Role based access control for a medical database

Authors:
Lindi A. Slevin;Alex Macfie
Affiliations:
University of Westminster, London, United Kingdom;University of Westminster, London, United Kingdom
Venue:
SEA '07 Proceedings of the 11th IASTED International Conference on Software Engineering and Applications
Year:
2007

Citing 34
Cited 0

On the declarative semantics of deductive databases and logic programs

Foundations of deductive databases and logic programming
A survey of intrusion detection techniques

Computers and Security
Database security

Database security
XSB as an efficient deductive database engine

SIGMOD '94 Proceedings of the 1994 ACM SIGMOD international conference on Management of data
Role-Based Access Control Models

Computer
Authentication, access control, and audit

ACM Computing Surveys (CSUR)
Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Design systolic systems: Illustrating of regular algorithms on synchronous array processors

Design systolic systems: Illustrating of regular algorithms on synchronous array processors
A role-based access control model and reference implementation within a corporate intranet

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The uses of role hierarchies in access control

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
A model of accountability, confidentiality and override for healthcare and other applications

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Security issues for implementation of e-medical records

Communications of the ACM
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
A context-related authorization and access control method based on RBAC:

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A role-based delegation framework for healthcare information systems

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Fundamentals of Database Systems

Fundamentals of Database Systems
A model of OASIS role-based access control and its support for active security

ACM Transactions on Information and System Security (TISSEC)
Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management

Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
eMEDAC: Role-based Access Control Supporting Discretionary and Mandatory Features

Proceedings of the IFIP WG 11.3 Thirteenth International Conference on Database Security: Research Advances in Database and Information Systems Security
Protecting Deductive Databases from Unauthorized Retrievals

Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
The tees confidentiality model: an authorisation model for identities and roles

Proceedings of the eighth ACM symposium on Access control models and technologies
Enterprise Model as a Basis of Administration on Role-Based Access Control

CODAS '01 Proceedings of the Third International Symposium on Cooperative Database Systems for Advanced Applications
Implementing role based access control for federated information systems on the web

ACSW Frontiers '03 Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003 - Volume 21
Role-Based Access Control

Role-Based Access Control
A security policy model for clinical information systems

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Flexible access control policy specification with constraint logic programming

ACM Transactions on Information and System Security (TISSEC)
An integrated approach to engineer and enforce context constraints in RBAC environments

ACM Transactions on Information and System Security (TISSEC)
Access control in collaborative systems

ACM Computing Surveys (CSUR)
Future direction of access control models, architectures, and technologies

Proceedings of the tenth ACM symposium on Access control models and technologies
Rule support for role-based access control

Proceedings of the tenth ACM symposium on Access control models and technologies
X-GTRBAC: an XML-based policy specification framework and architecture for enterprise-wide access control

ACM Transactions on Information and System Security (TISSEC)
Formal specification of role-based security policies for clinical information systems

Proceedings of the 2005 ACM symposium on Applied computing
SmartGate: a smart push-pull approach to support role-based security in web gateways

Proceedings of the 2005 ACM symposium on Applied computing
Inference Controls for Statistical Databases

Computer

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper describes the testing the applicability of Role Based Access Control (RBAC) within an existing medical database in the Oncology Department at St. Bartholomew's Hospital in London, United Kingdom (UK). We show how role hierarchies and RBAC rules are derived for this particular database, and observe the outcomes of our RBAC implementation. Our work is in line with the UK Government's initiative to make historical patient data available to as wide an audience as possible and to include RBAC as a security mechanism within the National Program for Information Technology (NPfIT) of the UK National Health Service (NHS).