{"id":"https://openalex.org/W2020220446","doi":"https://doi.org/10.1145/1370256.1370269","title":"Applying an open application security process to a clinical information system","display_name":"Applying an open application security process to a clinical information system","publication_year":2008,"publication_date":"2008-01-01","ids":{"openalex":"https://openalex.org/W2020220446","doi":"https://doi.org/10.1145/1370256.1370269","mag":"2020220446"},"language":"en","primary_location":{"id":"doi:10.1145/1370256.1370269","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1370256.1370269","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2008 C3S2E conference on   - C3S2E '08","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5082670946","display_name":"Michael Pf\u00e4hler","orcid":null},"institutions":[{"id":"https://openalex.org/I4210163522","display_name":"Technische Hochschule Ulm","ror":"https://ror.org/05e5kd476","country_code":"DE","type":"education","lineage":["https://openalex.org/I4210163522"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Michael Pf\u00e4hler","raw_affiliation_strings":["Ulm University of Applied Sciences, Ulm, Germany"],"affiliations":[{"raw_affiliation_string":"Ulm University of Applied Sciences, Ulm, Germany","institution_ids":["https://openalex.org/I4210163522"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079305931","display_name":"Jens H. Weber-Jahnke","orcid":null},"institutions":[{"id":"https://openalex.org/I212119943","display_name":"University of Victoria","ror":"https://ror.org/04s5mat29","country_code":"CA","type":"education","lineage":["https://openalex.org/I212119943"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Jens H. Weber-Jahnke","raw_affiliation_strings":["University of Victoria, Canada, B. C","University of Victoria, Canada, B. C.#TAB#"],"affiliations":[{"raw_affiliation_string":"University of Victoria, Canada, B. C","institution_ids":[]},{"raw_affiliation_string":"University of Victoria, Canada, B. C.#TAB#","institution_ids":["https://openalex.org/I212119943"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5082670946"],"corresponding_institution_ids":["https://openalex.org/I4210163522"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.15072959,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"89","last_page":"89"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10350","display_name":"Electronic Health Records Systems","score":0.9847999811172485,"subfield":{"id":"https://openalex.org/subfields/3605","display_name":"Health Information Management"},"field":{"id":"https://openalex.org/fields/36","display_name":"Health Professions"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}},"topics":[{"id":"https://openalex.org/T10350","display_name":"Electronic Health Records Systems","score":0.9847999811172485,"subfield":{"id":"https://openalex.org/subfields/3605","display_name":"Health Information Management"},"field":{"id":"https://openalex.org/fields/36","display_name":"Health Professions"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9843000173568726,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9836000204086304,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7040001749992371},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6822969913482666},{"id":"https://openalex.org/keywords/unavailability","display_name":"Unavailability","score":0.6306755542755127},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.598338782787323},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.5551568865776062},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.539821982383728},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.5062312483787537},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.49428629875183105},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.4804106056690216},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.4655519127845764},{"id":"https://openalex.org/keywords/information-security-standards","display_name":"Information security standards","score":0.4450499415397644},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.4210623800754547},{"id":"https://openalex.org/keywords/order","display_name":"Order (exchange)","score":0.4106159508228302},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.3953450322151184},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.15770268440246582},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.14849328994750977},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.12103694677352905}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7040001749992371},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6822969913482666},{"id":"https://openalex.org/C2780505938","wikidata":"https://www.wikidata.org/wiki/Q17093282","display_name":"Unavailability","level":2,"score":0.6306755542755127},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.598338782787323},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.5551568865776062},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.539821982383728},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.5062312483787537},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.49428629875183105},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.4804106056690216},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.4655519127845764},{"id":"https://openalex.org/C139547956","wikidata":"https://www.wikidata.org/wiki/Q6031202","display_name":"Information security standards","level":5,"score":0.4450499415397644},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.4210623800754547},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.4106159508228302},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3953450322151184},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.15770268440246582},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.14849328994750977},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.12103694677352905},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0},{"id":"https://openalex.org/C200601418","wikidata":"https://www.wikidata.org/wiki/Q2193887","display_name":"Reliability engineering","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1370256.1370269","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1370256.1370269","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2008 C3S2E conference on   - C3S2E '08","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7300000190734863,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W54544099","https://openalex.org/W92185616","https://openalex.org/W1983424002","https://openalex.org/W2065119457","https://openalex.org/W2069726734","https://openalex.org/W2070418264","https://openalex.org/W2104682122","https://openalex.org/W2117057934","https://openalex.org/W2119604965","https://openalex.org/W2126762719","https://openalex.org/W3118517595"],"related_works":["https://openalex.org/W3189065608","https://openalex.org/W2165898552","https://openalex.org/W2299494954","https://openalex.org/W2164920192","https://openalex.org/W2345270111","https://openalex.org/W2940646603","https://openalex.org/W2555665621","https://openalex.org/W2115730242","https://openalex.org/W2096261382","https://openalex.org/W2988129474"],"abstract_inverted_index":{"Security":[0,187],"is":[1,53,69,118,125],"an":[2,102,129],"important":[3],"quality":[4],"goal":[5],"of":[6,10,21,24,60,79,84,101,123,162],"software":[7,51,62],"engineering.":[8],"Incidents":[9],"data":[11,13],"theft,":[12],"loss,":[14],"and":[15,155,175,200,211],"unavailability":[16],"may":[17],"lead":[18],"to":[19,41,54,74,131,139,152,166,208],"frustration":[20],"users,":[22],"contravention":[23],"laws,":[25],"or":[26],"financial":[27],"loss.":[28],"Especially":[29],"in":[30,81,137,205],"critical":[31],"domains":[32],"like":[33],"health":[34],"care,":[35],"every":[36],"effort":[37],"must":[38,90,149],"be":[39,91,150],"made":[40],"minimize":[42],"security":[43,52,83,88,99,116,145],"related":[44],"problems.":[45],"The":[46,110],"optimum":[47],"method":[48],"for":[49,113],"establishing":[50],"consider":[55],"it":[56],"during":[57],"all":[58],"stages":[59],"the":[61,82,115,120,132,153,159,168,178,209],"process.":[63],"For":[64],"legacy":[65],"systems,":[66,86],"however,":[67],"this":[68,94,196],"not":[70],"possible.":[71],"In":[72,93,164],"order":[73,165],"provide":[75],"a":[76,87,98,144,172],"high":[77],"level":[78],"confidence":[80],"existing":[85,103],"analysis":[89,100,117],"conducted.":[92],"paper,":[95],"we":[96,170],"perform":[97,171],"clinical":[104],"decision":[105],"support":[106],"system":[107,210],"called":[108,182],"EGADSS.":[109,163],"major":[111],"motivation":[112],"conducting":[114],"that":[119,136],"operational":[121],"context":[122],"EGADSS":[124],"being":[126],"changed":[127],"from":[128],"intranet":[130],"Internet.":[133],"This":[134],"means":[135],"addition":[138],"general":[140],"considerations":[141],"associated":[142],"with":[143,194],"analysis,":[146,169],"particular":[147],"attention":[148],"paid":[151],"threats":[154,207],"risks":[156],"introduced":[157],"by":[158],"new":[160],"environment":[161],"conduct":[167],"process":[173,199],"developed":[174],"published":[176],"within":[177],"open":[179],"content":[180],"community,":[181],"CLASP":[183],"(Comprehensive":[184],"Lightweight":[185],"Application":[186],"Process).":[188],"We":[189],"report":[190],"on":[191,202],"our":[192],"experiences":[193],"applying":[195],"community":[197],"maintained":[198],"reflect":[201],"its":[203],"effectiveness":[204],"modeling":[206],"identifying":[212],"appropriate":[213],"countermeasures.":[214]},"counts_by_year":[{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}