A Study for Security-Based Medical Information Software Architecture Design Methodology

의료정보보안 기반 소프트웨어 아키텍처 설계방법

  • 김점구 (남서울대학교 컴퓨터학과) ;
  • 노시춘 (남서울대학교 컴퓨터학과)
  • Received : 2013.12.04
  • Accepted : 2013.12.23
  • Published : 2013.12.30


What is an alternative to medical information security of medical information more secure preservation and safety of various types of security threats should be taken, starting from the software design. Interspersed with medical information systems medical information to be able to integrate the real-time exchange of medical information must be reliable data communication. The software architecture design of medical information systems and sharing of medical information security issues and communication phase allows the user to identify the requirements reflected in the software design. Software framework design, message standard design, design a web-based inter-process communication procedures, access control algorithm design, architecture, writing descriptions, evaluation of various will procedure the establishing architecture. The initial decision is a software architecture design, development, testing, maintenance, ongoing impact. In addition, the project will be based on the decision in detail. Medical information security method based on the design software architecture of today's medical information security has become an important task of the framework will be able to provide.


  1. IEEE Std. 1971 (Recommended Practice for Architectural Description of Software-Intensive Systems), 2000.10
  2. Technical Report CMR/ SEI-95-Tr-021, 1995
  3. David Gourley and Brian Totty, "HTTP: The Definitive Guide", O'Reilly Media, 2002.
  4. http://www.owasp.org/index.php/ Cross-Site _Request_Forgery
  5. http://www.owasp.org/index.php/CSRF_GuardOWASP,CSRFGuard,
  6. Sichoon,Noh,"A Securing Method of Multispectral Protection Infrastructure for Malicious Traffic in Intrne System", DCS, 2006.02
  7. R. H. Dolin, L. Alschuler, S. Boyer, C. Beebe,F. M. Behlen, et al(2005), "HL7 Clinical Document Architecture, release 2," J. Am. Med. Inform.Assoc., 13(1), 30-39
  8. Bernd Blobe(2004), "Authorisation and access control for electronic health record systems", International Journal of Medical Informatics 73, 251-257. https://doi.org/10.1016/j.ijmedinf.2003.11.018
  9. J.W. Choi, S.Y. Yoo, H.Y. Park, J.H. Chun(2005), "Design and Implementation of HL7-based Real-time Data Communication for Mobile Clinical Information System", J. Biomed. Eng.Res.Vol.26, No2,65-71.