📝 SummarXiv

Abstract

Research management applications (RMA) are widely used in clinical research environments to collect, transmit, analyze, and store sensitive data. This data is so valuable making RMAs susceptible to security threats. This analysis, analyzes RMAs' security, focusing on Research Electronic Data Capture (REDCap) as an example. We explore the strengths and vulnerabilities within RMAs by evaluating the architecture, data flow, and security features. We identify and assess potential risks using the MITRE ATT\&CK framework and STRIDE model. We assess REDCap's defenses against common attack vectors focusing on security to provide confidentiality, integrity, availability, non-repudiation, and authentication. We conclude by proposing recommendations for enhancing the security of RMAs, ensuring that critical research data remains protected without compromising usability. This research aims to contribute towards a more secure framework for managing sensitive information in research-intensive environments.