ATNA and syslog

While reading RFC-3915 and the IHE wiki, I discovered that, even if reliable syslog is advertised as the recommended choice for audit trail messages transmissions, only RFC-3164 was used by IHE when doing connectathon:

Due to this limited support for Reliable Syslog we are going to focus Connectathon 2007 on RFC-3164 — BSD Syslog. Although BSD Syslog is based on UDP, and suffers from the packet loss inherit in UDP, there is evidence that this theoretic packet loss problem doesn’t often come up, and when it does the log analysis fails in a deterministic way.

As always with IHE profiles, products may choose to support alternatives beyond the minimum defined by IHE.

See the ATNA FAQ on the IHE wiki.

This is lame: RFC-3164 is unreliable, does not provide authentication, and subject to “man in the middle” attacks.
The ATNA profile is supposed to provide enhanced security/tracking for patient data. Yep, supposed, no enforcement of that specification is done during IHE connectathons: there is no reason for any company to implement the recommended ATNA profile since it is not used !!
You can claim conformance by providing a RFC-3164 implementation. AFAICT this is just marketing stuff – pure business with no value to the patient.

My preferred quote from the wiki:

… the packet loss inherit in UDP, there is evidence that this theoretic packet loss problem doesn’t often come up, and when it does the log analysis fails in a deterministic way.

Is this a joke ? You are supposed to provide an audit trail mechanism for auditing, but guess what: audit trails loss is OK because UDP messages loss is just “theorie”.
yeah … An auditing facility that may loose some audit trails messages on purpose by choosing a lame technologie (well actually UDP is not lame, just its usage as a reliable transport). UDP packet loss is not a theorie, auditing is hard but basing it on an unreliable transport facility is just plain wrong.
I can understand the use of the BSD syslog for legacy app, but this should not be the choice made for IHE connectathons for new or current applications.

Of course this will not improve the patient data access protection/tracking, but who cares ? Not IHE for sure.

Lame, just lame.

Advertisements

About this entry