related to threat modelling about STRIDE for Electronic Health Record of medical
patients, which captures the attacks against the security of EHS is vital due
to growing acceptance, therefore need an assurance that data generated was
protected from hackers. So, in this study the threat security model for the
Electronic Health System was proposed from identified threads. Based on this
threats measures are taken for the authorization control. This procedure
involves STRIDE threat modelling tool to identify the threats with respect to
the risk. (Techtarget, 2016)The threats faced by EHS will result in
disclosure of health data privately.
The application of information
technology has modelled the threat evaluation using Bayesian network approach.
Proposed a goal to a defended asset to parameters intent and to the capability.
The authors focused on outsider threats posed by the weapons and also presented
the research on automated systems for managing patient information to avoid
inaccurate report and the time waste in storing, retrieving information, The
other proposed system was a quantitative methodology to rank the threats in a
cloud environment using STRIDE (spoofing, tampering, repudiation, Information
disclosure, Denial and Elevation) -which is a study for identification of threats. (J.Brewer,
The study has revealed a SDN- STRIDE
threats, by applying this they have come up with a generic SDN concepts basis
for the design of a secure SDN architecture, presented the development of a
secure clinical diagnostic systems for delivery of medical services to patient in
academic environment. To identify the threats for EHS system three essential
steps are followed
assets of EHS-For EHS the assets include system with various hardware and
software components that allow it to function and actors that interact with the
system, Various (Tripathi, 2016) actors interact with
EHS to generate different types of data to their department. Fig1 S. (Kumar and
B. K. Tripathi)
access points- Open sockets, screens, configuration files are examples of
access points on systems. Up on recognition it is very important to define the
boundaries of the access points, connection to trust boundaries are trust
threats- Threats re born out of weakness, Threats are identified by a
systematic review of assets and access points a premise. which is done using
the STRIDE model by considering threats to system security.
papers explanation with different threats model for the EHS through the STRIDE
model helps possible way of identification of threats, and possible counter
measures to authentication and authorization control threats on the system.
F. SWIDERSKI and
w. Snyder. Threat Modelling
S. S. Techtarget,
“definition of Threat Modelling”, ed ,2016
S. Kumar and B. K.
Tripathi,” Modelling of Threat Evaluation for Dynamic targets using Bayesian
Network Approach,” Procedia Technology, vol.24, pp. 1268-1275, //2016.
V. Garg and J.
Brewer, “Telemedicine security: a systematic review,” Journal of
diabetes science and technology, vol. 5, pp. 768-777, 2011.