摘要
应用程序编程接口(API)是现代通信的关键节点,目前医院网络环境中多使用API接口进行应用与服务交互,而其安全性问题也日益凸显。安全防护水平关乎医疗数据的信息安全,文章结合OWASP公布的十大API接口安全漏洞,分析医院中API接口存在的安全隐患和漏洞风险,逐一阐述相应的解决方案,以期提高医院网络环境安全水平。
Application programming interfaces(APIs)are the key point in modern communication.Currently,APIs are commonly applied in the hospital network environment for application and service interaction, and their security issue is also becoming increasingly prominent. The level of security protection is related to the information security of medical data. Based on the top 10 API security vulnerabilities announced by OWASP, this paper analyzes the security hidden danger and vulnerability risks of API in hospitals, and elaborates on corresponding solutions one by one to improve the security level of hospital network environment.
作者
汤其宇
陈昌杰
王士勇
TANG Qiyu;CHEN Changjie;WANG Shiyong(Department of Information,Third Affiliated Hospital of Naval Medical University,Shanghai 200438,China;Department of Information,the International Peace Maternity and Child Health Hospital,School of Medicine,Shanghai Jiao Tong University)
出处
《中国数字医学》
2024年第6期115-120,共6页
China Digital Medicine
关键词
应用程序编程接口
开放式Web应用程序安全项目
网络安全
网络安全漏洞
Application programming interface(API)
Open web application security project(OWASP)
Network security
Network security vulnerabilities
