{"title":"Threat Model for Secure Health Care Data Using EMR, EHR and Health Monitoring Devices","authors":"Ra. Kamalaeswari, V. Ceronmani Sharmila","doi":"10.3233/apc210259","DOIUrl":null,"url":null,"abstract":"The main aim of this project is to propose a threat modeling framework that promotes the security of health care services. The threat model is used to analyze the cyber threats that makes the electronic health monitoring devices vulnerable to a cyber-attack. The model also helps in strengthening the security of the software-based web applications like EMR and EHR used in a health care organization. The information assets are identified and the threat agents are eliminated considering the software, web application and monitoring devices as attack surface. The major goal of this threat model is to analyze and establish the trust boundaries in the OpenEMR that render a secure data transmission. We use a STRIDE threat model and a DFD based approach using the OWASP threat modeling tool. The SIEM tools provide a continuous security methodology to document the process and result.","PeriodicalId":429440,"journal":{"name":"Recent Trends in Intensive Computing","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Recent Trends in Intensive Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3233/apc210259","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The main aim of this project is to propose a threat modeling framework that promotes the security of health care services. The threat model is used to analyze the cyber threats that makes the electronic health monitoring devices vulnerable to a cyber-attack. The model also helps in strengthening the security of the software-based web applications like EMR and EHR used in a health care organization. The information assets are identified and the threat agents are eliminated considering the software, web application and monitoring devices as attack surface. The major goal of this threat model is to analyze and establish the trust boundaries in the OpenEMR that render a secure data transmission. We use a STRIDE threat model and a DFD based approach using the OWASP threat modeling tool. The SIEM tools provide a continuous security methodology to document the process and result.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
