The active badge location system
ACM Transactions on Information Systems (TOIS)
Fundamentals of computer security technology
Fundamentals of computer security technology
A lattice model of secure information flow
Communications of the ACM
The eternal resource locator: an alternative means of establishing trust on the world wide web
WOEC'98 Proceedings of the 3rd conference on USENIX Workshop on Electronic Commerce - Volume 3
KALwEN+: practical key management schemes for gossip-based wireless medical sensor networks
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Contextualizing security for digital long-term preservation
Proceedings of the thirteenth ACM multimedia workshop on Multimedia and security
Proceedings of the 2011 Workshop on Governance of Technology, Information, and Policies
Generalized access control of synchronous communication
Middleware'06 Proceedings of the 7th ACM/IFIP/USENIX international conference on Middleware
Defining and measuring policy coverage in testing access control policies
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Protecting personal data with various granularities: a logic-based access control approach
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Trust of medical devices, applications, and users in pervasive healthcare
Proceedings of the 4th International Conference on PErvasive Technologies Related to Assistive Environments
Computing logical form on regulatory texts
EMNLP '11 Proceedings of the Conference on Empirical Methods in Natural Language Processing
Specification and validation of authorisation constraints using UML and OCL
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Flexible and dynamic consent-capturing
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
Jikzi - a new framework for security policy, trusted publishing and electronic commerce
Computer Communications
Challenges in ehealth: from enabling to enforcing privacy
FHIES'11 Proceedings of the First international conference on Foundations of Health Informatics Engineering and Systems
Threat Modeling for Electronic Health Record Systems
Journal of Medical Systems
KALwEN: a new practical and interoperable key management scheme for body sensor networks
Security and Communication Networks
Federation and security aspects for the management of the EHR in italy
ADNTIIC'11 Proceedings of the Second international conference on Advances in New Technologies, Interactive Interfaces and Communicability
Modeling and validating the clinical information systems policy using alloy
HIS'13 Proceedings of the second international conference on Health Information Science
Behavior-based access control for distributed healthcare systems
Journal of Computer Security
Hi-index | 0.00 |
The protection of personal health information has become a live issue in a number of countries including the USA, Canada, Britain and Germany. The debate has shown that there is widespread confusion about what should be protected, and why. Designers of military and banking systems can refer to Bell-LaPadula and Clark- Wilson respectively, but there is no comparable security policy model that spells out clear and concise access rules for clinical information systems. In this article, we present just such a model. It was commissioned by doctors and is driven by medical ethics; it is informed by the actual threats to privacy, and reflects current best clinical practice. Its effect is to restrict both the number of users who can access any record and the maximum number of records accessed by any user. This entails controlling information flows across rather than down and enforcing a strong notification property. We discuss its relationship with existing security policy models, and its possible use in other applications where information exposure must be localised; these range from private banking to the management of intelligence data.