Applying an open application security process to a clinical information system: a case study

Quantified Score

Visualization

Abstract

Security is an important quality goal of software engineering. Incidents of data theft, data loss, and unavailability may lead to frustration of users, contravention of laws, or financial loss. Especially in critical domains like health care, every effort must be made to minimize security related problems. The optimum method for establishing software security is to consider it during all stages of the software process. For legacy systems, however, this is not possible. In order to provide a high level of confidence in the security of existing systems, a security analysis must be conducted. In this paper, we perform a security analysis of an existing clinical decision support system called EGADSS. The major motivation for conducting the security analysis is that the operational context of EGADSS is being changed from an intranet to the Internet. This means that in addition to general considerations associated with a security analysis, particular attention must be paid to the threats and risks introduced by the new environment of EGADSS. In order to conduct the analysis, we perform a process developed and published within the open content community, called CLASP (Comprehensive Lightweight Application Security Process). We report on our experiences with applying this community maintained process and reflect on its effectiveness in modeling threats to the system and identifying appropriate countermeasures.