Cryptography based access control in healthcare web systems
2010 Information Security Curriculum Development Conference
BABAC: An Access Control Framework for Network Virtualization Using User Behaviors and Attributes
GREENCOM-CPSCOM '10 Proceedings of the 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing
Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare
International Journal of Security and Networks
An infrastructure for secure sharing of medical images between PACS and EHR systems
CASCON '13 Proceedings of the 2013 Conference of the Center for Advanced Studies on Collaborative Research
Behavior-based access control for distributed healthcare systems
Journal of Computer Security
| Hi-index | 0.00 |
Privacy and security are critical requirements for using patient profiles in distributed healthcare environments. The amalgamation of new information technology with traditional healthcare workflows for sharing patient profiles has made the entire system vulnerable to security and privacy breaches. In this paper we present a novel access control model based on a framework designed for data and service interoperability in the healthcare domain. The proposed model for customizable access control captures the dynamic behavior of the user and determines access rights accordingly. The model is generic and flexible in the sense that an access control engine dynamically receives security effective factors from the subject user, and identifies the privilege level in accessing clinical data using different specialized components within the engine. Standard data representation formats are used to make the model compatible with different healthcare environments. The access control engine uses a flow-based approach to follow the user's behavior. The proposed model is supported by a real world case study.