Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
ACM SIGAda Ada Letters
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
Activity-based Access Control Model to Hospital Information
RTCSA '07 Proceedings of the 13th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications
AFIPS '69 (Fall) Proceedings of the November 18-20, 1969, fall joint computer conference
A practical mandatory access control model for XML databases
Information Sciences: an International Journal
A trust degree based access control in grid environments
Information Sciences: an International Journal
Task-activity based access control for process collaboration environments
Computers in Industry
Secured WSN-integrated cloud computing for u-life care
CCNC'10 Proceedings of the 7th IEEE conference on Consumer communications and networking conference
Semi-Markov conditional random fields for accelerometer-based activity recognition
Applied Intelligence
A contextual role-based access control authorization model for electronic patient record
IEEE Transactions on Information Technology in Biomedicine
Location-aware access to hospital information and services
IEEE Transactions on Information Technology in Biomedicine
An efficient key assignment scheme for access control in a large leaf class hierarchy
Information Sciences: an International Journal
E-EPR: a cloud-based architecture of an electronic emergency patient record
Proceedings of the 4th International Conference on PErvasive Technologies Related to Assistive Environments
A crypto-biometric scheme based on iris-templates with fuzzy extractors
Information Sciences: an International Journal
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
A Secure Integrated Medical Information System
Journal of Medical Systems
Criteria for the Evaluation of a Cloud-Based Hospital Information System Outsourcing Provider
Journal of Medical Systems
Information Sciences: an International Journal
Secure interoperation design in multi-domains environments based on colored Petri nets
Information Sciences: an International Journal
Cloud service access control system based on ontologies
Advances in Engineering Software
| Hi-index | 0.07 |
In hospital information systems, protecting the confidentiality of health information, whilst at the same time allowing authorized physicians to access it conveniently, is a crucial requirement. The need to deliver health information at the point-of-care is a primary factor to increase healthcare quality and cost efficiency. However, current systems require considerable coordination effort of hospital professionals to locate relevant documents to support a specific activity. This paper presents a flexible and dynamic access control model, Activity-Oriented Access Control (AOAC), which is based on user activity to authorize access permissions. A user is allowed to perform an activity if he/she holds a number of satisfactory attributes (i.e. roles, assignments, etc.) under a specified condition (e.g. time, location). Results of AOAC implementation in a realistic healthcare scenario have shown to meet two important requirements: protecting confidentiality of health information by denying an unauthorized access, and allowing physicians to conveniently browse medical data at the point-of-care. Furthermore, the average execution time was 0.078s which allows AOAC to work in real-time.