Abstract
The Hospital Management Information System (SIMRS) functions as a medium for hospital information and hospital management. There are patient medical record data, which is the result of interactions between doctors and sufferer. Medical records are sensitive data so that the security of the hospital management information system needs to be improved to convince users or patients that the data stored on SIMRS is safe at attackers. There are several ways to improve system security, one of which is by threat modeling. Threat modeling aims to identify vulnerabilities and threats that exist in SIMRS. In this paper, threat modeling will use the STRIDE-model. The recognition with the STRIDE-model will then be analyzed and sorted according to the modeling with the STRIDE method. After the analysis is complete, it will be calculated and given a rating based on the DREAD method's assessment. The STRIDE method's results show that there are several threats identified, such as there is one threat on the user side, the webserver is five threats, and the database is three threats. The level of the threat varies from the lowest-level (LowL) to the highest-level (HiL). Based on the threat level, it can be a guide and sequence in improving and improving the security system at SIMRS, starting from the LowL to the HiL.
Highlights
PENDAHULUAN Timbulnya ancaman dalam sebuah sistem aplikasi disebabkan oleh kesalahan yang muncul pada saat mendesain dan mengembangkan aplikasi (Hussain et al, 2014)
This study aims to identify vulnerabilities and threats that exist in Sistem Informasi Manajemen Rumah Sakit (SIMRS)
International Workshop on Risk Assessment and Risk-Driven Testing, 3, 93–109
Summary
Berdasarkan hasil penelitian yang telah dilakukan terdapat beberapa temuan yang didapatkan seperti detail aktivitas pengguna beserta data yang di akses, arsitektur sistem SIMRS, teknologi yang diterapkan, pemodelan ancaman, dan ancaman-ancaman yang terdapat pada sistem. Berikut ini adalah gambaran dan penjelasan dari hasil penelitian yang telah dilakukan
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
