SECURITY ANALYSIS OF THE GERMAN ELECTRONIC HEALTH CARD’S PERIPHERAL PARTS

Ali Sunyaev; Alexander Kaletsch; Christian Mauro; Helmut Krcmar

doi:10.5220/0001854000190026

SECURITY ANALYSIS OF THE GERMAN ELECTRONIC HEALTH CARD’S PERIPHERAL PARTS

Ali Sunyaev, Alexander Kaletsch, Christian Mauro, Helmut Krcmar

2009

Abstract

This paper describes a technical security analysis which is based on experiments done in a laboratory and verified in a physician’s practice. The health care telematics infrastructure in Germany stipulates every physician and every patient to automatically be given an electronic health smart card (for patients) and a corresponding health professional card (for health care providers). We analyzed these cards and the peripheral parts of the telematics infrastructure according to the ISO 27001 security standard. The introduced attack scenarios show that there are several security issues in the peripheral parts of the German health care telematics. Based on discovered vulnerabilities we provide corresponding security measures to overcome these open issues and derive conceivable consequences for the nation-wide introduction of electronic health card in Germany.

Download

Paper Citation

in Harvard Style

Sunyaev A., Kaletsch A., Mauro C. and Krcmar H. (2009). SECURITY ANALYSIS OF THE GERMAN ELECTRONIC HEALTH CARD’S PERIPHERAL PARTS . In Proceedings of the 11th International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 978-989-8111-86-9, pages 19-26. DOI: 10.5220/0001854000190026

in Bibtex Style

@conference{iceis09,
author={Ali Sunyaev and Alexander Kaletsch and Christian Mauro and Helmut Krcmar},
title={SECURITY ANALYSIS OF THE GERMAN ELECTRONIC HEALTH CARD’S PERIPHERAL PARTS},
booktitle={Proceedings of the 11th International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2009},
pages={19-26},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001854000190026},
isbn={978-989-8111-86-9},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - SECURITY ANALYSIS OF THE GERMAN ELECTRONIC HEALTH CARD’S PERIPHERAL PARTS
SN - 978-989-8111-86-9
AU - Sunyaev A.
AU - Kaletsch A.
AU - Mauro C.
AU - Krcmar H.
PY - 2009
SP - 19
EP - 26
DO - 10.5220/0001854000190026