{"title":"医疗信息系统中信息安全实际威胁的确定方法","authors":"V. Maystrenko, O. A. Bezrodnykh, R. A. Dorokhin","doi":"10.25206/1813-8225-2021-179-74-79","DOIUrl":null,"url":null,"abstract":"In this article based on the processing of statistical data from various electronic resources the most frequent types of threats to information security (UBI) for medical information systems (MIS) are identified and their classification is carried out. The issues of determining the actual UBI when creating MIS that process personal data using a specific technology of expert assessment are considered. The proposed methodology for determining actual threats to information security for MIS, in comparison with those used, eliminates subjective assessments that are a characteristic feature of traditional expert assessments. Its use also makes it possible to assess the relevance of information security threats for MIS that do not have qualified specialists in the field of information security in the staff of a medical institution, which is relevant for a large number of medical institutions. The authors investigate the practical possibilities of using the theory of fuzzy sets and fuzzy logic in determining the actual UBI for MIS for various purposes.","PeriodicalId":107042,"journal":{"name":"Omsk Scientific Bulletin","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Methodology for determining actual threats to information security in medical information system\",\"authors\":\"V. Maystrenko, O. A. Bezrodnykh, R. A. Dorokhin\",\"doi\":\"10.25206/1813-8225-2021-179-74-79\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this article based on the processing of statistical data from various electronic resources the most frequent types of threats to information security (UBI) for medical information systems (MIS) are identified and their classification is carried out. The issues of determining the actual UBI when creating MIS that process personal data using a specific technology of expert assessment are considered. The proposed methodology for determining actual threats to information security for MIS, in comparison with those used, eliminates subjective assessments that are a characteristic feature of traditional expert assessments. Its use also makes it possible to assess the relevance of information security threats for MIS that do not have qualified specialists in the field of information security in the staff of a medical institution, which is relevant for a large number of medical institutions. The authors investigate the practical possibilities of using the theory of fuzzy sets and fuzzy logic in determining the actual UBI for MIS for various purposes.\",\"PeriodicalId\":107042,\"journal\":{\"name\":\"Omsk Scientific Bulletin\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Omsk Scientific Bulletin\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.25206/1813-8225-2021-179-74-79\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Omsk Scientific Bulletin","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.25206/1813-8225-2021-179-74-79","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Methodology for determining actual threats to information security in medical information system
In this article based on the processing of statistical data from various electronic resources the most frequent types of threats to information security (UBI) for medical information systems (MIS) are identified and their classification is carried out. The issues of determining the actual UBI when creating MIS that process personal data using a specific technology of expert assessment are considered. The proposed methodology for determining actual threats to information security for MIS, in comparison with those used, eliminates subjective assessments that are a characteristic feature of traditional expert assessments. Its use also makes it possible to assess the relevance of information security threats for MIS that do not have qualified specialists in the field of information security in the staff of a medical institution, which is relevant for a large number of medical institutions. The authors investigate the practical possibilities of using the theory of fuzzy sets and fuzzy logic in determining the actual UBI for MIS for various purposes.