{"title":"Foundational Security Principles for Medical Application Platforms (Extended Abstract).","authors":"Eugene Y Vasserman, John Hatcliff","doi":"10.1007/978-3-319-05149-9_13","DOIUrl":null,"url":null,"abstract":"<p><p>We describe a preliminary set of security requirements for safe and secure next-generation medical systems, consisting of dynamically composable units, tied together through a real-time safety-critical middleware. We note that this requirement set is not the same for individual (stand-alone) devices or for electronic health record systems, and we must take care to define <i>system-level requirements</i> rather than security goals for components. The requirements themselves build on each other such that it is difficult or impossible to eliminate any one of the requirements and still achieve high-level security goals.</p>","PeriodicalId":90530,"journal":{"name":"Information security applications : 14th International Workshop, WISA 2013, Jeju Island, Korea, August 19-21, 2013 : revised selected papers. WISA (Workshop : Information security) (14th : 2013 : Cheju-do, Korea)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2014-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1007/978-3-319-05149-9_13","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information security applications : 14th International Workshop, WISA 2013, Jeju Island, Korea, August 19-21, 2013 : revised selected papers. WISA (Workshop : Information security) (14th : 2013 : Cheju-do, Korea)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1007/978-3-319-05149-9_13","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8
Abstract
We describe a preliminary set of security requirements for safe and secure next-generation medical systems, consisting of dynamically composable units, tied together through a real-time safety-critical middleware. We note that this requirement set is not the same for individual (stand-alone) devices or for electronic health record systems, and we must take care to define system-level requirements rather than security goals for components. The requirements themselves build on each other such that it is difficult or impossible to eliminate any one of the requirements and still achieve high-level security goals.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
