Class SecurityAlertBuilder
- java.lang.Object
-
- org.openehealth.ipf.commons.audit.event.BaseAuditMessageBuilder<SecurityAlertBuilder>
-
- org.openehealth.ipf.commons.audit.event.SecurityAlertBuilder
-
- All Implemented Interfaces:
AuditMessageBuilder<SecurityAlertBuilder>,Validateable
public class SecurityAlertBuilder extends BaseAuditMessageBuilder<SecurityAlertBuilder>
Builds an Audit Event representing a Security Alert event as specified in http://dicom.nema.org/medical/dicom/current/output/html/part15.html#sect_A.5.3.11This message describes any event for which a node needs to report a security alert, e.g., a node authentication failure when establishing a secure communications channel.
The Node Authentication event can be used to report both successes and failures. If reporting of success is done, this could generate a very large number of audit messages, since every authenticated DICOM association, HL7 transaction, and HTML connection should result in a successful node authentication. It is expected that in most situations only the failures will be reported.
- Since:
- 3.5
- Author:
- Christian Ohr
-
-
Constructor Summary
Constructors Constructor Description SecurityAlertBuilder(EventOutcomeIndicator outcome, String eventOutcomeDescription, EventType eventType)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description SecurityAlertBuilderaddAlertNodeSubjectParticipantObject(String node, ParticipantObjectTypeCodeRole role, String reason)SecurityAlertBuilderaddAlertUriSubjectParticipantObject(String uri, ParticipantObjectTypeCodeRole role, String reason)SecurityAlertBuilderaddPerformingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId)SecurityAlertBuilderaddReportingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId, boolean userIsRequestor)voidvalidate()Validates the constructed audit message against the specification, because API does not completely prevent constructing incomplete or inconsistent messages.-
Methods inherited from class org.openehealth.ipf.commons.audit.event.BaseAuditMessageBuilder
addActiveParticipant, addActiveParticipant, addActiveParticipant, addDestinationActiveParticipant, addParticipantObjectIdentification, addParticipantObjectIdentification, addParticipantObjectIdentification, addPatientParticipantObject, addSourceActiveParticipant, addStudyParticipantObject, getMessage, getNetworkAccessPointCodeFromAddress, setAuditSource, setAuditSource, setAuditSource, setAuditSource, setAuditSourceIdentification, setAuditSourceIdentification, setAuditSourceIdentification, setEventIdentification, setEventIdentification
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.openehealth.ipf.commons.audit.event.AuditMessageBuilder
getMessages, getTypeValuePair, getTypeValuePair, getTypeValuePair, getTypeValuePair, self
-
-
-
-
Constructor Detail
-
SecurityAlertBuilder
public SecurityAlertBuilder(EventOutcomeIndicator outcome, String eventOutcomeDescription, EventType eventType)
- Parameters:
outcome- Success implies an informative alert. The other failure values imply warning codes that indicate the severity of the alert. A Minor or Serious failure indicates that mitigation efforts were effective in maintaining system security. A Major failure indicates that mitigation efforts may not have been effective, and that the security system may have been compromised.eventType- event type
-
-
Method Detail
-
addReportingActiveParticipant
public SecurityAlertBuilder addReportingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId, boolean userIsRequestor)
- Parameters:
userId- UserIDaltUserId- Alternate UserIDuserName- UserNamenetworkId- Network Access Point IDuserIsRequestor- Whether the destination participant represents the requestor (i.e. pull request)- Returns:
- this
-
addPerformingActiveParticipant
public SecurityAlertBuilder addPerformingActiveParticipant(String userId, String altUserId, String userName, ActiveParticipantRoleId roleId, String networkId)
- Parameters:
userId- UserIDaltUserId- Alternate UserIDuserName- UserNamenetworkId- Network Access Point ID- Returns:
- this
-
addAlertNodeSubjectParticipantObject
public SecurityAlertBuilder addAlertNodeSubjectParticipantObject(String node, ParticipantObjectTypeCodeRole role, String reason)
- Parameters:
node- the identity of the node that is the subject of the alert either in the form ofnode_name@domain_nameor as an IP addressrole-ParticipantObjectTypeCodeRole.MasterFileorParticipantObjectTypeCodeRole.SecurityResourcereason- free text description of the nature of the alert as the value- Returns:
- this
-
addAlertUriSubjectParticipantObject
public SecurityAlertBuilder addAlertUriSubjectParticipantObject(String uri, ParticipantObjectTypeCodeRole role, String reason)
- Parameters:
uri- the URI of the file or other resource that is the subject of the alertrole-ParticipantObjectTypeCodeRole.MasterFileorParticipantObjectTypeCodeRole.SecurityResourcereason- free text description of the nature of the alert as the value- Returns:
- this
-
validate
public void validate()
Description copied from interface:ValidateableValidates the constructed audit message against the specification, because API does not completely prevent constructing incomplete or inconsistent messages.- Specified by:
validatein interfaceValidateable- Overrides:
validatein classBaseAuditMessageBuilder<SecurityAlertBuilder>
-
-