OpenMRS Security Evaluation
Open Medical Record System (OpenMRS®) was created in 2004 as a open source medical record system platform for developing countries – a tide which rises all ships. Read more at: About OpenMRS
- Performed a security review based upon the
OWASP Top 10, the
CWE/SANS Top 25, and generated static analysis report.
- Documented the findings and providing remediation suggestions to correct and adverse findings.
- Drew a threat model using the
Microsoft Threat Modeling Tool (MSTMT).
- Developed abuse/misuse diagram for one of the system modules.
- Detailed misuse case description for one of the attacks in the abuse/misuse case diagram.
- Made ten security requirements (either functional or non-functional) for OpenMRS.
- Developed an
attack treefor one module within OpenMRS.
- Evaluated one of the system modules against
Jakob Nielson’s Ten Usability Heuristics.