Threat Modeling for Electronic Health Record Systems

被引：0

作者：

Ahmad Almulhem

机构：

[1] King Fahd University of Petroleum and Minerals (KFUPM),Computer Engineering Department

来源：

Journal of Medical Systems | 2012年 / 36卷

关键词：

Electronic health record; EHR; Electronic medical record; EMR; Attack tree; Threat model;

D O I：

暂无

中图分类号：

学科分类号：

摘要：

The security of electronic health record (EHR) systems is crucial for their growing acceptance. There is a need for assurance that these records are securely protected from attacks. For a system as complex as an EHR system, the number of possible attacks is potentially very large. In this paper, a threat modeling methodology, known as attack tree, is employed to analyze attacks affecting EHR systems. The analysis is based on a proposed generic client-server model of EHR systems. The developed attack tree is discussed along with some system properties that enable quantitative and qualitative analysis. A list of suggested countermeasures are also highlighted.

引用

页码：2921 / 2926

页数：5

共 13 条

[1] Hyrinen K(2008)Definition, structure, content, use and impacts of electronic health records: a review of the research literature Int. J. Med. Inform. 77 291-304
[2] Saranto K(1996)Clinical system security: interim guidelines Br. Med. J. 312 109-111
[3] Nyknen P(1996)Privacy, Confidentiality, and Electronic medical records J. Am. Med. Inform. Assoc. 3 139-148
[4] Anderson R.(2005)A survey and analysis of electronic healthcare record standards ACM Comput. Surv. 37 277-315
[5] Barrows RC(2011)Evolution of electronic medical record solutions Fujitsu Sci. Tech. J. 47 19-27
[6] Clayton PD(2010)Attacks against ssl Linux Magazine 112 60-61
[7] Eichelberg M(undefined)undefined undefined undefined undefined-undefined
[8] Aden T(undefined)undefined undefined undefined undefined-undefined
[9] Riesmeier J(undefined)undefined undefined undefined undefined-undefined
[10] Dogac A(undefined)undefined undefined undefined undefined-undefined

← 1 2 →