Assurance: the power behind PCASSO security
نویسندگان
چکیده
The need for security protection in Internet-based healthcare applications is generally acknowledged. Most healthcare applications that use the Internet have at least implemented some kind of encryption. Most applications also enforce user authentication and access control policies, and many audit user actions. However, most fall short on providing strong assurances that the security mechanisms are behaving as expected and that they cannot be subverted. While no system can claim to be totally "bulletproof," PCASSO provides assurance of correct operation through formal, disciplined design and development methodologies, as well as through functional and penetration testing. Through its security mechanisms, backed by strong system assurances, PCASSO is demonstrating "safe" use of public data networks for health care.
منابع مشابه
Protecting clinical data on Web client computers: the PCASSO approach
The ubiquity and ease of use of the Web have made it an increasingly popular medium for communication of health-related information. Web interfaces to commercially available clinical information systems are now available or under development by most major vendors. To the extent that such interfaces involve the use of unprotected operating systems, they are vulnerable to security limitations of ...
متن کاملPatient-Centered Access to Secure Systems Online (PCASSO): a secure approach to clinical data access via the World Wide Web
The Internet's World-Wide Web (WWW) provides an appealing medium for the communication of health related information due to its ease of use and growing popularity. But current technologies for communicating data between WWW clients and servers are systematically vulnerable to certain types of security threats. Prominent among these threats are "Trojan horse" programs running on client workstati...
متن کاملResearch Paper: Giving Patients Access to Their Medical Records via the Internet: The PCASSO Experience
OBJECTIVE The Patient-Centered Access to Secure Systems Online (PCASSO) project is designed to apply state-of-the-art-security to the communication of clinical information over the Internet. DESIGN The authors report the legal and regulatory issues associated with deploying the system, and results of its use by providers and patients. Human subject protection concerns raised by the Institutio...
متن کاملPCASSO: Applying and Extending State-of-the-Art Security in the Healthcare Domain
As healthcare enters the age of technology and Internet access, new challenges emerge, particularly with respect to the protection of patient privacy and the protection of highly sensitive and life-critical information. By bringing state-of-the-art security technology to the healthcare domain, PCASSO is setting a new standard in healthcare protection and patient empowerment, as well as making s...
متن کاملA Methodology for Security Assurance Driven Development
In this work we introduce an assurance methodology that integrates assurance case creation with system development. It has been developed in order to provide trust and privacy assurance to the evolving European project PICOS (Privacy and Identity Management for Community Services), an international research project focused on mobile communities and community-supporting services, with special em...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Proceedings. AMIA Symposium
دوره شماره
صفحات -
تاریخ انتشار 1999