Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Noname manuscript No. (will be inserted by the editor)

Summary: Noname manuscript No.
(will be inserted by the editor)
Threat Modeling for Electronic Health Record Systems
Ahmad Almulhem
Received: date / Accepted: date
Abstract The security of electronic health record (EHR) systems is crucial for
their growing acceptance. There is a need for assurance that these records are
securely protected from attacks. For a system as complex as an EHR system, the
number of possible attacks is potentially very large. In this paper, a threat mod-
eling methodology, known as attack tree, is employed to analyze attacks affecting
EHR systems. The analysis is based on a proposed generic client-server model
of EHR systems. The developed attack tree is discussed along with some system
properties that enable quantitative and qualitative analysis. A list of suggested
countermeasures are also highlighted.
Keywords Electronic Health Record EHR Electronic Medical Record EMR
Attack Tree Threat Model
1 Introduction
Nowadays, more healthcare providers are migrating from traditional paper-based
medical record systems to electronic health record (EHR) systems [1] [2]. EHR
systems are increasingly becoming attractive solutions that utilize new advances


Source: Almulhem, Ahmad - Computer Engineering Department, King Fahd University of Petroleum and Minerals


Collections: Computer Technologies and Information Sciences