TY - CHAP
T1 - Towards a unified security Evaluation framework for e-Healthcare information systems
AU - Shoniregun, Charles A.
AU - Dube, Kudakwashe
AU - Mtenzi, Fredrick
PY - 2010
Y1 - 2010
N2 - The domain of security engineering has developed some agreed core concepts but it lacks comprehensive framework. This could be seen to be particularly the case for e-Healthcare information systems. Evaluation deals with how other people can be convinced that security and privacy protection measures that have been put in place will work. Anderson has defined evaluation of systems as the process of assembling evidence that a system meets, or fails to meet, a prescribed assurance target and identifies two main purposes, which are: to convince one's superiors that work has been done and completed in compliance with standards and laws and to reassure people who will rely on a product or system. Evaluation is a function of the question of whether the system will actually work, which is termed assurance (Anderson and Cardell, 2008). Thus, the lower the likelihood, the higher the assurance there can be and the higher the likelihood, the less the assurance there can be. This chapter explores the solutions and technologies currently available for evaluating security and privacy problems in e-Healthcare information systems.
AB - The domain of security engineering has developed some agreed core concepts but it lacks comprehensive framework. This could be seen to be particularly the case for e-Healthcare information systems. Evaluation deals with how other people can be convinced that security and privacy protection measures that have been put in place will work. Anderson has defined evaluation of systems as the process of assembling evidence that a system meets, or fails to meet, a prescribed assurance target and identifies two main purposes, which are: to convince one's superiors that work has been done and completed in compliance with standards and laws and to reassure people who will rely on a product or system. Evaluation is a function of the question of whether the system will actually work, which is termed assurance (Anderson and Cardell, 2008). Thus, the lower the likelihood, the higher the assurance there can be and the higher the likelihood, the less the assurance there can be. This chapter explores the solutions and technologies currently available for evaluating security and privacy problems in e-Healthcare information systems.
UR - http://www.scopus.com/inward/record.url?scp=84882740073&partnerID=8YFLogxK
U2 - 10.1007/978-0-387-84919-5_6
DO - 10.1007/978-0-387-84919-5_6
M3 - Chapter
AN - SCOPUS:84882740073
SN - 9780387848174
T3 - Advances in Information Security
SP - 151
EP - 172
BT - Electronic Healthcare Information Security
A2 - Shoniregun, Charles
A2 - Dube, Kudakwashe
A2 - Mtenzi, Fredrick
ER -