A Threat Table Based Approach to Telemedicine Security

Authors

John C. Pendergrass, University of Illinois at ChicagoFollow
Karen Heart, University of Illinois at ChicagoFollow
C. Ranganathan, University of Illinois at ChicagoFollow
V.N. Venkatakrishnan, University of Illinois at ChicagoFollow

Document Type

Article

Version

publisher_pdf

Publication Date

10-2013

Abstract

Information security within healthcare is paramount and telemedicine applications present unique security challenges. Technology is giving rise to new and advanced telemedicine applications and understanding the security threats to these applications is needed to ensure, among other things, the privacy of patient information. This paper presents a high level analysis of a telemedicine application in order to better understand the security threats to this unique and vulnerable environment. This risk analysis is performed using the concept of threat tables. This case study focuses on the capture and representation of salient security threats in telemedicine. To analyze the security threats to an application, we present a threat modeling framework utilizing a table driven approach. Our analysis reveals that even in a highly controlled environment with static locations, the security risks posed by telemedicine applications are significant, and that using a threat table approach provides an easy-to-use and effective method for managing these threats.

WMU ScholarWorks Citation

Pendergrass, John C.; Heart, Karen; Ranganathan, C.; and Venkatakrishnan, V.N., "A Threat Table Based Approach to Telemedicine Security" (2013). Transactions of the International Conference on Health Information Technology Advancement. 38.
https://scholarworks.wmich.edu/ichita_transactions/38