{"id":"https://openalex.org/W2023314968","doi":"https://doi.org/10.1145/1295464.1295467","title":"Towards the security and privacy analysis of patient portals","display_name":"Towards the security and privacy analysis of patient portals","publication_year":2007,"publication_date":"2007-04-01","ids":{"openalex":"https://openalex.org/W2023314968","doi":"https://doi.org/10.1145/1295464.1295467","mag":"2023314968"},"language":"en","primary_location":{"id":"doi:10.1145/1295464.1295467","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1295464.1295467","pdf_url":null,"source":{"id":"https://openalex.org/S4210187018","display_name":"ACM SIGBED Review","issn_l":"1551-3688","issn":["1551-3688"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM SIGBED Review","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5022002414","display_name":"Janos L. Mathe","orcid":null},"institutions":[{"id":"https://openalex.org/I4210160740","display_name":"Integrated Software (United States)","ror":"https://ror.org/05dp7m259","country_code":"US","type":"company","lineage":["https://openalex.org/I4210160740"]},{"id":"https://openalex.org/I200719446","display_name":"Vanderbilt University","ror":"https://ror.org/02vm5rt34","country_code":"US","type":"education","lineage":["https://openalex.org/I200719446"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Janos L. Mathe","raw_affiliation_strings":["Institute for Software Integrated Systems, Vanderbilt University, Nashville, TN","Institute for Software-Integrated Systems, Vanderbilt University, Nashville, TN#TAB#"],"affiliations":[{"raw_affiliation_string":"Institute for Software Integrated Systems, Vanderbilt University, Nashville, TN","institution_ids":["https://openalex.org/I4210160740","https://openalex.org/I200719446"]},{"raw_affiliation_string":"Institute for Software-Integrated Systems, Vanderbilt University, Nashville, TN#TAB#","institution_ids":["https://openalex.org/I200719446"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5080892002","display_name":"Sean Duncavage","orcid":null},"institutions":[{"id":"https://openalex.org/I200719446","display_name":"Vanderbilt University","ror":"https://ror.org/02vm5rt34","country_code":"US","type":"education","lineage":["https://openalex.org/I200719446"]},{"id":"https://openalex.org/I4210160740","display_name":"Integrated Software (United States)","ror":"https://ror.org/05dp7m259","country_code":"US","type":"company","lineage":["https://openalex.org/I4210160740"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sean Duncavage","raw_affiliation_strings":["Institute for Software Integrated Systems, Vanderbilt University, Nashville, TN","Institute for Software-Integrated Systems, Vanderbilt University, Nashville, TN#TAB#"],"affiliations":[{"raw_affiliation_string":"Institute for Software Integrated Systems, Vanderbilt University, Nashville, TN","institution_ids":["https://openalex.org/I4210160740","https://openalex.org/I200719446"]},{"raw_affiliation_string":"Institute for Software-Integrated Systems, Vanderbilt University, Nashville, TN#TAB#","institution_ids":["https://openalex.org/I200719446"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082580481","display_name":"Jan Werner","orcid":null},"institutions":[{"id":"https://openalex.org/I4210160740","display_name":"Integrated Software (United States)","ror":"https://ror.org/05dp7m259","country_code":"US","type":"company","lineage":["https://openalex.org/I4210160740"]},{"id":"https://openalex.org/I200719446","display_name":"Vanderbilt University","ror":"https://ror.org/02vm5rt34","country_code":"US","type":"education","lineage":["https://openalex.org/I200719446"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jan Werner","raw_affiliation_strings":["Institute for Software Integrated Systems, Vanderbilt University, Nashville, TN","Institute for Software-Integrated Systems, Vanderbilt University, Nashville, TN#TAB#"],"affiliations":[{"raw_affiliation_string":"Institute for Software Integrated Systems, Vanderbilt University, Nashville, TN","institution_ids":["https://openalex.org/I4210160740","https://openalex.org/I200719446"]},{"raw_affiliation_string":"Institute for Software-Integrated Systems, Vanderbilt University, Nashville, TN#TAB#","institution_ids":["https://openalex.org/I200719446"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090647314","display_name":"Bradley Malin","orcid":"https://orcid.org/0000-0003-3040-5175"},"institutions":[{"id":"https://openalex.org/I200719446","display_name":"Vanderbilt University","ror":"https://ror.org/02vm5rt34","country_code":"US","type":"education","lineage":["https://openalex.org/I200719446"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bradley A. Malin","raw_affiliation_strings":["Department of Biomedical Informatics, Vanderbilt University, Nashville, TN","Department of Biomedical Informatics Vanderbilt University , Nashville, TN"],"affiliations":[{"raw_affiliation_string":"Department of Biomedical Informatics, Vanderbilt University, Nashville, TN","institution_ids":["https://openalex.org/I200719446"]},{"raw_affiliation_string":"Department of Biomedical Informatics Vanderbilt University , Nashville, TN","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086257343","display_name":"\u00c1kos L\u00e9deczi","orcid":"https://orcid.org/0000-0003-2876-585X"},"institutions":[{"id":"https://openalex.org/I4210160740","display_name":"Integrated Software (United States)","ror":"https://ror.org/05dp7m259","country_code":"US","type":"company","lineage":["https://openalex.org/I4210160740"]},{"id":"https://openalex.org/I200719446","display_name":"Vanderbilt University","ror":"https://ror.org/02vm5rt34","country_code":"US","type":"education","lineage":["https://openalex.org/I200719446"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Akos Ledeczi","raw_affiliation_strings":["Institute for Software Integrated Systems, Vanderbilt University, Nashville, TN","Institute for Software-Integrated Systems, Vanderbilt University, Nashville, TN#TAB#"],"affiliations":[{"raw_affiliation_string":"Institute for Software Integrated Systems, Vanderbilt University, Nashville, TN","institution_ids":["https://openalex.org/I4210160740","https://openalex.org/I200719446"]},{"raw_affiliation_string":"Institute for Software-Integrated Systems, Vanderbilt University, Nashville, TN#TAB#","institution_ids":["https://openalex.org/I200719446"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5013237840","display_name":"J\u00e1nos Sztipanovits","orcid":"https://orcid.org/0000-0002-8360-6299"},"institutions":[{"id":"https://openalex.org/I4210160740","display_name":"Integrated Software (United States)","ror":"https://ror.org/05dp7m259","country_code":"US","type":"company","lineage":["https://openalex.org/I4210160740"]},{"id":"https://openalex.org/I200719446","display_name":"Vanderbilt University","ror":"https://ror.org/02vm5rt34","country_code":"US","type":"education","lineage":["https://openalex.org/I200719446"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Janos Sztipanovits","raw_affiliation_strings":["Institute for Software Integrated Systems, Vanderbilt University, Nashville, TN","Institute for Software-Integrated Systems, Vanderbilt University, Nashville, TN#TAB#"],"affiliations":[{"raw_affiliation_string":"Institute for Software Integrated Systems, Vanderbilt University, Nashville, TN","institution_ids":["https://openalex.org/I4210160740","https://openalex.org/I200719446"]},{"raw_affiliation_string":"Institute for Software-Integrated Systems, Vanderbilt University, Nashville, TN#TAB#","institution_ids":["https://openalex.org/I200719446"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5022002414"],"corresponding_institution_ids":["https://openalex.org/I200719446","https://openalex.org/I4210160740"],"apc_list":null,"apc_paid":null,"fwci":0.8334,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.84176576,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"4","issue":"2","first_page":"5","last_page":"9"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10679","display_name":"Service-Oriented Architecture and Web Services","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10679","display_name":"Service-Oriented Architecture and Web Services","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10350","display_name":"Electronic Health Records Systems","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/3605","display_name":"Health Information Management"},"field":{"id":"https://openalex.org/fields/36","display_name":"Health Professions"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}},{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.989300012588501,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.745697021484375},{"id":"https://openalex.org/keywords/patient-portal","display_name":"Patient portal","score":0.5156263709068298},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.43732404708862305},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4339079260826111},{"id":"https://openalex.org/keywords/information-sensitivity","display_name":"Information sensitivity","score":0.42774614691734314},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.4180302023887634},{"id":"https://openalex.org/keywords/health-care","display_name":"Health care","score":0.39979287981987}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.745697021484375},{"id":"https://openalex.org/C2776153502","wikidata":"https://www.wikidata.org/wiki/Q7144994","display_name":"Patient portal","level":3,"score":0.5156263709068298},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.43732404708862305},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4339079260826111},{"id":"https://openalex.org/C137822555","wikidata":"https://www.wikidata.org/wiki/Q2587068","display_name":"Information sensitivity","level":2,"score":0.42774614691734314},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.4180302023887634},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.39979287981987},{"id":"https://openalex.org/C50522688","wikidata":"https://www.wikidata.org/wiki/Q189833","display_name":"Economic growth","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1295464.1295467","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1295464.1295467","pdf_url":null,"source":{"id":"https://openalex.org/S4210187018","display_name":"ACM SIGBED Review","issn_l":"1551-3688","issn":["1551-3688"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM SIGBED Review","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W45053571","https://openalex.org/W170857486","https://openalex.org/W1588848576","https://openalex.org/W1962632332","https://openalex.org/W2113175940","https://openalex.org/W2134345746","https://openalex.org/W2165067028","https://openalex.org/W2169565791","https://openalex.org/W2274166708"],"related_works":["https://openalex.org/W2597779065","https://openalex.org/W3132386800","https://openalex.org/W2896459163","https://openalex.org/W4391215882","https://openalex.org/W2728101909","https://openalex.org/W4200259495","https://openalex.org/W3043099774","https://openalex.org/W2891951763","https://openalex.org/W2860515844","https://openalex.org/W2912135041"],"abstract_inverted_index":{"Clinical":[0,107],"information":[1,21],"systems":[2,123],"(CIS)":[3],"significantly":[4],"influence":[5],"the":[6,29,75,102,147,155,164,174,178],"quality":[7],"and":[8,25,54,61,64,81,157],"efficiency":[9],"of":[10,31,56,69,77,149,166,177],"health":[11],"care":[12],"delivery.":[13],"However,":[14],"CIS":[15,57,94,118,122,142],"are":[16],"complex":[17],"environments":[18],"that":[19,116],"integrate":[20],"technologies,":[22],"human":[23],"stakeholders,":[24],"patient-specific":[26],"data.":[27,49],"Given":[28],"sensitivity":[30],"patient":[32,48,180],"data,":[33],"federal":[34],"regulations":[35],"require":[36],"healthcare":[37],"providers":[38],"to":[39,87,131],"adopt":[40],"policy,":[41],"as":[42,44,124,152,154,173],"well":[43,153],"technology,":[45],"protections":[46],"for":[47,106],"Ad":[50],"hoc":[51],"system":[52,134],"design":[53,71,114,156],"implementation":[55],"can":[58],"cause":[59],"unforeseen":[60],"unintended":[62],"privacy":[63],"security":[65],"breaches.":[66],"The":[67],"introduction":[68],"model-based":[70],"techniques":[72],"combined":[73],"with":[74],"development":[76],"high-level":[78],"modeling":[79,141,169],"abstractions":[80],"analysis":[82,148],"methods":[83],"provide":[84],"a":[85,112],"mechanism":[86],"investigate":[88],"these":[89],"concerns":[90],"by":[91],"conceptually":[92],"simplifying":[93],"without":[95],"losing":[96],"expressive":[97],"power.":[98],"This":[99],"work":[100],"introduces":[101],"Model-based":[103],"Design":[104],"Environment":[105],"Information":[108],"Systems":[109],"(MODECIS)":[110],"-":[111],"graphical":[113],"environment":[115],"assists":[117],"architects":[119],"in":[120],"formalizing":[121],"well-defined":[125],"services.":[126],"MODECIS":[127,167],"leverages":[128],"Service-Oriented":[129],"Architectures":[130],"create":[132],"realistic":[133],"models":[135],"at":[136],"an":[137],"abstract":[138],"level.":[139],"By":[140],"using":[143],"abstractions,":[144],"we":[145],"enable":[146],"legacy":[150],"architectures,":[151],"simulation":[158],"of,":[159],"future":[160],"CIS.":[161],"We":[162],"present":[163],"feasibility":[165],"via":[168],"certain":[170],"functions,":[171],"such":[172],"authentication":[175],"process":[176],"MyHealth@Vanderbilt":[179],"portal.":[181]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":2}],"updated_date":"2026-04-02T15:55:50.835912","created_date":"2025-10-10T00:00:00"}