Role-Based Access Control
A Framework for Multiple Authorization Types in a Healthcare Application System
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
Resolving constraint conflicts
Proceedings of the ninth ACM symposium on Access control models and technologies
SELinux by Example: Using Security Enhanced Linux (Prentice Hall Open Source Software Development Series)
Securing grid data using mandatory access controls
ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
A novel use of RBAC to protect privacy in distributed health care information systems
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
Privacy and security in open and trusted health information systems
HIKM '09 Proceedings of the Third Australasian Workshop on Health Informatics and Knowledge Management - Volume 97
| Hi-index | 0.00 |
This paper introduces Security Enhanced Linux (SELinux) as the required Operating System (OS) to enforce Mandatory Access Control (MAC) mechanisms to protect Health Information. Health Information Systems (HIS) require an OS which can enforce MAC rules so that access to the resources does not rely on the discretion of the users, thus minimizing the damage when users' applications are compromised. SELinux provides a flexible and fine-grained MAC architecture implementing a combination of Type Enforcement (TE) and Role-Based Access Control (RBAC). SELinux however, is considered to be difficult to implement because of the complexity of SELinux policies required by the fine-grained access controls. To reduce the complexity to manage SELinux policies different tools and methods have been developed increasing the feasibility to use SELinux to create trusted systems.