{"id":"https://openalex.org/W7134897947","doi":"https://doi.org/10.1109/sccc67219.2025.11420648","title":"Exploring Security Controls in Health Information Systems Using CodeBERT","display_name":"Exploring Security Controls in Health Information Systems Using CodeBERT","publication_year":2025,"publication_date":"2025-10-28","ids":{"openalex":"https://openalex.org/W7134897947","doi":"https://doi.org/10.1109/sccc67219.2025.11420648"},"language":null,"primary_location":{"id":"doi:10.1109/sccc67219.2025.11420648","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sccc67219.2025.11420648","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 44th International Conference of the Chilean Computer Science Society (SCCC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5128791049","display_name":"Diego Arteaga","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Diego Arteaga","raw_affiliation_strings":["Universidad del Bío-Bío,Departamento de Ciencias de la Computación y Tecnologías de la Información,Chillán,Chile"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Universidad del Bío-Bío,Departamento de Ciencias de la Computación y Tecnologías de la Información,Chillán,Chile","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007439667","display_name":"Gast\u00f3n M\u00e1rquez","orcid":"https://orcid.org/0000-0003-0167-5969"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Gast\u00f3n M\u00e1rquez","raw_affiliation_strings":["Universidad del Bío-Bío,Departamento de Ciencias de la Computación y Tecnologías de la Información,Chillán,Chile"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Universidad del Bío-Bío,Departamento de Ciencias de la Computación y Tecnologías de la Información,Chillán,Chile","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5128791368","display_name":"Claudio Mu\u00f1oz","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Claudio Mu\u00f1oz","raw_affiliation_strings":["Universidad del Bío-Bío,Departamento de Ciencias de la Computación y Tecnologías de la Información,Chillán,Chile"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Universidad del Bío-Bío,Departamento de Ciencias de la Computación y Tecnologías de la Información,Chillán,Chile","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5113305808","display_name":"Michelle Pacheco","orcid":"https://orcid.org/0009-0006-9117-359X"},"institutions":[{"id":"https://openalex.org/I2799978770","display_name":"X-Fab (Germany)","ror":"https://ror.org/030bh9196","country_code":"DE","type":"company","lineage":["https://openalex.org/I2799978770"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Michelle Pacheco","raw_affiliation_strings":["Universidad del Bío-Bío,Transferencia de Gestión Colaborativa en Salud Pública Para la región de Ñuble,Chillán,Chile"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Universidad del Bío-Bío,Transferencia de Gestión Colaborativa en Salud Pública Para la región de Ñuble,Chillán,Chile","institution_ids":["https://openalex.org/I2799978770"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.8148645,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.41280001401901245,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.41280001401901245,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.03440000116825104,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10350","display_name":"Electronic Health Records Systems","score":0.027300000190734863,"subfield":{"id":"https://openalex.org/subfields/3605","display_name":"Health Information Management"},"field":{"id":"https://openalex.org/fields/36","display_name":"Health Professions"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/information-system","display_name":"Information system","score":0.49799999594688416},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.37279999256134033},{"id":"https://openalex.org/keywords/health-information","display_name":"Health information","score":0.3528999984264374},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.30059999227523804},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.28349998593330383},{"id":"https://openalex.org/keywords/healthcare-system","display_name":"Healthcare system","score":0.2775000035762787},{"id":"https://openalex.org/keywords/variety","display_name":"Variety (cybernetics)","score":0.2727000117301941}],"concepts":[{"id":"https://openalex.org/C180198813","wikidata":"https://www.wikidata.org/wiki/Q121182","display_name":"Information system","level":2,"score":0.49799999594688416},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.46630001068115234},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.41850000619888306},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.37619999051094055},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.37279999256134033},{"id":"https://openalex.org/C2982795734","wikidata":"https://www.wikidata.org/wiki/Q870895","display_name":"Health information","level":3,"score":0.3528999984264374},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.33309999108314514},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.32600000500679016},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3091000020503998},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.30059999227523804},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.28349998593330383},{"id":"https://openalex.org/C2988170871","wikidata":"https://www.wikidata.org/wiki/Q11000047","display_name":"Healthcare system","level":3,"score":0.2775000035762787},{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.2727000117301941},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.2678000032901764},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.2630999982357025},{"id":"https://openalex.org/C2780791683","wikidata":"https://www.wikidata.org/wiki/Q846785","display_name":"Action (physics)","level":2,"score":0.2630999982357025},{"id":"https://openalex.org/C145642194","wikidata":"https://www.wikidata.org/wiki/Q870895","display_name":"Health informatics","level":3,"score":0.2628999948501587},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.257099986076355},{"id":"https://openalex.org/C138816342","wikidata":"https://www.wikidata.org/wiki/Q189603","display_name":"Public health","level":2,"score":0.2556000053882599},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.25200000405311584}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sccc67219.2025.11420648","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sccc67219.2025.11420648","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 44th International Conference of the Chilean Computer Science Society (SCCC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W2020614803","https://openalex.org/W2045688285","https://openalex.org/W2144548612","https://openalex.org/W2247591845","https://openalex.org/W2296164881","https://openalex.org/W2523880444","https://openalex.org/W2649501556","https://openalex.org/W2943876388","https://openalex.org/W3085401576","https://openalex.org/W3098605233","https://openalex.org/W3111039031","https://openalex.org/W3214913126","https://openalex.org/W3217001695","https://openalex.org/W4291213652","https://openalex.org/W4309763943","https://openalex.org/W4392609688","https://openalex.org/W4404527723"],"related_works":[],"abstract_inverted_index":{"Health":[0],"information":[1,80],"systems":[2,19],"(HISs)":[3],"are":[4,58,95,200],"integral":[5],"in":[6,38,98,132,167,183,202],"enhancing":[7],"clinical":[8],"operations":[9],"and":[10,53,74,107,153,177],"improving":[11],"patient":[12],"care.":[13],"To":[14],"fulfill":[15],"this":[16,121],"role,":[17],"these":[18,99],"require":[20],"a":[21,85,118,125,138],"comprehensive":[22],"design":[23,44,56,111,198],"capable":[24],"of":[25,72,87,109,117,186,205],"addressing":[26],"essential":[27],"health":[28,133],"quality":[29],"attributes":[30],"such":[31],"as":[32,66],"security.":[33],"This":[34,101],"design,":[35],"typically":[36],"embodied":[37],"software":[39,50,115,134],"architecture,":[40],"must":[41],"incorporate":[42],"secure":[43,110,197],"decisions":[45,57,112,199],"that":[46,90,162],"adhere":[47],"to":[48,78,146,151,194],"established":[49],"security":[51,62,67,76,93,130,157,164],"policies":[52],"guidelines.":[54],"Such":[55],"frequently":[59],"represented":[60],"by":[61,136],"control":[63,77,94],"(also":[64],"known":[65],"tactics).":[68],"Despite":[69],"the":[70,105,114,143,155,163,184,203],"significance":[71],"implementing":[73],"developing":[75],"protect":[79],"within":[81,113],"HISs,":[82,152],"there":[83],"is":[84],"paucity":[86],"empirical":[88],"studies":[89],"examine":[91],"which":[92,196],"actually":[96],"used":[97],"systems.":[100],"gap":[102],"significantly":[103],"hinders":[104],"reuse":[106],"acceleration":[108],"architecture":[116],"system.":[119],"In":[120],"paper,":[122],"we":[123],"report":[124],"study":[126,189],"aimed":[127],"at":[128],"identifying":[129],"controls":[131,165],"projects":[135,149],"utilizing":[137],"CodeBERT":[139],"model.":[140],"We":[141],"applied":[142],"trained":[144],"model":[145],"10":[147],"open-source":[148],"related":[150],"classified":[154],"identified":[156,166],"tactics.":[158],"The":[159],"findings":[160],"suggest":[161],"HISs":[168],"predominantly":[169],"focus":[170],"on":[171],"security-by-design":[172],"prevention":[173],"strategies,":[174],"whereas":[175],"detection":[176],"recovery":[178],"strategies":[179],"remain":[180],"largely":[181],"unaddressed":[182],"context":[185],"attacks.":[187],"Our":[188],"represents":[190],"an":[191],"initial":[192],"effort":[193],"elucidate":[195],"prioritized":[201],"development":[204],"HISs.":[206]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2026-03-12T00:00:00"}