Protection of Information in Telecommunication Medical Systems based on a Risk-Oriented Approach

Шевченко, Світлана Миколаївна and Жданова, Юлія Дмитрівна and Дрейс, Юрій Олександрович and Киричок, Роман Васильович and Цирканюк, Діана Андріївна (2023) Protection of Information in Telecommunication Medical Systems based on a Risk-Oriented Approach CEUR Workshop Proceedings. 2023. (3421). pp. 158-167. ISSN 1613-0073

[thumbnail of S_Shevchenko_Y_Zhdanova_R_Kyrychok_ D_Tsyrkaniuk_ta_in_CEUR_3421_FITM.pdf]

Text
S_Shevchenko_Y_Zhdanova_R_Kyrychok_ D_Tsyrkaniuk_ta_in_CEUR_3421_FITM.pdf
Download (862kB)

Official URL: https://ceur-ws.org/Vol-3421/paper16.pdf

Abstract

The changes brought by informatization to society have a qualitative effect on the process of modernization of medical care. At the same time, the digitization of big data in healthcare creates numerous risks from the point of view of ensuring the confidentiality, integrity, and availability of information. Inadequate security is due to both objective and subjective reasons. Among them: are the lack of a sufficient number of qualified specialists in the field of information protection; budget restrictions; software conflict; lack of training in information security rules and skills of medical personnel; non-compliance with traditional cyber security practices; legal and ethical issues related to patient data. Determining the minimum and maximum possible degrees of risk of security breaches in information and telecommunication medical systems is the key to ensuring the protection of medical information. This confirms the significance and timeliness of this research, which is based on a risk-oriented approach. The analysis of the scientific literature, having allowed the designation of the components, is how the information-telecommunication system and the links between them are put together. For each asset, the source of the threat, the threat itself, and the variants of reaction to it are identified. The following violations are most common: theft of the patient’s medical information (confidentiality threats); modification of the patient’s medical information (threats to integrity); failure of individual components of the medical system (availability threat). A graphic and quantitative approach to the assessment of information security risks and methods and means of processing these risks are proposed. This study can serve cyber security specialists for modeling information protection in medical systems and be used in the educational process of students of 125 Cyber Security specialties.

Item Type:	Article
Uncontrolled Keywords:	Information risks; risk-oriented approach; risk management; information-telecommunication medical system, telemedicine; threats; vulnerabilities
Subjects:	Це архівна тематика Київського університету імені Бориса Грінченка > Статті у наукометричних базах > Scopus
Divisions:	Це архівні підрозділи Київського університету імені Бориса Грінченка > Факультет інформаційних технологій та математики > Кафедра інформаційної та кібернетичної безпеки імені професора Володимира Бурячка
Depositing User:	Ю. Д. Жданова
Date Deposited:	17 Jul 2023 11:58
Last Modified:	17 Jul 2023 11:58
URI:	https://elibrary.kubg.edu.ua/id/eprint/45684

Actions (login required)

View Item