A threat tree for health information security and privacy

17th Americas Conference on Information Systems 2011, AMCIS 2011

Volumn 5, Issue , 2011, Pages 4104-4111

  Landry, Jeff ^a   Pardue, Harold ^a   Johnsten, Tom ^a   Campbell, Matt ^a   Patidar, Priya ^a  

^a UNIVERSITY OF SOUTH ALABAMA   (United States)

Author keywords

Health information privacy; Information security; Risk assessment; Threat modeling

Indexed keywords

DATA ATTRIBUTES; HEALTH INFORMATIONS; POTENTIAL CONTROL; SECURITY AND PRIVACY; THREAT MODELING;

COMPUTER PRIVACY; FORESTRY; HEALTH CARE; INFORMATION SYSTEMS; RISK ASSESSMENT; RISK MANAGEMENT; SECURITY SYSTEMS;

SECURITY OF DATA;

HEALTH; INFORMATION RETRIEVAL; RISK ASSESSMENT; TREES;

EID: 84870361597     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (11)

1. Appari, A. and Johnson. M. E. (2010) Information security and privacy in healthcare: current state of research, International Journal of Internet and Enterprise Management, 6, 4, 279-314.
2. st ACM International Health Informatics Symposium, November 10-12, 2010, Arlington, VA, 163-172.
3. Johnson, E. (2009) Data hemorrhages in the health-care sector, Financial Cryptography and Data Security, 5628, 71-89.
4. Kotz, D. (2011) A threat taxonomy for mHealth privacy, in Workshop on Networked Healthcare Technology (NetHealth), January 4, 2011, Bangalore, India.
5. Nematzadeh, A. and Camp, L. J. (2010) Threat analysis of online health information system, in Fillia Makedon, Ilias Maglogiannis, and Sarantos Kapidakis (Eds.) Proceedings of the 3rd International Conference on Pervasive Technologies Related to Assistive Environments (PETRA '10), June 23-25, 2010, Samos, Greece, 31, 1-7.
6. Pardue, H., Landry, J., and Yasinsac, A. (2009) A risk assessment model for voting systems using threat trees and Monte Carlo simulation, " First International Workshop on Requirements Engineering for E-voting Systems (RE-Vote), August 31, 2009, Atlanta, GA.
7. Samy, G. N., Ahmad, R., and Ismail, Z. (2010) Security threats categories in healthcare information systems, Health Informatics Journal, 16, 3, 201-209.
8. Shepherd, A. (2010) Negative exposure, For the Record, 22, 11, 10-13; retrieved from http://www.fortherecordmag.com/archives/060710p10.shtml.
9. Stoneburner, G., Goguen, A., and Feringa, A. (2002) Risk Management Guide for Information Technology Systems, Recommendations of the National Institute of Standards and Technology, Special Publication 800-30, Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology, Gaithersburg, MD.
10. Sweeney, L. (2002) k-anonymity: a model for protecting privacy, International Journal on Uncertainty, Fuzziness, and Knowledge-based Systems, 10, 5, 557-570.
11. Whitman, M. (2003) Enemy at the gate, Communications of the ACM, 46, 8, 91-96.