Security Analysis of the German Electronic Health Card’s Peripheral Parts

Proceedings of the 11th International Conference on Enterprise Information Systems (ICEIS 2009), Milan, Italy, 6-10 May 2009, Volume ISAS, pp. 19-26

Posted: 29 Sep 2012

See all articles by Ali Sunyaev

Ali Sunyaev

University of Cologne

Alexander Kaletsch

Technische Universität München (TUM)

Christian Mauro

Technische Universität München (TUM)

Helmut Krcmar

Technische Universität München (TUM)

Date Written: 2009

Abstract

This paper describes a technical security analysis which is based on experiments done in a laboratory and verified in a physician’s practice. The health care telematics infrastructure in Germany stipulates every physician and every patient to automatically be given an electronic health smart card (for patients) and a corresponding health professional card (for health care providers). We analyzed these cards and the peripheral parts of the telematics infrastructure according to the ISO 27001 security standard. The introduced attack scenarios show that there are several security issues in the peripheral parts of the German health care telematics. Based on discovered vulnerabilities we provide corresponding security measures to overcome these open issues and derive conceivable consequences for the nation-wide introduction of electronic health card in Germany.

Keywords: Security Analysis, Electronic Health Card, Health Care Telematics

Suggested Citation

Sunyaev, Ali and Kaletsch, Alexander and Mauro, Christian and Krcmar, Helmut, Security Analysis of the German Electronic Health Card’s Peripheral Parts (2009). Proceedings of the 11th International Conference on Enterprise Information Systems (ICEIS 2009), Milan, Italy, 6-10 May 2009, Volume ISAS, pp. 19-26. Available at SSRN: https://ssrn.com/abstract=2153049

Ali Sunyaev (Contact Author)

University of Cologne ( email )

Albertus-Magnus-Platz
Cologne, 50923
Germany

HOME PAGE: http://www.isq.uni-koeln.de

Alexander Kaletsch

Technische Universität München (TUM) ( email )

Arcisstrasse 21
Munich, 80333
Germany

Christian Mauro

Technische Universität München (TUM) ( email )

Arcisstrasse 21
Munich, 80333
Germany

Helmut Krcmar

Technische Universität München (TUM) ( email )

Arcisstrasse 21
Munich, 80333
Germany

Register to save articles to
your library

Register

Paper statistics

Abstract Views
282
PlumX Metrics