| 防非法统方——从事后审计到事前预防 |
| 修订日期:2014-07-14 点此下载全文 |
| 引用本文:李海涛,杨洋,高世龙.防非法统方——从事后审计到事前预防[J].医学信息学杂志,2014,35(11):40-43 |
| 摘要点击次数: |
| 全文下载次数: |
|
| 基金项目:国家高技术研究与开发计划(863计划)“基于医学知识库的电子病历系统研发及临床应用”(项目编号:2012AA02A600) |
|
| 中文摘要:对非法获取医院敏感数据的基本途径进行分析,包括外来系统运维人员、应用程序开发人员、黑客等的非法访问,指出事后审计的工作原理及缺陷,以中山大学附属第三医院成功实施的安全监察系统SA-ToolKit为例,从应用部署、单点登录、认证、审计等方面介绍事前预防系统的优势。 |
| 中文关键词:医院信息系统 安全监察系统 数据库安全审计 事前预防系统 |
| |
| Prevention of Illegal Prescription Statistic——from post auditing to prevention |
|
|
| Abstract:The paper analyzes the basic approaches to obtain illegal sensitive data in hospital, including illegal access of external system maintenance personnel, application developers, hackers and so on, points out the principle and shortage of post auditing work. Taking security monitoring system SA-ToolKit as an example, which is implemented in the Third Affiliated Hospital of SUN Yat-sen University, the advantages of prevention system is introduced from the aspects of application deployment, single sign on, authentication, audition, etc. |
| keywords:Hospital Information System(HIS) Security monitoring system Database security auditing Prevention system |
| 查看全文 查看/发表评论 下载PDF阅读器 |
|
|
|
