Abstract
To facilitate the different users' view for security analysis and design of health care information systems, a toolset has been developed using the nowadays popular UML approach. Paradigm and concepts used are based on the general security model and the concepts-services-mechanisms-algorithms-data scheme developed within the EC “ISHTAR” project. Analysing and systematising real health care scenarios using appropriate UML diagrams, only 7 use case types could be found in both the medical and the security-related view. Therefore, the analysis and design might be simplified by an important degree. The understanding of the approach is facilitated by (incomplete) examples. Based on our generic scheme and with the results described, the security environment needed can be established by sets of such security services and mechanisms.
Preview
Unable to display preview. Download preview PDF.
References
Blobel, B.: Clinical Record Systems in Oncology. Experiences and Developments on Cancer Registries in Eastern Germany. In: Preproceedings of the International Workshop “Personal Information-Security, Engineering and Ethics” pp 37–54, Cambridge, 21–22 June, 1996, also published in: Anderson, R. (edr): Personal Medical Information-Security, Engineering, and Ethics. Springer, Berlin (1997) 39–56
Blobel, B, Bleumer, G., Müller, A., Flikkenschild, E., Ottes, F.: Current Security Issues Faced by Health Care Establishments. Deliverable of the HC1028 Telematics Project ISHTAR, October 1996
Blobel, B. and Pharow, P.: Results of European Projects Improving Security of Distributed Health Information Systems. In: Cesnik, B, McCray, A.T., Scherrer, J.-R. (eds.) MEDINFO '98. IOS Press, Amsterdam, Berlin, Oxford, Tokyo, Washington DC (1998) 1119–1123
Blobel, B., Pharow, P.: Security Infrastructure of an Oncological Network Using Health Professional Cards. In: Broek, L. van den, Sikkel, A.J. (eds.). Health Cards '97. Series in Health Technology and Informatics, Vol. 49. IOS Press, Amsterdam (1997) 323–334
Blobel, B., Pharow, P., Spiegel, V.: Shared Care Information Systems Based on Secure EDI. In: Moorman, P.W., Lei, J. van der, Musen, M.A. (eds.): EPRiMP—The International Working Conference on Electronic Patient Records in Medical Practice. IMIA Working Group 17, Rotterdam (1998) 164–171
Blobel, B., Roger-France, F.: Healthcare Security View Based on the Security Services Concept. ISHTAR Project HC 1028, Deliverable, August 1998
Blobel, B., Roger-France, F., Pharow, P.: A Systematic Approach for Secure Health Information Systems. (submitted to the International Journal of Medical Informatics)
Committee of Ministers: European Recommendation (Draft) No. R(96) of the Committee of Ministers to Member States on the Protection of Medical Data (and Genetic Data). CJ-PD (96). Strasbourg (1997)
Council of Europe: Directive 95/46/EC on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of such Data. Strasbourg (1995)
Laske, C.: Legal Issues in Medical Informatics: A Bird's Eye View. In: Barber, B., Treacher, A. and Louwerse, K. (eds.): Towards Security in Medical Telematics—Legal, and Technical Aspects. Studies in Health Technology and Informatics, Vol. 27, IOS Press, Amsterdam (1995) 53–78
Eriksson, M., Penker, S.: UML Toolkit. Wiley Computer Publishing, New York (1998)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1999 Springer-Verlag
About this paper
Cite this paper
Blobel, B., Pharow, P., Roger-France, F. (1999). Security analysis and design based on a general conceptual security model and UML. In: Sloot, P., Bubak, M., Hoekstra, A., Hertzberger, B. (eds) High-Performance Computing and Networking. HPCN-Europe 1999. Lecture Notes in Computer Science, vol 1593. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0100652
Download citation
DOI: https://doi.org/10.1007/BFb0100652
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65821-4
Online ISBN: 978-3-540-48933-7
eBook Packages: Springer Book Archive