电子健康记录系统的威胁建模。

Threat modeling for electronic health record systems.

机构信息

Computer Engineering Department, King Fahd University of Petroleum and Minerals, Dhahran, Saudi Arabia.

出版信息

J Med Syst. 2012 Oct;36(5):2921-6. doi: 10.1007/s10916-011-9770-6. Epub 2011 Aug 26.

Abstract

The security of electronic health record (EHR) systems is crucial for their growing acceptance. There is a need for assurance that these records are securely protected from attacks. For a system as complex as an EHR system, the number of possible attacks is potentially very large. In this paper, a threat modeling methodology, known as attack tree, is employed to analyze attacks affecting EHR systems. The analysis is based on a proposed generic client-server model of EHR systems. The developed attack tree is discussed along with some system properties that enable quantitative and qualitative analysis. A list of suggested countermeasures are also highlighted.

摘要

电子健康记录 (EHR) 系统的安全性对于其日益被接受至关重要。需要确保这些记录受到安全保护，免受攻击。对于像 EHR 系统这样复杂的系统，可能的攻击数量非常多。在本文中，采用了一种称为攻击树的威胁建模方法来分析影响 EHR 系统的攻击。该分析基于提出的 EHR 系统通用的客户端-服务器模型。讨论了开发的攻击树以及一些使定量和定性分析成为可能的系统属性。还突出显示了一系列建议的对策。

相似文献

Threat modeling for electronic health record systems.

J Med Syst. 2012 Oct;36(5):2921-6. doi: 10.1007/s10916-011-9770-6. Epub 2011 Aug 26.

Risk assessment of integrated electronic health records.

Stud Health Technol Inform. 2010;155:78-84.

Design of Secure Protocol for Cloud-Assisted Electronic Health Record System Using Blockchain.

Sensors (Basel). 2020 May 21;20(10):2913. doi: 10.3390/s20102913.

Using a generalised identity reference model with archetypes to support interoperability of demographics information in electronic health record systems.

Annu Int Conf IEEE Eng Med Biol Soc. 2015;2015:6834-9. doi: 10.1109/EMBC.2015.7319963.

A secure EHR system based on hybrid clouds.

J Med Syst. 2012 Oct;36(5):3375-84. doi: 10.1007/s10916-012-9830-6. Epub 2012 Feb 21.

A study on agent-based secure scheme for electronic medical record system.

J Med Syst. 2012 Jun;36(3):1345-57. doi: 10.1007/s10916-010-9595-8. Epub 2010 Sep 21.

PAX: Using Pseudonymization and Anonymization to Protect Patients' Identities and Data in the Healthcare System.

Int J Environ Res Public Health. 2019 Apr 27;16(9):1490. doi: 10.3390/ijerph16091490.

Applying CHAID algorithm to investigate critical attributes of secured interoperable health data exchange.

Int J Electron Healthc. 2015;8(1):25-50. doi: 10.1504/ijeh.2015.071638.

Protection of electronic health records (EHRs) in cloud.

Annu Int Conf IEEE Eng Med Biol Soc. 2013;2013:4191-4. doi: 10.1109/EMBC.2013.6610469.

Distributed clinical data sharing via dynamic access-control policy transformation.

Int J Med Inform. 2016 May;89:25-31. doi: 10.1016/j.ijmedinf.2016.02.002. Epub 2016 Feb 12.

引用本文的文献

Electronic Health Records: Then, Now, and in the Future.

Yearb Med Inform. 2016 May 20;Suppl 1(Suppl 1):S48-61. doi: 10.15265/IYS-2016-s006.

Securing health sensing using integrated circuit metric.

Sensors (Basel). 2015 Oct 20;15(10):26621-42. doi: 10.3390/s151026621.

本文引用的文献

The Health Record - why is it so hard?

Yearb Med Inform. 2005(1):301-304.

Definition, structure, content, use and impacts of electronic health records: a review of the research literature.

Int J Med Inform. 2008 May;77(5):291-304. doi: 10.1016/j.ijmedinf.2007.09.001. Epub 2007 Oct 22.

Privacy, confidentiality, and electronic medical records.

J Am Med Inform Assoc. 1996 Mar-Apr;3(2):139-48. doi: 10.1136/jamia.1996.96236282.

Clinical system security: interim guidelines.

BMJ. 1996 Jan 13;312(7023):109-11. doi: 10.1136/bmj.312.7023.109.

文献AI研究员

20分钟写一篇综述，助力文献阅读效率提升50倍。

立即体验

用中文搜PubMed

大模型驱动的PubMed中文搜索引擎

马上搜索

文档翻译

学术文献翻译模型，支持多种主流文档格式。

立即体验

电子健康记录系统的威胁建模。

Threat modeling for electronic health record systems.

机构信息

出版信息

相似文献

引用本文的文献

本文引用的文献

文献AI研究员

用中文搜PubMed

文档翻译

Suppr 超能文献

电子健康记录系统的威胁建模。

Threat modeling for electronic health record systems.

机构信息

出版信息

相似文献

引用本文的文献

本文引用的文献