- Email: [email protected]
Security requirements and solution in distributed electronic health records
H. J. HighlandllFlPlSEC’97
Conference Proceedings
Security When Outsourcing: Concepts, Constructs, Compliance E. Roos Lindgreen, H.R.D Janus, A. Shahim, G. Hulst, and I.S. Herschberg, KPMG EDP Auditors, Amstelveen, The Netherlands. As the ownership and management of information technology (IT) is increasingly put out at contract, information security turns out to be an essential issue to address in any outsourcing process. The authors analyze present concepts for the demand side and the supply side of the market for external facilities management. They propose a cyclic approach related to British Standard 7799 allowing the service provider and his client clearly to define respective responsibilities in the construct of a formal security agreement, part of the general agreement between the service provider and his client. Such a security agreement stems from an assessment of the client’s IT environment; compliance with the security agreement is tested by a formal review to be conducted by an impartial evaluator.
Towards A Holistic View of Security and Safety of Enterprise Information and Communication Technologies: Adapting to a Changing Paradigm Dr. Klaus Brunnstein, burg, Germany.
University
of Hamburg,
Ham-
When enterprises heavily rely upon proper working of Information and Communication Technologies (ICTs), they often experience shortcomings in programs and systems, failing availability and unreliable access through networks as major drawback in their operation, with possible effects on productivity and profitability. Traditional, ‘security’ addresses some of these aspects but, based on its military model (Bell LaPaudla), essential requirements are seriously missing. With a view towards distributed enterprise work, the paper analyzes why basic concepts of ‘traditional security’ fail to meet these requirements. On the basis, it is postulated that holistic ‘sikerhet’ combining traditional security and safety is needed for ICT based enterprises. This concept requires improved professional education and awareness, but will also need more user and public awareness.
208
A Taxonomy of Electronic Case Schemes Ernest Foo, Colin Boyd, William Caelli, and Ed Dawson, Information Security Research Center, School of Data Communications, Queensland University of Technology, Brisbane, Australia. A large number of electronic cash schemes have been proposed in the literature and several commercial ventures have started which claim to provide an anonymous payment protocol. These schemes have been designed to provide certain security properties. Not all the schemes have proven to be practical and the precise security properties of the different schemes are difficult to compare due to their complex protocols. In this paper the key services required by electronic cash are identified and their provision in different electronic cash schemes published in the literature is compared. In addition to the security services, the mechanisms used to implement these services are isolated.
Security Requirements and Solutions in Distributed Electronic Health Records B. Blobel, Otto-von-Guericke University Magdeburg, Faculty ofMedicine, Institute of Biometrics and Medial Informatics, Madgeburg, Germany The healthcare systems in all developed countries are changing to labour-shared structures such as Shared Care. Such structures require extended communication and cooperation. Medical information systems integrated into the care process must be able to support that communication and cooperation adequately, representing an active and distributed Electronic Health Record (EHR) system. Distributed health record systems must meet high demands for data protection and data security, which concern integrity, availability, confidentiality including access management, and accountability. Communication and cooperation information systems can be provided by middleware architectures. For the different middleware architectures used in healthcare, such as ED1 (HL7, EDIFACT) CORBA or DHE, the architectural principles and security solutions are independent of applications and transparent to the user. For trusted communication and cooperation, application-related and user-related security mechanisms are required. Such mechanisms have to fulfil the security policy of the application domain. They
Computers & Security, Vol. 16, No. 3
are using the basic security mechanisms of the underlying communicationand cooperation-supporting systems. The discussed policy, threats, and countermeasures refer to the first German regional distributed medial record, which is developed and refined in the Clinical Cancer Registry MagdeburgEaxony-Anhalt.
A Comprehensive Need-to-Know Access Control System and its Application for Medical Information Systems R. Holbein, S. Teufel, 0. Morger and K. Bauknecht, Department of Computer Science, Winterhurerstr, Zurich, Switzerland. In this paper, we present an access control system (ACS) that allows implementation as well as management of comprehensive need-to-know access control policies. The overall system is built around a role based ACS that has been extended by two additional components namely, a security design and a context authentication component which allow the overall system to cohesively implement and manage need-toThe security design component know policies. systematically generates access control information that is appropriate to initialize the role based ACS according to the individual need-to-know within an with the access control decision facility of the role based ACS. It dynamically verifies if a need-to-know really exists at the particular point in time when users request access, by our need-to-know ACS concerning privacy of patient data within a hospital environment.
The Future of Networks and Network Security R. Nelson, MA.
Information
System Security, Watertown,
Networks are evolving rapidly into huge, omnipresent, multiservice entities. They are connected worldwide into an Internet that has many different administrations, purposes, resource owners, and users. As the network grows, design parameters are exceeded and new vulnerabilities are introduced. Network security solutions must accommodate enormous changes in the network itself, in the network security requirements, and in the mechanisms and constraints that drive appropriate security mechanisms. As the network serves a larger and more
diverse group of users, multiple, proaches will be necessary requirements.
flexible security apto meet their
Non-intrusive Authentication Daniele Albert0 Galliano, Antonio Lioy and Fabio Maino, Politecnico di Torino, Dip. Automatica e Informatica, Torino, Italy Available security solutions often are not widely used because the associated secure applications are awkward to use or they lack functionality when compared to standard insecure tools. To avoid this dicothomy, the authors developed a non-intrusive (or external) client-server authentication framework which requires no modification to both the clients and the servers. In this way, full featured clients can be used to the satisfaction of the user community, and off-the-shelf servers can be used with augmented security to the happiness of the system administrators. The approach relies on software agents which use private keys and a challenge-response protocol to authenticate TCP/IP connection setup. The paper discusses the general framework as well as a sample implementation. Attacks and countermeasures are also outlined. The approach explicitly doesn’t address data privacy during transmission, as the authors would rather see it placed at application level.
Roaming Security Agents Enabling Intelligent Access Control and Network Protection F?W.J. van Zyland and S.H. von Solms, Rand Afrikaans University, Johannesburg, South Africa. This paper presents the concept of roaming security agents and shows how it can enable intelligent access control and transparent network protection in distributed computer environments. The security agents are called roaming because they accompany access requests and its resultant information throughout the distributed environment. The paths followed by the access requests and its resultant information, are also logged by the security agent in an internal data store, called baggage. With the capability to refer to the baggage it is possible to define intelligent access control and network protection rules for access requests and its resultant information
209
Conference Proceedings
Security When Outsourcing: Concepts, Constructs, Compliance E. Roos Lindgreen, H.R.D Janus, A. Shahim, G. Hulst, and I.S. Herschberg, KPMG EDP Auditors, Amstelveen, The Netherlands. As the ownership and management of information technology (IT) is increasingly put out at contract, information security turns out to be an essential issue to address in any outsourcing process. The authors analyze present concepts for the demand side and the supply side of the market for external facilities management. They propose a cyclic approach related to British Standard 7799 allowing the service provider and his client clearly to define respective responsibilities in the construct of a formal security agreement, part of the general agreement between the service provider and his client. Such a security agreement stems from an assessment of the client’s IT environment; compliance with the security agreement is tested by a formal review to be conducted by an impartial evaluator.
Towards A Holistic View of Security and Safety of Enterprise Information and Communication Technologies: Adapting to a Changing Paradigm Dr. Klaus Brunnstein, burg, Germany.
University
of Hamburg,
Ham-
When enterprises heavily rely upon proper working of Information and Communication Technologies (ICTs), they often experience shortcomings in programs and systems, failing availability and unreliable access through networks as major drawback in their operation, with possible effects on productivity and profitability. Traditional, ‘security’ addresses some of these aspects but, based on its military model (Bell LaPaudla), essential requirements are seriously missing. With a view towards distributed enterprise work, the paper analyzes why basic concepts of ‘traditional security’ fail to meet these requirements. On the basis, it is postulated that holistic ‘sikerhet’ combining traditional security and safety is needed for ICT based enterprises. This concept requires improved professional education and awareness, but will also need more user and public awareness.
208
A Taxonomy of Electronic Case Schemes Ernest Foo, Colin Boyd, William Caelli, and Ed Dawson, Information Security Research Center, School of Data Communications, Queensland University of Technology, Brisbane, Australia. A large number of electronic cash schemes have been proposed in the literature and several commercial ventures have started which claim to provide an anonymous payment protocol. These schemes have been designed to provide certain security properties. Not all the schemes have proven to be practical and the precise security properties of the different schemes are difficult to compare due to their complex protocols. In this paper the key services required by electronic cash are identified and their provision in different electronic cash schemes published in the literature is compared. In addition to the security services, the mechanisms used to implement these services are isolated.
Security Requirements and Solutions in Distributed Electronic Health Records B. Blobel, Otto-von-Guericke University Magdeburg, Faculty ofMedicine, Institute of Biometrics and Medial Informatics, Madgeburg, Germany The healthcare systems in all developed countries are changing to labour-shared structures such as Shared Care. Such structures require extended communication and cooperation. Medical information systems integrated into the care process must be able to support that communication and cooperation adequately, representing an active and distributed Electronic Health Record (EHR) system. Distributed health record systems must meet high demands for data protection and data security, which concern integrity, availability, confidentiality including access management, and accountability. Communication and cooperation information systems can be provided by middleware architectures. For the different middleware architectures used in healthcare, such as ED1 (HL7, EDIFACT) CORBA or DHE, the architectural principles and security solutions are independent of applications and transparent to the user. For trusted communication and cooperation, application-related and user-related security mechanisms are required. Such mechanisms have to fulfil the security policy of the application domain. They
Computers & Security, Vol. 16, No. 3
are using the basic security mechanisms of the underlying communicationand cooperation-supporting systems. The discussed policy, threats, and countermeasures refer to the first German regional distributed medial record, which is developed and refined in the Clinical Cancer Registry MagdeburgEaxony-Anhalt.
A Comprehensive Need-to-Know Access Control System and its Application for Medical Information Systems R. Holbein, S. Teufel, 0. Morger and K. Bauknecht, Department of Computer Science, Winterhurerstr, Zurich, Switzerland. In this paper, we present an access control system (ACS) that allows implementation as well as management of comprehensive need-to-know access control policies. The overall system is built around a role based ACS that has been extended by two additional components namely, a security design and a context authentication component which allow the overall system to cohesively implement and manage need-toThe security design component know policies. systematically generates access control information that is appropriate to initialize the role based ACS according to the individual need-to-know within an with the access control decision facility of the role based ACS. It dynamically verifies if a need-to-know really exists at the particular point in time when users request access, by our need-to-know ACS concerning privacy of patient data within a hospital environment.
The Future of Networks and Network Security R. Nelson, MA.
Information
System Security, Watertown,
Networks are evolving rapidly into huge, omnipresent, multiservice entities. They are connected worldwide into an Internet that has many different administrations, purposes, resource owners, and users. As the network grows, design parameters are exceeded and new vulnerabilities are introduced. Network security solutions must accommodate enormous changes in the network itself, in the network security requirements, and in the mechanisms and constraints that drive appropriate security mechanisms. As the network serves a larger and more
diverse group of users, multiple, proaches will be necessary requirements.
flexible security apto meet their
Non-intrusive Authentication Daniele Albert0 Galliano, Antonio Lioy and Fabio Maino, Politecnico di Torino, Dip. Automatica e Informatica, Torino, Italy Available security solutions often are not widely used because the associated secure applications are awkward to use or they lack functionality when compared to standard insecure tools. To avoid this dicothomy, the authors developed a non-intrusive (or external) client-server authentication framework which requires no modification to both the clients and the servers. In this way, full featured clients can be used to the satisfaction of the user community, and off-the-shelf servers can be used with augmented security to the happiness of the system administrators. The approach relies on software agents which use private keys and a challenge-response protocol to authenticate TCP/IP connection setup. The paper discusses the general framework as well as a sample implementation. Attacks and countermeasures are also outlined. The approach explicitly doesn’t address data privacy during transmission, as the authors would rather see it placed at application level.
Roaming Security Agents Enabling Intelligent Access Control and Network Protection F?W.J. van Zyland and S.H. von Solms, Rand Afrikaans University, Johannesburg, South Africa. This paper presents the concept of roaming security agents and shows how it can enable intelligent access control and transparent network protection in distributed computer environments. The security agents are called roaming because they accompany access requests and its resultant information throughout the distributed environment. The paths followed by the access requests and its resultant information, are also logged by the security agent in an internal data store, called baggage. With the capability to refer to the baggage it is possible to define intelligent access control and network protection rules for access requests and its resultant information
209