Assurance Case

[asongne]

Assurance case.pdf

[Lord-Tiger]

Thank you Abdoul! Looks good! However, I think some parts might need to be changed so we're not repetitive using the same elements from the other cases, namely C3 and UC1. Also, you may want to give all your rebuttals the same color. Once done, please upload a picture of the diagram to the "Media" folder of this repository.

[asongne]

[asongne]

1. Top-Level Claim Claim: "OpenEMR ensures that only authorized users can access the system, and patient actions are based on their roles." This is a high-level, comprehensive claim that sets the foundation for security. It focuses on ensuring proper access control and role-based permissions, which are critical for protecting sensitive medical data.
2. Supporting Argument Structure Sub-claims are supporting the main top-level claim with specific security mechanisms (such as RBAC, multi-factor authentication (MFA), and session control). Rebuttals: The diagram incorporates counterarguments such as "RBAC may not be well-defined" or "MFA can be bypassed" to enhance credibility by acknowledging potential weaknesses. Sub-Claim for Audits: An essential element of this diagram is the emphasis on auditing and oversight. This indicates a dynamic and monitored system, which helps to assure stakeholders that even if RBAC or MFA is bypassed, there are safety nets in place.
3. Sub-Claims and Rebuttals Sub-Claim C1: Discusses unauthorized access to patient records, with a rebuttal addressing the flexibility of RBAC. It shows that while RBAC limits access, potential misconfigurations need constant oversight. Sub-Claim C3: Provides an argument for MFA, with an effective rebuttal acknowledging that session management could be a vulnerability, and that even MFA can be bypassed if not implemented securely. Sub-Claim C4: Addresses the potential risks around RBAC misconfiguration or insufficient oversight.
4. Evidence Support Evidence 1: Configuration logs and settings for session expiration events to back up the sub-claim on RBAC. Evidence 2: Descriptions and logs showing MFA implementations, adding credibility to the security claims around authentication. Evidence 3: Audit definitions and records verifying that RBAC is correctly implemented and actively managed. Each evidence node is specific and provides clear, actionable proof to support the claims.

[asongne]

ass.pdf

[asongne]

Session Timeout Configuration OpenEMR allows administrators to configure session timeout settings, specifying how long a session can remain idle before the user is automatically logged out. This setting is customizable based on the organization’s security requirements.

Automatic Logout and Notifications When a session is about to expire due to inactivity, OpenEMR may provide notifications to the user warning them that their session is about to end, giving them a chance to stay logged in. If the user does not respond, the system automatically logs them out to prevent unauthorized access