Attack scenarios for possible misuse of peripheral parts in the German health information infrastructure

Ali Sunyaev; Alexander Kaletsch; Sebastian Dünnebeil; Helmut Krcmar

Attack scenarios for possible misuse of peripheral parts in the German health information infrastructure

Ali Sunyaev, Alexander Kaletsch, Sebastian Dünnebeil, Helmut Krcmar

Informatics 17 - Chair of Information Systems and Business Process Management

Technical University of Munich

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

This paper focuses on functional issues within the peripheral parts of the German health information infrastructure, which compromise security and patient's information safety or might violate law. Our findings demonstrate that a misuse of existing functionality is possible. With examples and detailed use cases we show that the health infrastructure can be used for more than just ordinary electronic health care services. In order to investigate this evidence from the laboratory, we tested all attack scenarios in a typical German physician's practice. Furthermore, security measures are provided to overcome the identified threats and questions regarding these issues are discussed.

Original language	English
Title of host publication	ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems
Pages	229-235
Number of pages	7
State	Published - 2010
Event	12th International Conference on Enterprise Information Systems, ICEIS 2010 - Funchal, Portugal Duration: 8 Jun 2010 → 12 Jun 2010

Publication series

Name	ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems
Volume	1 DISI

Conference

Conference	12th International Conference on Enterprise Information Systems, ICEIS 2010
Country/Territory	Portugal
City	Funchal
Period	8/06/10 → 12/06/10

Keywords

Electronic health card
Health information infrastructure
Security analysis

Cite this

Sunyaev, A., Kaletsch, A., Dünnebeil, S., & Krcmar, H. (2010). Attack scenarios for possible misuse of peripheral parts in the German health information infrastructure. In ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems (pp. 229-235). (ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems; Vol. 1 DISI).

Sunyaev, Ali ; Kaletsch, Alexander ; Dünnebeil, Sebastian et al. / Attack scenarios for possible misuse of peripheral parts in the German health information infrastructure. ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems. 2010. pp. 229-235 (ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems).

@inproceedings{2b13d2266e6c4379bb94b98b4aec1e4f,

title = "Attack scenarios for possible misuse of peripheral parts in the German health information infrastructure",

abstract = "This paper focuses on functional issues within the peripheral parts of the German health information infrastructure, which compromise security and patient's information safety or might violate law. Our findings demonstrate that a misuse of existing functionality is possible. With examples and detailed use cases we show that the health infrastructure can be used for more than just ordinary electronic health care services. In order to investigate this evidence from the laboratory, we tested all attack scenarios in a typical German physician's practice. Furthermore, security measures are provided to overcome the identified threats and questions regarding these issues are discussed.",

keywords = "Electronic health card, Health information infrastructure, Security analysis",

author = "Ali Sunyaev and Alexander Kaletsch and Sebastian D{\"u}nnebeil and Helmut Krcmar",

year = "2010",

language = "English",

isbn = "9789898425041",

series = "ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems",

pages = "229--235",

booktitle = "ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems",

note = "12th International Conference on Enterprise Information Systems, ICEIS 2010 ; Conference date: 08-06-2010 Through 12-06-2010",

}

Sunyaev, A, Kaletsch, A, Dünnebeil, S & Krcmar, H 2010, Attack scenarios for possible misuse of peripheral parts in the German health information infrastructure. in ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems. ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems, vol. 1 DISI, pp. 229-235, 12th International Conference on Enterprise Information Systems, ICEIS 2010, Funchal, Portugal, 8/06/10.

Attack scenarios for possible misuse of peripheral parts in the German health information infrastructure. / Sunyaev, Ali; Kaletsch, Alexander; Dünnebeil, Sebastian et al.
ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems. 2010. p. 229-235 (ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems; Vol. 1 DISI).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Attack scenarios for possible misuse of peripheral parts in the German health information infrastructure

AU - Sunyaev, Ali

AU - Kaletsch, Alexander

AU - Dünnebeil, Sebastian

AU - Krcmar, Helmut

PY - 2010

Y1 - 2010

N2 - This paper focuses on functional issues within the peripheral parts of the German health information infrastructure, which compromise security and patient's information safety or might violate law. Our findings demonstrate that a misuse of existing functionality is possible. With examples and detailed use cases we show that the health infrastructure can be used for more than just ordinary electronic health care services. In order to investigate this evidence from the laboratory, we tested all attack scenarios in a typical German physician's practice. Furthermore, security measures are provided to overcome the identified threats and questions regarding these issues are discussed.

AB - This paper focuses on functional issues within the peripheral parts of the German health information infrastructure, which compromise security and patient's information safety or might violate law. Our findings demonstrate that a misuse of existing functionality is possible. With examples and detailed use cases we show that the health infrastructure can be used for more than just ordinary electronic health care services. In order to investigate this evidence from the laboratory, we tested all attack scenarios in a typical German physician's practice. Furthermore, security measures are provided to overcome the identified threats and questions regarding these issues are discussed.

KW - Electronic health card

KW - Health information infrastructure

KW - Security analysis

UR - http://www.scopus.com/inward/record.url?scp=78649901555&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:78649901555

SN - 9789898425041

T3 - ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems

SP - 229

EP - 235

BT - ICEIS 2010 - Proceedings of the 12th International Conference on Enterprise Information Systems

T2 - 12th International Conference on Enterprise Information Systems, ICEIS 2010

Y2 - 8 June 2010 through 12 June 2010

ER -

Attack scenarios for possible misuse of peripheral parts in the German health information infrastructure

Abstract

Publication series

Conference

Keywords

Other files and links

Fingerprint

Cite this