{"id":"https://openalex.org/W7140172814","doi":"https://doi.org/10.1016/j.procs.2026.03.121","title":"LINDDUN based Threat Modeling of a Healthcare Distributed Ledger Platform","display_name":"LINDDUN based Threat Modeling of a Healthcare Distributed Ledger Platform","publication_year":2026,"publication_date":"2026-01-01","ids":{"openalex":"https://openalex.org/W7140172814","doi":"https://doi.org/10.1016/j.procs.2026.03.121"},"language":"en","primary_location":{"id":"doi:10.1016/j.procs.2026.03.121","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.procs.2026.03.121","pdf_url":null,"source":{"id":"https://openalex.org/S120348307","display_name":"Procedia Computer Science","issn_l":"1877-0509","issn":["1877-0509"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Procedia Computer Science","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.1016/j.procs.2026.03.121","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Daniela Dinis","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Daniela Dinis","raw_affiliation_strings":["School of Technology and Management, Polytechnic University of Leiria; Leiria, Portugal"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Technology and Management, Polytechnic University of Leiria; Leiria, Portugal","institution_ids":[]}]},{"author_position":"middle","author":{"id":null,"display_name":"Jo\u00e3o Oliveira","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jo\u00e3o Oliveira","raw_affiliation_strings":["School of Technology and Management, Polytechnic University of Leiria; Leiria, Portugal"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Technology and Management, Polytechnic University of Leiria; Leiria, Portugal","institution_ids":[]}]},{"author_position":"middle","author":{"id":null,"display_name":"Marisa Maximiano","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Marisa Maximiano","raw_affiliation_strings":["Computer Science and Communication Research Centre (CIIC), School of Technology and Management Polytechnic University of Leiria; Leiria, Portugal","School of Technology and Management, Polytechnic University of Leiria; Leiria, Portugal"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Computer Science and Communication Research Centre (CIIC), School of Technology and Management Polytechnic University of Leiria; Leiria, Portugal","institution_ids":[]},{"raw_affiliation_string":"School of Technology and Management, Polytechnic University of Leiria; Leiria, Portugal","institution_ids":[]}]},{"author_position":"middle","author":{"id":null,"display_name":"Ricardo Gomes","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ricardo Gomes","raw_affiliation_strings":["School of Technology and Management, Polytechnic University of Leiria; Leiria, Portugal"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Technology and Management, Polytechnic University of Leiria; Leiria, Portugal","institution_ids":[]}]},{"author_position":"middle","author":{"id":null,"display_name":"V\u00edtor T\u00e1vora","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"V\u00edtor T\u00e1vora","raw_affiliation_strings":["School of Technology and Management, Polytechnic University of Leiria; Leiria, Portugal"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Technology and Management, Polytechnic University of Leiria; Leiria, Portugal","institution_ids":[]}]},{"author_position":"middle","author":{"id":null,"display_name":"Manuel Dias","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Manuel Dias","raw_affiliation_strings":["BioGHP - Global Health Platform S.A., Lisboa, Portugal"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"BioGHP - Global Health Platform S.A., Lisboa, Portugal","institution_ids":[]}]},{"author_position":"last","author":{"id":null,"display_name":"Ricardo Correia Bezerra","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ricardo Correia Bezerra","raw_affiliation_strings":["BioGHP - Global Health Platform S.A., Lisboa, Portugal"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"BioGHP - Global Health Platform S.A., Lisboa, Portugal","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":7,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.67572816,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"278","issue":null,"first_page":"1366","last_page":"1373"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.260699987411499,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.260699987411499,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.23270000517368317,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.07810000330209732,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/identity-management","display_name":"Identity management","score":0.597100019454956},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.5921000242233276},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5076000094413757},{"id":"https://openalex.org/keywords/health-care","display_name":"Health care","score":0.5066999793052673},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.45730000734329224},{"id":"https://openalex.org/keywords/information-privacy","display_name":"Information privacy","score":0.4415000081062317},{"id":"https://openalex.org/keywords/identity","display_name":"Identity (music)","score":0.32850000262260437},{"id":"https://openalex.org/keywords/data-protection-act-1998","display_name":"Data Protection Act 1998","score":0.3212999999523163},{"id":"https://openalex.org/keywords/blockchain","display_name":"Blockchain","score":0.31779998540878296}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8416000008583069},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.635699987411499},{"id":"https://openalex.org/C555379026","wikidata":"https://www.wikidata.org/wiki/Q977772","display_name":"Identity management","level":3,"score":0.597100019454956},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.5921000242233276},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5076000094413757},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.5066999793052673},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.45730000734329224},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.4415000081062317},{"id":"https://openalex.org/C2778355321","wikidata":"https://www.wikidata.org/wiki/Q17079427","display_name":"Identity (music)","level":2,"score":0.32850000262260437},{"id":"https://openalex.org/C69360830","wikidata":"https://www.wikidata.org/wiki/Q1172237","display_name":"Data Protection Act 1998","level":2,"score":0.3212999999523163},{"id":"https://openalex.org/C2779687700","wikidata":"https://www.wikidata.org/wiki/Q20514253","display_name":"Blockchain","level":2,"score":0.31779998540878296},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.3138999938964844},{"id":"https://openalex.org/C2777541363","wikidata":"https://www.wikidata.org/wiki/Q25110971","display_name":"Distributed ledger","level":3,"score":0.303600013256073},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.29660001397132874},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.29280000925064087},{"id":"https://openalex.org/C10511746","wikidata":"https://www.wikidata.org/wiki/Q899388","display_name":"Data security","level":3,"score":0.2912999987602234},{"id":"https://openalex.org/C47487241","wikidata":"https://www.wikidata.org/wiki/Q5227230","display_name":"Data access","level":2,"score":0.290800005197525},{"id":"https://openalex.org/C3017977704","wikidata":"https://www.wikidata.org/wiki/Q18745135","display_name":"Health data","level":3,"score":0.28540000319480896},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.28110000491142273},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.28029999136924744},{"id":"https://openalex.org/C2779813694","wikidata":"https://www.wikidata.org/wiki/Q528053","display_name":"Digital identity","level":3,"score":0.27790001034736633},{"id":"https://openalex.org/C193934123","wikidata":"https://www.wikidata.org/wiki/Q7246028","display_name":"Privacy by Design","level":3,"score":0.27630001306533813},{"id":"https://openalex.org/C2988170871","wikidata":"https://www.wikidata.org/wiki/Q11000047","display_name":"Healthcare system","level":3,"score":0.2727999985218048},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.2712000012397766},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.2694000005722046},{"id":"https://openalex.org/C3090818","wikidata":"https://www.wikidata.org/wiki/Q1172506","display_name":"General Data Protection Regulation","level":3,"score":0.26460000872612},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.25949999690055847},{"id":"https://openalex.org/C2780433410","wikidata":"https://www.wikidata.org/wiki/Q5276090","display_name":"Digital health","level":3,"score":0.2533999979496002},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.25290000438690186},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.2513999938964844}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1016/j.procs.2026.03.121","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.procs.2026.03.121","pdf_url":null,"source":{"id":"https://openalex.org/S120348307","display_name":"Procedia Computer Science","issn_l":"1877-0509","issn":["1877-0509"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Procedia Computer Science","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1016/j.procs.2026.03.121","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.procs.2026.03.121","pdf_url":null,"source":{"id":"https://openalex.org/S120348307","display_name":"Procedia Computer Science","issn_l":"1877-0509","issn":["1877-0509"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Procedia Computer Science","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":7,"referenced_works":["https://openalex.org/W2694044524","https://openalex.org/W4283658030","https://openalex.org/W4306647794","https://openalex.org/W4307381608","https://openalex.org/W4315778939","https://openalex.org/W4387695192","https://openalex.org/W4393170716"],"related_works":[],"abstract_inverted_index":{"The":[0,80],"adoption":[1],"of":[2,111,133],"decentralized":[3],"technologies":[4],"in":[5,108],"healthcare":[6,34],"introduces":[7],"new":[8],"opportunities":[9],"for":[10,39,45,51],"secure,":[11],"patient-centered":[12],"data":[13,78,93],"management":[14],"but":[15],"also":[16],"brings":[17],"significant":[18],"privacy":[19,59,71,97],"and":[20,48,53,63,69,77,95],"security":[21],"challenges.":[22],"This":[23,99],"paper":[24],"presents":[25],"a":[26,32,42,49,105,121,130],"threat":[27,60,84],"modeling":[28,61,85],"approach":[29],"applied":[30],"to":[31,129],"Web3-based":[33],"platform":[35],"that":[36,83],"integrates":[37],"blockchain":[38],"access":[40,54],"logging,":[41],"FHIR-compliant":[43],"server":[44],"clinical":[46],"data,":[47],"backend":[50],"identity":[52],"management.":[55],"Using":[56],"the":[57,109,116,125],"LINDDUN":[58],"framework":[62],"OWASP":[64],"Threat":[65],"Dragon,":[66],"we":[67],"identified":[68],"prioritized":[70],"risks":[72],"based":[73],"on":[74,120],"system":[75],"architecture":[76],"flows.":[79],"results":[81],"show":[82],"can":[86,101],"provide":[87],"early":[88],"insights":[89],"into":[90],"regulatory":[91],"compliance,":[92],"exposure,":[94],"user":[96],"concerns.":[98],"process":[100],"be":[102],"viewed":[103],"as":[104],"foundational":[106],"step":[107],"development":[110],"digital":[112],"health":[113],"systems.":[114],"While":[115],"analysis":[117],"was":[118],"focused":[119],"specific":[122],"use":[123],"case,":[124],"methodology":[126],"is":[127],"adaptable":[128],"wide":[131],"range":[132],"applications":[134],"handling":[135],"sensitive":[136],"personal":[137],"data.":[138]},"counts_by_year":[],"updated_date":"2026-04-25T08:17:42.794288","created_date":"2026-03-25T00:00:00"}