The Road to Hell is Paved with Good Intentions: A Story of (In)secure Software Development

Abstract: Abstract-In this paper, we present the results of a security assessment performed on a home care system based on SOA, realised as web services. The security design concepts of this platform were specifically tailored to meet new security challenges and to be compliant with legal frameworks applicable to the healthcare domain. This security design was fed as input to the development team, which implemented the system. However, our assessment revealed a software platform with severe security weaknesses and vulne… Show more

“…Our case study (Sassoon, Jaatun, & Jensen, 2010) is based on the results of a European research project developing a healthcare platform. Since the platform deals with sensitive health data, it should comply with ("Directive 95/94/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data," 1995), which regulates the handling of private data for the member states of the EU.…”

Agile Software Development

“…Our case study (Sassoon, Jaatun, & Jensen, 2010) is based on the results of a European research project developing a healthcare platform. Since the platform deals with sensitive health data, it should comply with ("Directive 95/94/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data," 1995), which regulates the handling of private data for the member states of the EU.…”

Agile Software Development

Cyber security for service oriented architectures in a Web 2.0 world: An overview of SOA vulnerabilities in financial services