Cargando…
Risk management-based security evaluation model for telemedicine systems
BACKGROUND: Infectious diseases that can cause epidemics, such as COVID-19, SARS-CoV, and MERS-CoV, constitute a major social issue, with healthcare providers fearing secondary, tertiary, and even quaternary infections. To alleviate this problem, telemedicine is increasingly being viewed as an effec...
| Autores principales: | , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
BioMed Central
2020
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7286211/ https://www.ncbi.nlm.nih.gov/pubmed/32522216 http://dx.doi.org/10.1186/s12911-020-01145-7 |
| _version_ | 1783544833847066624 |
|---|---|
| author | Kim, Dong-won Choi, Jin-young Han, Keun-hee |
| author_facet | Kim, Dong-won Choi, Jin-young Han, Keun-hee |
| author_sort | Kim, Dong-won |
| collection | PubMed |
| description | BACKGROUND: Infectious diseases that can cause epidemics, such as COVID-19, SARS-CoV, and MERS-CoV, constitute a major social issue, with healthcare providers fearing secondary, tertiary, and even quaternary infections. To alleviate this problem, telemedicine is increasingly being viewed as an effective means through which patients can be diagnosed and medications prescribed by doctors via untact Thus, concomitant with developments in information and communication technology (ICT), medical institutions have actively analyzed and applied ICT to medical systems to provide optimal medical services. However, with the convergence of these diverse technologies, various risks and security threats have emerged. To protect patients and improve telemedicine quality for patient safety, it is necessary to analyze these risks and security threats comprehensively and institute appropriate countermeasures. METHODS: The security threats likely to be encountered in each of seven telemedicine service areas were analyzed, and related data were collected directly through on-site surveys by a medical institution. Subsequently, an attack tree, the most popular reliability and risk modeling approach for systematically characterizing the potential risks of telemedicine systems, was examined and utilized with the attack occurrence probability and attack success probability as variables to provide a comprehensive risk assessment method. RESULTS: In this study, the most popular modelling method, an attack tree, was applied to the telemedicine environment, and the security concerns for telemedicine systems were found to be very large. Risk management and evaluation methods suitable for the telemedicine environment were identified, and their benefits and potential limitations were assessed. CONCLUSION: This research should be beneficial to security experts who wish to investigate the impacts of cybersecurity threats on remote healthcare and researchers who wish to identify new modeling opportunities to apply security risk modeling techniques. |
| format | Online Article Text |
| id | pubmed-7286211 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2020 |
| publisher | BioMed Central |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-72862112020-06-11 Risk management-based security evaluation model for telemedicine systems Kim, Dong-won Choi, Jin-young Han, Keun-hee BMC Med Inform Decis Mak Research Article BACKGROUND: Infectious diseases that can cause epidemics, such as COVID-19, SARS-CoV, and MERS-CoV, constitute a major social issue, with healthcare providers fearing secondary, tertiary, and even quaternary infections. To alleviate this problem, telemedicine is increasingly being viewed as an effective means through which patients can be diagnosed and medications prescribed by doctors via untact Thus, concomitant with developments in information and communication technology (ICT), medical institutions have actively analyzed and applied ICT to medical systems to provide optimal medical services. However, with the convergence of these diverse technologies, various risks and security threats have emerged. To protect patients and improve telemedicine quality for patient safety, it is necessary to analyze these risks and security threats comprehensively and institute appropriate countermeasures. METHODS: The security threats likely to be encountered in each of seven telemedicine service areas were analyzed, and related data were collected directly through on-site surveys by a medical institution. Subsequently, an attack tree, the most popular reliability and risk modeling approach for systematically characterizing the potential risks of telemedicine systems, was examined and utilized with the attack occurrence probability and attack success probability as variables to provide a comprehensive risk assessment method. RESULTS: In this study, the most popular modelling method, an attack tree, was applied to the telemedicine environment, and the security concerns for telemedicine systems were found to be very large. Risk management and evaluation methods suitable for the telemedicine environment were identified, and their benefits and potential limitations were assessed. CONCLUSION: This research should be beneficial to security experts who wish to investigate the impacts of cybersecurity threats on remote healthcare and researchers who wish to identify new modeling opportunities to apply security risk modeling techniques. BioMed Central 2020-06-10 /pmc/articles/PMC7286211/ /pubmed/32522216 http://dx.doi.org/10.1186/s12911-020-01145-7 Text en © The Author(s) 2020 Open AccessThis article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/. The Creative Commons Public Domain Dedication waiver (http://creativecommons.org/publicdomain/zero/1.0/) applies to the data made available in this article, unless otherwise stated in a credit line to the data. |
| spellingShingle | Research Article Kim, Dong-won Choi, Jin-young Han, Keun-hee Risk management-based security evaluation model for telemedicine systems |
| title | Risk management-based security evaluation model for telemedicine systems |
| title_full | Risk management-based security evaluation model for telemedicine systems |
| title_fullStr | Risk management-based security evaluation model for telemedicine systems |
| title_full_unstemmed | Risk management-based security evaluation model for telemedicine systems |
| title_short | Risk management-based security evaluation model for telemedicine systems |
| title_sort | risk management-based security evaluation model for telemedicine systems |
| topic | Research Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7286211/ https://www.ncbi.nlm.nih.gov/pubmed/32522216 http://dx.doi.org/10.1186/s12911-020-01145-7 |
| work_keys_str_mv | AT kimdongwon riskmanagementbasedsecurityevaluationmodelfortelemedicinesystems AT choijinyoung riskmanagementbasedsecurityevaluationmodelfortelemedicinesystems AT hankeunhee riskmanagementbasedsecurityevaluationmodelfortelemedicinesystems |