XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
EDBT '00 Proceedings of the 7th International Conference on Extending Database Technology: Advances in Database Technology
Regulating access to XML documents
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
UbiData: requirements and architecture for ubiquitous data access
ACM SIGMOD Record
Client-based access control management for XML documents
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
A comparison of two privacy policy languages: EPAL and XACML
A comparison of two privacy policy languages: EPAL and XACML
Building a software factory for pervasive systems development
CAiSE'05 Proceedings of the 17th international conference on Advanced Information Systems Engineering
Protecting user data in ubiquitous computing: towards trustworthy environments
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Cryptography based access control in healthcare web systems
2010 Information Security Curriculum Development Conference
Hi-index | 0.00 |
In the age of mobile computing and distributed systems, healthcare systems are employing service-oriented computing to provide users with transparent accessibility to reach their distributed resources at anytime, anywhere and anyhow. Meanwhile, these systems tend to strengthen their security shields to ensure the limitation of access to authorized entities. In this paper, we examine mobile querying of distributed XML databases within a pervasive healthcare system. In such contexts, policies - as XACML - are needed to enforce access control. We study the reactivity of this policy in the case of a user demanding access to unauthorized data sources showing that the policy will respond negatively to user demands. Thus, we propose to employ an adaptive mechanism that would provide users with reactive and proactive solutions. Our proposal is accomplished by using the RBAC scheme, the user profile and some predefined semantics in order to provide users with alternative and relevant solutions without affecting the system's integrity.