Towards a unified security Evaluation framework for e-Healthcare information systems

Charles A. Shoniregun, Kudakwashe Dube, Fredrick Mtenzi

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review


The domain of security engineering has developed some agreed core concepts but it lacks comprehensive framework. This could be seen to be particularly the case for e-Healthcare information systems. Evaluation deals with how other people can be convinced that security and privacy protection measures that have been put in place will work. Anderson has defined evaluation of systems as the process of assembling evidence that a system meets, or fails to meet, a prescribed assurance target and identifies two main purposes, which are: to convince one's superiors that work has been done and completed in compliance with standards and laws and to reassure people who will rely on a product or system. Evaluation is a function of the question of whether the system will actually work, which is termed assurance (Anderson and Cardell, 2008). Thus, the lower the likelihood, the higher the assurance there can be and the higher the likelihood, the less the assurance there can be. This chapter explores the solutions and technologies currently available for evaluating security and privacy problems in e-Healthcare information systems.

Original languageEnglish
Title of host publicationElectronic Healthcare Information Security
EditorsCharles Shoniregun, Kudakwashe Dube, Fredrick Mtenzi
Number of pages22
Publication statusPublished - 2010
Externally publishedYes

Publication series

NameAdvances in Information Security
ISSN (Print)1568-2633


Dive into the research topics of 'Towards a unified security Evaluation framework for e-Healthcare information systems'. Together they form a unique fingerprint.

Cite this