The purpose of information security management is to guarantee continuity and minimise damage by preventing (or minimising) thè impact of security incidents, in other words to provide a reliable mechanism for information sharing, at thè same time ensuring its confidentiality, integrity and availability. The first goal of security is protecting resources. A general, straightforward approach to security] ] consists of the following basic steps: 1. Identification of resources to be protected. 2. Identification of threats. 3. Identification of vulnerabilities. 4. Assessment of risks. 5. Selection of protective measures, if necessary. This approach can be thè basis of a systematic analytical treatment of computer and communication security in a Radiological Information System (RIS) before addressing thè problem of its integration with a Hospita! Information System (HIS). In order to categorise thè corresponding protective measures, we introduced six distinct security areas to be investigated (Hardware, Software, Network, Regulation, Environment, Personnel). When the security areas we introduced are arranged by their relevance, taking into account thè constraints most commonly faced in a radiological department[2], thè following prioritised lisi results, according to thè specific framework of a radiological organisation: 1. Software security (software threats, software access control, database security). 2. Network security (Communications security, encryption, authentication). 3. Regulatory security (privacy issues, security laws). 4. Personnel security (personnel threats, personnel security techniques). 5. Environmental security (intrusion prevention & detection, information protection). 6. Hardware security (hardware integrity, personal computer security).

Security management for radiological information systems

Fabbrini F;
1997

Abstract

The purpose of information security management is to guarantee continuity and minimise damage by preventing (or minimising) thè impact of security incidents, in other words to provide a reliable mechanism for information sharing, at thè same time ensuring its confidentiality, integrity and availability. The first goal of security is protecting resources. A general, straightforward approach to security] ] consists of the following basic steps: 1. Identification of resources to be protected. 2. Identification of threats. 3. Identification of vulnerabilities. 4. Assessment of risks. 5. Selection of protective measures, if necessary. This approach can be thè basis of a systematic analytical treatment of computer and communication security in a Radiological Information System (RIS) before addressing thè problem of its integration with a Hospita! Information System (HIS). In order to categorise thè corresponding protective measures, we introduced six distinct security areas to be investigated (Hardware, Software, Network, Regulation, Environment, Personnel). When the security areas we introduced are arranged by their relevance, taking into account thè constraints most commonly faced in a radiological department[2], thè following prioritised lisi results, according to thè specific framework of a radiological organisation: 1. Software security (software threats, software access control, database security). 2. Network security (Communications security, encryption, authentication). 3. Regulatory security (privacy issues, security laws). 4. Personnel security (personnel threats, personnel security techniques). 5. Environmental security (intrusion prevention & detection, information protection). 6. Hardware security (hardware integrity, personal computer security).
1997
Istituto di Scienza e Tecnologie dell'Informazione "Alessandro Faedo" - ISTI
Radiological information systems
File in questo prodotto:
File Dimensione Formato  
prod_238173-doc_143901.pdf

solo utenti autorizzati

Descrizione: Security management for radiological information systems
Tipologia: Versione Editoriale (PDF)
Dimensione 333.02 kB
Formato Adobe PDF
333.02 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14243/203819
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact