Skip to main content
SpringerLink
Log in

Security analysis and design based on a general conceptual security model and UML

  • Workshop: IEEE EMBS ITIS-ITAB'99
  • Conference paper
  • First Online:
Book cover High-Performance Computing and Networking (HPCN-Europe 1999)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1593))

Included in the following conference series:

Abstract

To facilitate the different users' view for security analysis and design of health care information systems, a toolset has been developed using the nowadays popular UML approach. Paradigm and concepts used are based on the general security model and the concepts-services-mechanisms-algorithms-data scheme developed within the EC “ISHTAR” project. Analysing and systematising real health care scenarios using appropriate UML diagrams, only 7 use case types could be found in both the medical and the security-related view. Therefore, the analysis and design might be simplified by an important degree. The understanding of the approach is facilitated by (incomplete) examples. Based on our generic scheme and with the results described, the security environment needed can be established by sets of such security services and mechanisms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Blobel, B.: Clinical Record Systems in Oncology. Experiences and Developments on Cancer Registries in Eastern Germany. In: Preproceedings of the International Workshop “Personal Information-Security, Engineering and Ethics” pp 37–54, Cambridge, 21–22 June, 1996, also published in: Anderson, R. (edr): Personal Medical Information-Security, Engineering, and Ethics. Springer, Berlin (1997) 39–56

    Google Scholar 

  2. Blobel, B, Bleumer, G., Müller, A., Flikkenschild, E., Ottes, F.: Current Security Issues Faced by Health Care Establishments. Deliverable of the HC1028 Telematics Project ISHTAR, October 1996

    Google Scholar 

  3. Blobel, B. and Pharow, P.: Results of European Projects Improving Security of Distributed Health Information Systems. In: Cesnik, B, McCray, A.T., Scherrer, J.-R. (eds.) MEDINFO '98. IOS Press, Amsterdam, Berlin, Oxford, Tokyo, Washington DC (1998) 1119–1123

    Google Scholar 

  4. Blobel, B., Pharow, P.: Security Infrastructure of an Oncological Network Using Health Professional Cards. In: Broek, L. van den, Sikkel, A.J. (eds.). Health Cards '97. Series in Health Technology and Informatics, Vol. 49. IOS Press, Amsterdam (1997) 323–334

    Google Scholar 

  5. Blobel, B., Pharow, P., Spiegel, V.: Shared Care Information Systems Based on Secure EDI. In: Moorman, P.W., Lei, J. van der, Musen, M.A. (eds.): EPRiMP—The International Working Conference on Electronic Patient Records in Medical Practice. IMIA Working Group 17, Rotterdam (1998) 164–171

    Google Scholar 

  6. Blobel, B., Roger-France, F.: Healthcare Security View Based on the Security Services Concept. ISHTAR Project HC 1028, Deliverable, August 1998

    Google Scholar 

  7. Blobel, B., Roger-France, F., Pharow, P.: A Systematic Approach for Secure Health Information Systems. (submitted to the International Journal of Medical Informatics)

    Google Scholar 

  8. Committee of Ministers: European Recommendation (Draft) No. R(96) of the Committee of Ministers to Member States on the Protection of Medical Data (and Genetic Data). CJ-PD (96). Strasbourg (1997)

    Google Scholar 

  9. Council of Europe: Directive 95/46/EC on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of such Data. Strasbourg (1995)

    Google Scholar 

  10. Laske, C.: Legal Issues in Medical Informatics: A Bird's Eye View. In: Barber, B., Treacher, A. and Louwerse, K. (eds.): Towards Security in Medical Telematics—Legal, and Technical Aspects. Studies in Health Technology and Informatics, Vol. 27, IOS Press, Amsterdam (1995) 53–78

    Google Scholar 

  11. Eriksson, M., Penker, S.: UML Toolkit. Wiley Computer Publishing, New York (1998)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Medical Faculty, Institute of Biometrics and Medical Informatics, University of Magdeburg, Leipziger Str. 44, D-39120, Magdeburg, Germany

    Bernd Blobel & Peter Pharow

  2. Cliniques Universitaires St. Luc, Catholique Université de Louvain, 10 Avenue Hippocrate, Box 3716, B-1200, Brussels, Belgium

    Francis Roger-France

Authors
  1. Bernd Blobel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Peter Pharow
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Francis Roger-France
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Peter Sloot Marian Bubak Alfons Hoekstra Bob Hertzberger

Rights and permissions

Reprints and permissions

Copyright information

© 1999 Springer-Verlag

About this paper

Cite this paper

Blobel, B., Pharow, P., Roger-France, F. (1999). Security analysis and design based on a general conceptual security model and UML. In: Sloot, P., Bubak, M., Hoekstra, A., Hertzberger, B. (eds) High-Performance Computing and Networking. HPCN-Europe 1999. Lecture Notes in Computer Science, vol 1593. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0100652

Download citation

  • DOI: https://doi.org/10.1007/BFb0100652

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-65821-4

  • Online ISBN: 978-3-540-48933-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation