Attack Scenarios for Possible Misuse of Peripheral Parts in the German Health Information Infrastructure
Proceedings of the 12th International Conference on Enterprise Information Systems (ICEIS 2010). Funchal, Madeira - Portugal, 8 - 12 June, 2010. Volume DISI, pp. 229-235
Posted: 29 Sep 2012
Date Written: 2010
Abstract
This paper focuses on functional issues within the peripheral parts of the German health information infrastructure, which compromise security and patient’s information safety or might violate law. Our findings demonstrate that a misuse of existing functionality is possible. With examples and detailed use cases we show that the health infrastructure can be used for more than just ordinary electronic health care services. In order to investigate this evidence from the laboratory, we tested all attack scenarios in a typical German physician’s practice. Furthermore, security measures are provided to overcome the identified threats and questions regarding these issues are discussed.
Keywords: Security Analysis, Electronic Health Card, Health Information Infrastructure
Suggested Citation: Suggested Citation