摘要
针对国内医院信息系统中存在越权、操作不规范和隐私泄露等安全隐患,基于医院信息系统安全系统安全现状和医院信息系统安全需求进行了信息系统安全设计。为了提升医院信息安全防护能力,切实做好病人、医务工作者和管理人员等的信息安全,做到数据保密性、可用性和安全性,在物理安全策略、身份认证、访问控制、授权、终端主机安全防护和网络通信防护等6个方面进行了医院信息系统安全设计与改造,结果有助于提升医院信息安全防护能力,更方便、快捷和安全的为广大医务工作者以及病患服务。
In view of the potential security risks in domestic hospital information system, such as ultra vires, non-standard operation and privacy leakage, the information system security design was carried out based on the security status of hospital information system and the security requirements of hospital information system. In order to improve the ability of hospital information security protection, do a good job in the information security of patients, medical workers and management personnel, a hospital information system security design and transformation was carried out. It achieves data confidentiality, availability and security, through the physical security strategy, identity authentication, access control, authorization, terminal host security protection and network communication protection. It is helpful to improve the ability of hospital information security protection, and provide more convenient, fast and safe services for the majority of medical workers and patients.
作者
李铮
魏星
佟明泽
王悦
LI Zheng;WEI Xing;TONG Mingze;WANG Yue(Department of Network Information,Tianjin Fourth Central Hospital,Tianjin 300140,China;Department of Information Engineering,North China University of Technology,Tangshan 063210,China)
出处
《微型电脑应用》
2021年第3期10-12,共3页
Microcomputer Applications
基金
河北省自然科学基金项目(18HB012Y4)。
关键词
网络安全
医院信息系统
现状
需求
设计
network security
hospital information system
status quo
demand
design