Utilize Common Criteria Methodology for Secure Ubiquitous Healthcare Environment

Yu, Yao-Chang; Hou, Ting‐Wei

doi:10.1007/s10916-010-9629-2

Cited by 4 publications

(3 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The previous research works proposing CC-based information security [27,28,29,37,38,49,51,53,35,56,57,58] report reaching EAL 3, just as we did. Our research brings one more CC application to the set of desktop computer certification [27] applications: Radio Frequency Identification (RFID) technology [28], biometric system [29], smart meters [49,51], integrated voice, data, and video communications [37,38], boots, sealing, and IT channels [57], Point-of-Sale (POS) systems, wind turbine park systems, and a secure workflow [56], personal computer [58], electronic voting system [55], SDN switches and controllers [59]. Only [51,57] report having reached EAL 4 or 5.…”

Section: Discussionsupporting

confidence: 68%

“…The research efforts of Hou and Yu [28] and Fernandez-Saavedra et al [29] are also close to the work carried out here since they used Common Criteria to evaluate information systems security. Hou and You [28] evaluated the use of Radio Frequency Identification (RFID) technology in a medicalhospital environment. Simultaneously, [29] assessed a biometric system, and both used literature review and best market practices for gathering the assessment criteria.…”

Section: B Information Security and The Common Criteria Standardsupporting

confidence: 62%

“…That is, it can be used in several IT products; -It enables comparison of independent security assessment results as it presents standard requirements related to the security aspect of IT products (hardware, software, or firmware). As presented in our literature analysis, CC has also been widely used for information security in companies and academia [27,28,29,49,51,53,35,56,57,58]. Institutions in the United States and Europe [36] already consider this critical assessment of security requirements in their products, especially in systems regarded as essential infrastructure (e. g. data communication links in aviation systems, satellite communication).…”

Section: Summary and Decision About Information Security Standardsmentioning

confidence: 99%

See 2 more Smart Citations

Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

2021

View full text Add to dashboard Cite

In the present work, we propose and validate a Common Criteria Standard Protection Profile (sPP) for videoconferencing equipment. The research presents the definition and analysis of the homologation system used to validate the standard protection profile, focusing on its application focused in a large Brazilian financial company. We address the main points to consider in the acquisition and current use of this product: reasonable information security assumptions, technical standards, recommendations, and international best cybersecurity practices. As a result, we have developed a Standard Protection Profile identifying the information security risks involved and the minimum parameters required in those systems acquired and used for Government environments. This paper also presents all tests performed to validate the proposed sPP. As the application is critical, involving sensitive data, our results can also foster less risky conditions in the myriad situations caused by the COVID pandemic.

show abstract

Section: Discussionsupporting

confidence: 68%

Section: B Information Security and The Common Criteria Standardsupporting

confidence: 62%

Section: Summary and Decision About Information Security Standardsmentioning

confidence: 99%

See 1 more Smart Citation

Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

2021

View full text Add to dashboard Cite

show abstract

RFID in Healthcare – Current Trends and the Future

2015

View full text Add to dashboard Cite

An Enhanced Security Solution for Electronic Medical Records Based on AES Hybrid Technique with SOAP/XML and SHA-1

et al. 2013

View full text Add to dashboard Cite

This study aims to provide security solutions for implementing electronic medical records (EMRs). E-Health organizations could utilize the proposed method and implement recommended solutions in medical/health systems. Majority of the required security features of EMRs were noted. The methods used were tested against each of these security features. In implementing the system, the combination that satisfied all of the security features of EMRs was selected. Secure implementation and management of EMRs facilitate the safeguarding of the confidentiality, integrity, and availability of e-health organization systems. Health practitioners, patients, and visitors can use the information system facilities safely and with confidence anytime and anywhere. After critically reviewing security and data transmission methods, a new hybrid method was proposed to be implemented on EMR systems. This method will enhance the robustness, security, and integration of EMR systems. The hybrid of simple object access protocol/extensible markup language (XML) with advanced encryption standard and secure hash algorithm version 1 has achieved the security requirements of an EMR system with the capability of integrating with other systems through the design of XML messages.

show abstract

Utilize Common Criteria Methodology for Secure Ubiquitous Healthcare Environment

Cited by 4 publications

References 8 publications

Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

Proposal and Validation of a Standard Protection Profile for Homologation of Commercial Videoconferencing Equipment

RFID in Healthcare – Current Trends and the Future

An Enhanced Security Solution for Electronic Medical Records Based on AES Hybrid Technique with SOAP/XML and SHA-1

Contact Info

Product

Resources

About