This paper describes threat identification process for electronic health records systems. Identification of threats is the first step in developing more secure health care applications and it is especially useful if done in the initial phase of the application development. The recent increase in number and severity of attacks on health care applications show, how important is to focus on cyber security. The process of threat identification is explained with three different tools for threat identification: Attack tree diagram, data flow diagram and process flow diagram. Then the three most common threat models are explained in relation with the electronic health records systems: STRIDE, CIA and LINDDUN. The comparison of the three treat identification tools is practically demonstrated on an use case scenario of an electronic health records system which is currently being piloted in Ghana and Indonesia. For data flow diagram, Microsoft Threat Modeling Tool is selected to automatically generate threats using the STRIDE model. Generated threats are then compared to the threats identified manually with the attack tree diagram. The process flow diagram is utilized to visualize users' interactions with the electronic health records system. Based on the identified threats, counter measures are suggested to limit the vulnerabilities of similar electronic health record systems.
CITATION STYLE
Holik, F., Yeng, P., & Fauzi, M. A. (2023). A Comparative Assessment of Threat Identification Methods in EHR Systems. In ACM International Conference Proceeding Series (pp. 529–537). Association for Computing Machinery. https://doi.org/10.1145/3626641.3627493
Mendeley helps you to discover research relevant for your work.