Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Penetration Testing and Vulnerability Reporting for an

advertisement 
CS460 Senior Capstone Project I
Indiana University–Purdue University Fort Wayne
Senior Design Project Proposal
Title
Sponsor
Type
Description
Penetration Testing and Vulnerability Reporting for an HIT Alarm
Management and Event Response Platform
Extension Healthcare (Advisor : Anyi Liu, Ph.D.)
Application
development
Information systems
Research-focused
The main goal of this project is to conduct extensive penetration testing of the
Extension Healthcare Engage alarm management and event response
platform. Under the direction of the academic advisor, the student team needs
to complete comprehensive penetration testing on the Healthcare Information
Technology (HIT) alarm safety solution across different components of the
enterprise system (e.g., Data Aggregation and Rules Server, Secure Messaging
Proxy Server, iOS and Android mobile apps, the desktop client, etc.). Following
the Penetration Testing Standard specified by NIST, the vulnerabilities and
threats that exist in the Extension Healthcare enterprise system need to be
reported, along with the steps of launching the attacks. In addition, the impact
of the vulnerabilities and threats also need to be properly assessed, such that
the risks can be quantitatively evaluated. Finally, the student team needs to
propose recommended security solutions, countermeasures, and software
patches to Extension Healthcare.
The proposed activities of the student team will include, but not be limited to:
1) researching the literature of penetration testing and information security; 2)
proposing the feasible plan of systematic penetration testing and a schedule of
deliverables; 3) constructing penetration tests locally or remotely; 4)
maintaining regular discussion with the Extension Healthcare staff and the
academic advisor; 5) suggesting possible solutions to the vulnerabilities and
threats; and, 6) iterating the cycle to verify the elimination of the risks.
By the end of each semester, a formal penetration test report must be
submitted to Extension Healthcare and the academic advisor.
Team size
2
3
4
>4
Required
backgrounds
Information security, networking, cryptography, security protocols, database,
web application development, strong C & Linux hands-on experience, etc.
Strong self-motivating and fast-learning capabilities. Preferably, ethical hacking
experience.
Required
resources
(HW/SW)
HW: Server, Laptop, and Mobile device
SW: Mostly, open-source and freeware. However, license purchasing might be
required for some penetration testing tools.
CS460 Senior Capstone Project I
Additional
requirements
Other notes




Indiana University–Purdue University Fort Wayne
Onsite training at Extension Healthcare.
Meeting with academic advisor and Extension Healthcare staff weekly.
Submitting the Midterm Report and the Final Report.
Submitting a penetration testing report to Extension Healthcare at the end
of each semester.
 Extension Healthcare might provide isolated sandboxes and/or experimental
environment for extensive penetration tests.
 Extension Healthcare might provide access to additional medical
devices/hardware/software, if it is necessary for the project.
Related documents
Financial Management of Healthcare
Financial Management of Healthcare
Additional Benefits
Additional Benefits
HITT2443 * Quality Assessment and Performance Improvement
HITT2443 * Quality Assessment and Performance Improvement
Healthcare Facilities Management Course
Healthcare Facilities Management Course
Community Healthcare Planning and Response to Disasters (MGT
Community Healthcare Planning and Response to Disasters (MGT
I received my bachelor`s degree in Industrial Engineering and
I received my bachelor`s degree in Industrial Engineering and
Risk management planning related to Health Information Technology
Risk management planning related to Health Information Technology
Download
advertisement