2010 International Conference on Availability, Reliability and Security 2010
DOI: 10.1109/ares.2010.44
|View full text |Cite
|
Sign up to set email alerts
|

The Road to Hell is Paved with Good Intentions: A Story of (In)secure Software Development

Abstract: Abstract-In this paper, we present the results of a security assessment performed on a home care system based on SOA, realised as web services. The security design concepts of this platform were specifically tailored to meet new security challenges and to be compliant with legal frameworks applicable to the healthcare domain. This security design was fed as input to the development team, which implemented the system. However, our assessment revealed a software platform with severe security weaknesses and vulne… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1

Citation Types

0
0
0

Year Published

2010
2010
2013
2013

Publication Types

Select...
1
1

Relationship

0
2

Authors

Journals

citations
Cited by 2 publications
(1 citation statement)
references
References 18 publications
0
0
0
Order By: Relevance
“…Our case study (Sassoon, Jaatun, & Jensen, 2010) is based on the results of a European research project developing a healthcare platform. Since the platform deals with sensitive health data, it should comply with ("Directive 95/94/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data," 1995), which regulates the handling of private data for the member states of the EU.…”
Section: Case Study: a Distributed Development Effortmentioning
confidence: 99%
“…Our case study (Sassoon, Jaatun, & Jensen, 2010) is based on the results of a European research project developing a healthcare platform. Since the platform deals with sensitive health data, it should comply with ("Directive 95/94/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data," 1995), which regulates the handling of private data for the member states of the EU.…”
Section: Case Study: a Distributed Development Effortmentioning
confidence: 99%