CFP last date
20 January 2026
Call for Paper
February Edition
IJCA solicits high quality original research papers for the upcoming February edition of the journal. The last date of research paper submission is 20 January 2026

Submit your paper
Know more
The week's pick
Responsive image
DHCPv6 Security Threats in Smart City Infrastructure: A Comprehensive Case Study of USA Municipalities

Joy Selasi Agbesi
Random Articles
Reseach Article

A STRIDE-based Threat Modeling Framework for Small Clinics and AI-Enabled Healthcare Services

by Sri Sowmya Nemani
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 187 - Number 65
Year of Publication: 2025
Authors: Sri Sowmya Nemani
10.5120/ijca2025926102

Sri Sowmya Nemani . A STRIDE-based Threat Modeling Framework for Small Clinics and AI-Enabled Healthcare Services. International Journal of Computer Applications. 187, 65 ( Dec 2025), 54-57. DOI=10.5120/ijca2025926102

@article{ 10.5120/ijca2025926102,
author = { Sri Sowmya Nemani },
title = { A STRIDE-based Threat Modeling Framework for Small Clinics and AI-Enabled Healthcare Services },
journal = { International Journal of Computer Applications },
issue_date = { Dec 2025 },
volume = { 187 },
number = { 65 },
month = { Dec },
year = { 2025 },
issn = { 0975-8887 },
pages = { 54-57 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume187/number65/a-stride-based-threat-modeling-framework-for-small-clinics-and-ai-enabled-healthcare-services/ },
doi = { 10.5120/ijca2025926102 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2025-12-18T17:50:19.374940+05:30
%A Sri Sowmya Nemani
%T A STRIDE-based Threat Modeling Framework for Small Clinics and AI-Enabled Healthcare Services
%J International Journal of Computer Applications
%@ 0975-8887
%V 187
%N 65
%P 54-57
%D 2025
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Small clinics operate medical devices (imaging, anesthesia monitors), EHR systems, payment terminals, and third-party integrations (diagnostic labs, suppliers). Despite handling sensitive client data and relying on networked medical devices, these clinics rarely adopt formal threat-modeling practices. This paper presents the Threat modeling for small scale businesses like Vet clinics, Chiropractor clinics, AI-Enabled Health care service etc. Mostly, lightweight STRIDE threat modeling for IoT and EHR security. This paper demonstrates the framework on a representative clinic profile and shows how straightforward mitigations (TLS, MFA, network segmentation, vendor contract clauses) measurably reduce attack surface and risk exposure.

References
  1. McCoy, D. (2025, February 2). Understand all things cybersecurity, EHR, and spam [Audio podcast episode]. Chiro Hustle Podcast, Episode 703.
  2. Hossain, M. I., & Hasan, R. (2024). Improving security practices in health information systems with STRIDE threat modeling. IEEE WF-IoT.
  3. Zhai, B., Akande, O. N., Agarwal, S., & Pak, W. (2025). Security considerations in digital healthcare ecosystems. ScienceDirect.
  4. U.S. Department of Health and Human Services. (2023).Threat modeling for mobile health systems. https://www.hhs.gov
  5. Alozie, C. (2024). Threat modeling in the health care sector. https://www.researchgate.net/publication/389100717_Threat_Modeling_in_Health_Care_Sector
  6. OWASP. (n.d.). Threat modeling. https://owasp.org/www-community/Threat_Modeling
  7. Ahmed, S., Kumar, R., & Banerjee, A. (2024). Automating healthcare with AI: Optimizing electronic health records and predictive analytics for improved patient outcomes. https://www.researchgate.net/publication/390761189_Automating_Healthcare_with_AI_Optimizing_Electronic_Health_Records_and_Predictive_Analytics_for_Improved_Patient_Outcomes
  8. Imran, M., Kelley, L., & Torres, J. (2024). Enhancing clinical documentation efficiency using advanced EHR systems. https://pmc.ncbi.nlm.nih.gov/articles/PMC11605373/
  9. Saini, R., Gupta, P., & Lee, D. (2025). AI integration in healthcare: Risks, vulnerabilities, and clinical risk management considerations. Journal of Medical Systems. https://pmc.ncbi.nlm.nih.gov/articles/PMC12579840/
  10. Zhang, Y., Chen, H., & Mohammed, S. (2025). Security assessment of IoT-based health devices using STRIDE and DREAD. Digital Communications and Networks. https://www.sciencedirect.com/science/article/pii/S2090447925004629
  11. Chandra, S., Kalra, A., & Gupta, R. (2023). Security and privacy challenges in AI-enabled healthcare systems. Journal of Healthcare Informatics Research.
  12. Kumar, P., & Singh, A. (2024). Risk assessment and mitigation strategies in cloud-based healthcare platforms. International Journal of Medical Informatics.
Index Terms

Computer Science
Information Sciences

Keywords

EHR (electronic Health Record) IoT (Internet of Things) AI (Artificial Intelligence)

Powered by PhDFocusTM