论文信息 - Towards Realizing a Self-Protecting Healthcare Information System

Towards Realizing a Self-Protecting Healthcare Information System

Information and communication technologies are widely used in health care. With the development of cloud computing, Healthcare Information Systems (HIS) are adopting mature cloud-based services for Electronic Health Record (EHR) sharing and remote diagnosis while reducing the facility, data and applications maintenance expense. Due to the high value of healthcare data and the limitation of current security solutions, HISs are highly vulnerable and have become new targets of cyber crimes.This paper discusses the current security challenges of HISs, and designs an Autonomic Security Management (ASM) approach, which proactively self-protects a HIS from internal and external attacks. The performance of a HIS is monitored in real time, and potential attacks that may disrupt HIS services are predicted by the intrusion estimation module. We also discuss the functionality and feasibility of intrusion detection systems for detecting known and unknown cyber attacks threatening the confidentiality and integrity of EHRs. The intrusion response system of the ASM approach selects the most appropriate protection mechanisms to recover the compromised HIS back to normal with little or no human intervention.

Jonathan Lambright | Qian Chen

[1] Sherif Abdelwahed,et al. A Model-Based Validated Autonomic Approach to Self-Protect Computing Systems , 2014, IEEE Internet of Things Journal.

[2] Sherif Abdelwahed,et al. A Model-based Approach to Self-Protection in SCADA Systems , 2014, Feedback Computing.

[3] Sherif Abdelwahed,et al. Towards automatic security management: a model-based approach , 2013, CSIIRW '13.

[4] Ronald S. Ross,et al. Guide for Conducting Risk Assessments , 2012 .

[5] Noopur Desai,et al. Impact of Cloud Computing in Healthcare , 2016 .

[6] Cumberland Emergency,et al. Framework for Improving Critical Infrastructure Cybersecurity News From Down Under , 2014 .

[7] Emmanuel Aroms. NIST Special Publication 800-34 Contingency Planning Guide for Federal Information Systems Revision 1 , 2012 .

[8] Gregory A. Witte,et al. Framework for Improving Critical Infrastructure Cybersecurity | NIST , 2014 .

[9] The Ninth Annual HIMSS Leadership Survey. Healthcare Information and Management Systems Society. , 1998, Healthcare informatics : the business magazine for information and communication systems.

[10] Sherif Abdelwahed,et al. An Autonomic Detection and Protection System for Denial of Service Attack , 2012 .

[11] Sherif Abdelwahed,et al. A model-based approach to self-protection in computing system , 2013, CAC.