Abstract
Abstract
Background
Infectious diseases that can cause epidemics, such as COVID-19, SARS-CoV, and MERS-CoV, constitute a major social issue, with healthcare providers fearing secondary, tertiary, and even quaternary infections. To alleviate this problem, telemedicine is increasingly being viewed as an effective means through which patients can be diagnosed and medications prescribed by doctors via untact Thus, concomitant with developments in information and communication technology (ICT), medical institutions have actively analyzed and applied ICT to medical systems to provide optimal medical services. However, with the convergence of these diverse technologies, various risks and security threats have emerged. To protect patients and improve telemedicine quality for patient safety, it is necessary to analyze these risks and security threats comprehensively and institute appropriate countermeasures.
Methods
The security threats likely to be encountered in each of seven telemedicine service areas were analyzed, and related data were collected directly through on-site surveys by a medical institution. Subsequently, an attack tree, the most popular reliability and risk modeling approach for systematically characterizing the potential risks of telemedicine systems, was examined and utilized with the attack occurrence probability and attack success probability as variables to provide a comprehensive risk assessment method.
Results
In this study, the most popular modelling method, an attack tree, was applied to the telemedicine environment, and the security concerns for telemedicine systems were found to be very large. Risk management and evaluation methods suitable for the telemedicine environment were identified, and their benefits and potential limitations were assessed.
Conclusion
This research should be beneficial to security experts who wish to investigate the impacts of cybersecurity threats on remote healthcare and researchers who wish to identify new modeling opportunities to apply security risk modeling techniques.
Funder
Korea Health Technology R&D Project through the Korea Health Industry Development Institute (KHIDI), funded by the Ministry of Health & Welfare, Republic of Korea
Publisher
Springer Science and Business Media LLC
Subject
Health Informatics,Health Policy,Computer Science Applications
Reference64 articles.
1. Shaikh A, Memon M, Memon N, Misbahuddin M. The role of service oriented architecture in telemedicine healthcare system. In: International Conference on Complex, Intelligent and Software Intensive Systems. Fukuoka; 2009. p. 208–14. https://doi.org/10.1109/cisis.2009.181.
2. Naked security by SOPHOS. Doctors disabled wireless in Dick Cheney’s pacemaker to thwart hacking. Available from: https://nakedsecurity.sophos.com/2013/10/22/doctors-disabled-wireless-in-dick-cheneys-pacemaker-to-thwart-hacking/. Accessed 5 Jan 2020.
3. Food and Drug Administration. Postmarket management of cybersecurity in medical devices. Silver Spring: Food and Drug Administration; 2016.
4. Paul N, Kohno T, Klonoff DC. A review of the security of insulin pump infusion systems. J Diabetes Sci Technol. 2011;5:1557–62. https://doi.org/10.1177/193229681100500632.
5. Ray I, Poolsapassit N. Using attack trees to identify malicious attacks from authorized insiders. In: di Vimercati SC, Syverson P, Gollmann D, editors. Computer security – ESORICS 2005. ESORICS 2005. Lecture notes in computer science, vol. 3679. Berlin: Springer; 2005. p. 231–46. https://doi.org/10.1007/11555827_14.
Cited by
42 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献