Skip to main content
Springer Nature Link
Log in

Dependability Requirements and Security Architectures for the Healthcare/Medical Sector

  • Conference paper
  • First Online:
Computer Safety, Reliability and Security (SAFECOMP 1999)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1698))

Included in the following conference series:

  • 877 Accesses

Abstract

Firstly the legal and technical aspects of the healthcare area are introduced from a general dependability viewpoint, to clarify the global approach of this article. Then are detailed those main security properties mostly required by any healthcare information system including responsibility. A focus is proposed on different aspects of the confidentiality property. A classification of the generic TTP concept is then detailed with legal and technical considerations and three forms and variants of such TTPs are distinguished. Anonymisation techniques are described that can be applied for privacy requirements that can be expressed by the healthcare area and reusable by any other sector. After some recommendations on the interoperability of such TTP architectures, it is extracted, from all these theoretical concepts and some mentioned applied projects of the healthcare sector, a framework for a global approach towards more secure and more dependable health information systems and exchanges.

This article is derived from the theoretical activity held by the author at AFNOR and from the applied work handled by CESSI within various projects on dependability and security involving CNAMTS.

European expert at CEN/TC251/WGiii (Working Group III: “Security/Safety/Quality”) and french convenor of the AFNOR’s ad hoc working group on “Healthcare / Security”.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

Bibliography

  1. L’anonymisation: autour et alentours”, AFNOR, G. Trouessin, Sept. 1998.

    Google Scholar 

  2. La tenue du dossier médical en médecine générale”, ANDEM, Sept. 1996.

    Google Scholar 

  3. Chaînage des informations individuelles se rapportant à un même bénéficiaire et reconstitution des séquences de soins”, CNAMTS, Nov. 1997 (diffusion restreinte).

    Google Scholar 

  4. Towards a European Framework for Digital Signatre and encryption”, COM(97) 503, European commission (European parliement, economic social committee and regions committee).

    Google Scholar 

  5. Les nouveaux tiers de confiance dans les échanges électroniques”, Ialta, Nov. 1998.

    Google Scholar 

  6. L’identifiant Permanent du Patient dans les systémes d’information de santé: orientations et propositions”, Direction des Hôpitaux, C. Attali, Mai 1997 (diffusion restreinte).

    Google Scholar 

  7. L’identifiant Permanent du Patient dans les systémes d’information de santé”, Direction des Hôpitaux, G. Weil, Dec. 1998 (restricted broadcast).

    Google Scholar 

  8. Information Technology Security Evaluation Criteria (ITSEC)”, ISBN 92-826-3004-8, Office for Official Publications of the European Communities, L-2985 Luxembourg, 1991.

    Google Scholar 

  9. Guide de la Sûreté de Fonctionnement”, J. C. Laprie (Ed.) 2° ed., 324 P., ISBN2-85428-341-4, Cépadués Ed., Toulouse, France, 1995.

    Google Scholar 

  10. Licensing of trusted third parties for the provision of encryption services”, Minister for Science & Technology, I. Taylor, March 1997.

    Google Scholar 

  11. Minimum Interoperability Specification for PKI Components (v1)”, NIST, Jan. 1998.

    Google Scholar 

  12. Etude formelle de l’interopérabilité de politiques de sécurité”, F. Cuppens & C. Saurel, ONERA/DTIM, Jul. 1998 (restricted).

    Google Scholar 

  13. La tierce partie de confiance”, CESSI/CNAMTS, Déc. 1996 (document de travail).

    Google Scholar 

  14. Cahier des charges de la TPC Santé/FRANCE”, GIP ‘CPS’-CESSI/CNAMTS, 1998.

    Google Scholar 

  15. Combining TTP-based key mangement with key escrow”, Information Security Group, N. Jefferis, C. Mitchell & M. Walker, Apr. 1996.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CNAMTS / CESSI, 14, place St-Etienne, 31000, Toulouse, France

    Gilles Trouessin

Authors
  1. Gilles Trouessin
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. ENEA (sp 088), Via Anguillarese, 301, I-00060, Roma, Italy

    Massimo Felici

  2. LAAS-CNRS, 7, Avenue du Colonel Roche, F-31077, Toulouse Cedex 4, France

    Karama Kanoun

Rights and permissions

Reprints and permissions

Copyright information

© 1999 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Trouessin, G. (1999). Dependability Requirements and Security Architectures for the Healthcare/Medical Sector. In: Felici, M., Kanoun, K. (eds) Computer Safety, Reliability and Security. SAFECOMP 1999. Lecture Notes in Computer Science, vol 1698. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48249-0_38

Download citation

  • DOI: https://doi.org/10.1007/3-540-48249-0_38

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-66488-8

  • Online ISBN: 978-3-540-48249-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics