Application of Privacy-aware Role-based Access Control Model in IHE-XDS

被引：1

作者：

Dauletbek, Daniya ^{[1
]}

Yuan, Shi-Zhong ^{[1
]}

机构：

[1] Shanghai Univ, Sch Comp Engn & Sci, Shanghai, Peoples R China

来源：

4TH ANNUAL INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY AND APPLICATIONS (ITA 2017) | 2017年 / 12卷

关键词：

D O I：

10.1051/itmconf/20171203038

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

Integrating the Healthcare Enterprise ((IHE)'s Cross-Enterprise Document Sharing (XDS) profile is an open standards-based architecture specification for EHR systems. In EHR systems, it is necessary to provide a mechanism for access control to protect security and privacy of patient data. On the basis of related studies, this paper addresses the issue of access control and privacy protection of privacy data in XDS-based EHR systems, aiming to identify a suitable, privacy-aware role-based access control model based on specific access requirements for IHE-XDS. Privacy aware role-based access control model is an extension model of RBAC model. It not just has the benefits of RBAC, but additionally adds restrictions on the permission assignment for the roles by using the purpose enforcement and privacy-aware access control enforcement. The proposed model could further protect privacy data, while decreasing the complexity of the role assignment.

引用

页数：6

共 50 条

[1] Privacy-Aware Role-Based Access Control
Ni, Qun
Bertino, Elisa
Lobo, Jorge
Brodie, Carolyn
Karat, Clare-Marie
Karat, John
Trombetta, Alberto
[J]. ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY, 2010, 13 (03)
[2] Privacy-Aware Role-Based Access Control
Ni, Qun
Bertino, Elisa
Lobo, Jorge
Calo, Seraphin B.
[J]. IEEE SECURITY & PRIVACY, 2009, 7 (04) : 35 - 43
[3] Privacy-aware Role Based Access Control
Ni, Qun
Trombetta, Alberto
Bertino, Elisa
Lobo, Jorge
[J]. SACMAT'07: PROCEEDINGS OF THE 12TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, 2007, : 41 - 50
[4] THE PRIVACY-AWARE ACCESS CONTROL SYSTEM USING ATTRIBUTE-AND ROLE-BASED ACCESS CONTROL IN PRIVATE CLOUD
Mon, Ei Ei
Naing, Thinn Thu
[J]. 2011 4TH IEEE INTERNATIONAL CONFERENCE ON BROADBAND NETWORK AND MULTIMEDIA TECHNOLOGY (4TH IEEE IC-BNMT2011), 2011, : 447 - 451
[5] Conditional privacy-aware role based access control
Ni, Qun
Lin, Dan
Bertino, Elisa
Lobo, Jorge
[J]. COMPUTER SECURITY - ESORICS 2007, PROCEEDINGS, 2007, 4734 : 72 - +
[6] Role-Based Consistency Verification for Privacy-Aware Web Services
Liu, Linyuan
Huang, Zhiqiu
Zhu, Haibin
[J]. PROCEEDINGS OF THE 2009 INTERNATIONAL SYMPOSIUM ON COLLABORATIVE TECHNOLOGIES AND SYSTEMS, 2009, : 423 - +
[7] A privacy-aware access control system
Ardagna, C.
Cremonini, M.
di Vimercati, S.
Samarati, P.
[J]. JOURNAL OF COMPUTER SECURITY, 2008, 16 (04) : 369 - 397
[8] Multi-domain and Privacy-aware Role Based Access Control in eHealth
Martino, Lorenzo D.
Ni, Qun
Lin, Dan
Bertino, Elisa
[J]. 2008 2ND INTERNATIONAL CONFERENCE ON PERVASIVE COMPUTING TECHNOLOGIES FOR HEALTHCARE, 2008, : 123 - 126
[9] A privacy enhanced role-based access control model for enterprises
Yang, CG
Zhang, CN
[J]. NETWORKING AND MOBILE COMPUTING, PROCEEDINGS, 2005, 3619 : 1012 - 1021
[10] A privacy-aware access control model for distributed network monitoring
Papagiannakopoulou, Eugenia I.
Koukovini, Maria N.
Lioudakis, Georgios V.
Garcia-Alfaro, Joaquin
Kaklamani, Dimitra I.
Venieris, Iakovos S.
Cuppens, Frederic
Cuppens-Boulahia, Nora
[J]. COMPUTERS & ELECTRICAL ENGINEERING, 2013, 39 (07) : 2263 - 2281

← 1 2 3 4 5 →