Risk management-based security evaluation model for telemedicine systems
- Authors
- Kim, Dong-won; Choi, Jin-young; Han, Keun-hee
- Issue Date
- 10-6월-2020
- Publisher
- BMC
- Keywords
- Telemedicine security; Medical information security; Smart medical security; Telecare security
- Citation
- BMC MEDICAL INFORMATICS AND DECISION MAKING, v.20, no.1
- Indexed
- SCIE
SCOPUS
- Journal Title
- BMC MEDICAL INFORMATICS AND DECISION MAKING
- Volume
- 20
- Number
- 1
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/55033
- DOI
- 10.1186/s12911-020-01145-7
- ISSN
- 1472-6947
- Abstract
- Background Infectious diseases that can cause epidemics, such as COVID-19, SARS-CoV, and MERS-CoV, constitute a major social issue, with healthcare providers fearing secondary, tertiary, and even quaternary infections. To alleviate this problem, telemedicine is increasingly being viewed as an effective means through which patients can be diagnosed and medications prescribed by doctors via untact Thus, concomitant with developments in information and communication technology (ICT), medical institutions have actively analyzed and applied ICT to medical systems to provide optimal medical services. However, with the convergence of these diverse technologies, various risks and security threats have emerged. To protect patients and improve telemedicine quality for patient safety, it is necessary to analyze these risks and security threats comprehensively and institute appropriate countermeasures. Methods The security threats likely to be encountered in each of seven telemedicine service areas were analyzed, and related data were collected directly through on-site surveys by a medical institution. Subsequently, an attack tree, the most popular reliability and risk modeling approach for systematically characterizing the potential risks of telemedicine systems, was examined and utilized with the attack occurrence probability and attack success probability as variables to provide a comprehensive risk assessment method. Results In this study, the most popular modelling method, an attack tree, was applied to the telemedicine environment, and the security concerns for telemedicine systems were found to be very large. Risk management and evaluation methods suitable for the telemedicine environment were identified, and their benefits and potential limitations were assessed. Conclusion This research should be beneficial to security experts who wish to investigate the impacts of cybersecurity threats on remote healthcare and researchers who wish to identify new modeling opportunities to apply security risk modeling techniques.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.