Research on Medical Security System Based on Zero Trust

• Published in: Sensors (Basel, Switzerland) Vol. 23; no. 7; p. 3774
• Main Authors: Wang, Zhiqiang, Yu, Xinyue, Xue, Peiyang, Qu, Yunhan, Ju, Lei
• Format: Journal Article
• Language: English
• Published: Switzerland MDPI AG 01.04.2023; MDPI
• Subjects: Access control; Alliances; Analysis; Big Data; Blockchain; Cloud Computing; Computer Security; Computer Simulation; Cost reduction; Data integrity; Design; dynamic access control; Electric power; Humans; Internet of Things; Medical advice systems; Medical equipment; Medical imaging equipment; Medical informatics; network security threats; Personal information; Roles; Safety and security measures; Security systems; Trust; trust assessment; zero-trust security system; zero-trust security system; trust assessment; network security threats; dynamic access control
• ISSN: 1424-8220; 1424-8220
• DOI: 10.3390/s23073774

With the rapid development of Internet of Things technology, cloud computing, and big data, the combination of medical systems and information technology has become increasingly close. However, the emergence of intelligent medical systems has brought a series of network security threats and hidden dangers, including data leakage and remote attacks, which can directly threaten patients’ lives. To ensure the security of medical information systems and expand the application of zero trust in the medical field, we combined the medical system with the zero-trust security system to propose a zero-trust medical security system. In addition, in its dynamic access control module, based on the RBAC model and the calculation of user behavior risk value and trust, an access control model based on subject behavior evaluation under zero-trust conditions (ABEAC) was designed to improve the security of medical equipment and data. Finally, the feasibility of the system is verified through a simulation experiment.