A Practical Experience Applying Security Audit Techniques in an Industrial e-Health System Which Uses an Open Source ERP
Julián Gómez, Miguel Olivero, J. García-García, María Escalona
2021
Abstract
Healthcare institutions is an ever-innovative field, in which modernization is moving forward taking giant steps. This modernization, so called “digitization”, brings up some concerns that should be carefully considered. Currently, the most sensible concerning in this field is the management of Electronic Health Record and patients’ data privacy. Health-related data in healthcare systems are under strict regulations, such as the EU’s General Data Protection Regulation (GDPR), whose non-compliance imposes huge penalties and fines. Cybersecurity in healthcare plays an important role at protecting these sensitive data, which are highly valuable for criminals. Security experts follow already existing security frameworks to orchestrate the security assessment process, so that the auditing process is as complete and as organized as possible. This study extends the lifecycle of a security assessment framework and conducts an exploitation and vulnerabilities’ analysis on an actual industrial scenario. The results of this security audit shows that even if the system is heavily fortified, there can be still some vulnerabilities.
DownloadPaper Citation
in Harvard Style
Gómez J., Olivero M., García-García J. and Escalona M. (2021). A Practical Experience Applying Security Audit Techniques in an Industrial e-Health System Which Uses an Open Source ERP. In Proceedings of the 17th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-758-536-4, pages 482-489. DOI: 10.5220/0010714500003058
in Bibtex Style
@conference{webist21,
author={Julián Gómez and Miguel Olivero and J. García-García and María Escalona},
title={A Practical Experience Applying Security Audit Techniques in an Industrial e-Health System Which Uses an Open Source ERP},
booktitle={Proceedings of the 17th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2021},
pages={482-489},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010714500003058},
isbn={978-989-758-536-4},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 17th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - A Practical Experience Applying Security Audit Techniques in an Industrial e-Health System Which Uses an Open Source ERP
SN - 978-989-758-536-4
AU - Gómez J.
AU - Olivero M.
AU - García-García J.
AU - Escalona M.
PY - 2021
SP - 482
EP - 489
DO - 10.5220/0010714500003058