Regulations and Standards Aware Framework for Recording of mHealth App Vulnerabilities

The authors describe a standards-based security framework for the purposes of recording security and privacy vulnerabilities discovered in mHealth apps. The proposed framework is compliant with the international standard for software architecture descriptions, ISO/IEC/IEEE 42010, relevant state-agen...

Full description

Saved in:
Bibliographic Details
Published in:International journal of e-health and medical communications 2021-05, Vol.12 (3), p.1-16
Main Authors: Prodanoff, Zornitza, White-Williams, Cynthia, Chi, Hongmei
Format: Article
Language:English
Subjects:
Chronic illnesses
Communication
Data analysis
Descriptions
Disease management
Health care industry
Hospitals
Information systems
Internet of Things
Interoperability
Inventory control
Laws, regulations and rules
Medical care
Medical equipment
Network security
Open access publishing
Privacy
Quality management
Radio frequency identification
Recording
Regulations
Repositories
Safety and security measures
Security
Smartphones
Software
Standardization
Taxonomy
Telemedicine
User interface
Citations: Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The authors describe a standards-based security framework for the purposes of recording security and privacy vulnerabilities discovered in mHealth apps. The proposed framework is compliant with the international standard for software architecture descriptions, ISO/IEC/IEEE 42010, relevant state-agency regulations, and US federal healthcare mandates, as well as computing standards for data interchange formats. Future real-life implementations are envisioned to consists of three key components: (1) design and implementation of a repository that links vulnerabilities to concepts from the taxonomy used by legislative and standardization bodies; (2) population of the repository with security vulnerability descriptions that follow a standard format, such as JavaScript Object Notation (JSON); and (3) implementation of a searchable user interface (e.g., Google's Firebase UI), which allows for aggregation statistics, data analytics, as well as public access to the repository. The proposed framework design promotes timely updates of regulations, standardization drafts, and app development platforms.
ISSN:1947-315X
1947-3168
DOI:10.4018/IJEHMC.20210501.oa1