point IDuserIsRequestor
- Whether the destination participant represents the requestor (i.e. pull request)- Returns:
- this
-
addPerformingActiveParticipant
public SecurityAlertBuilder addPerformingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId)
- Parameters:
userId
- UserIDaltUserId
- Alternate UserIDuserName
- UserNamenetworkId
- Network Access Point ID- Returns:
- this
-
addAlertNodeSubjectParticipantObject
public SecurityAlertBuilder addAlertNodeSubjectParticipantObject(String node, ParticipantObjectTypeCodeRole role, String reason)
- Parameters:
node
- the identity of the node that is the subject of the alert either in the form ofnode_name@domain_nameor as an IP addressrole
-ParticipantObjectTypeCodeRole.MasterFile
orParticipantObjectTypeCodeRole.SecurityResource
reason
- free text description of the nature of the alert as the value- Returns:
- this
-
addAlertUriSubjectParticipantObject
public SecurityAlertBuilder addAlertUriSubjectParticipantObject(String uri, ParticipantObjectTypeCodeRole role, String reason)
- Parameters:
uri
- the URI of the file or other resource that is the subject of the alertrole
-ParticipantObjectTypeCodeRole.MasterFile
orParticipantObjectTypeCodeRole.SecurityResource
reason
- free text description of the nature of the alert as the value- Returns:
- this
-
validate
public void validate()
Description copied from interface:Validateable
Validates the constructed audit message against the specification, because API does not completely prevent constructing incomplete or inconsistent messages.- Specified by:
validate
in interfaceValidateable
- Overrides:
validate
in classBaseAuditMessageBuilder<SecurityAlertBuilder>
-
-