Role-Based Access Control Models
Computer
Integrating association rule mining with relational database systems: alternatives and implications
SIGMOD '98 Proceedings of the 1998 ACM SIGMOD international conference on Management of data
Mining frequent patterns without candidate generation
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
ICDE '95 Proceedings of the Eleventh International Conference on Data Engineering
Why and Where: A Characterization of Data Provenance
ICDT '01 Proceedings of the 8th International Conference on Database Theory
Fast Algorithms for Mining Association Rules in Large Databases
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Extending query rewriting techniques for fine-grained access control
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Auditing compliance with a Hippocratic database
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
ACM Computing Surveys (CSUR)
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Proceedings of the 2009 ACM SIGMOD International Conference on Management of data
Provenance in Databases: Why, How, and Where
Foundations and Trends in Databases
PolicyReplay: misconfiguration-response queries for data breach reporting
Proceedings of the VLDB Endowment
Detection of anomalous insiders in collaborative environments via relational analysis of access logs
Proceedings of the first ACM conference on Data and application security and privacy
Learning relational policies from electronic health record access logs
Journal of Biomedical Informatics
Efficient auditing for complex SQL queries
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Survey of clustering algorithms
IEEE Transactions on Neural Networks
The power of data use management in action
Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data
Mining Deviations from Patient Care Pathways via Electronic Medical Record System Audits
ACM Transactions on Management Information Systems (TMIS) - Special Issue on Informatics for Smart Health and Wellbeing
Privacy-preserving audit for broker-based health information exchange
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.00 |
To comply with emerging privacy laws and regulations, it has become common for applications like electronic health records systems (EHRs) to collect access logs, which record each time a user (e.g., a hospital employee) accesses a piece of sensitive data (e.g., a patient record). Using the access log, it is easy to answer simple queries (e.g., Who accessed Alice's medical record?), but this often does not provide enough information. In addition to learning who accessed their medical records, patients will likely want to understand why each access occurred. In this paper, we introduce the problem of generating explanations for individual records in an access log. The problem is motivated by user-centric auditing applications, and it also provides a novel approach to misuse detection. We develop a framework for modeling explanations which is based on a fundamental observation: For certain classes of databases, including EHRs, the reason for most data accesses can be inferred from data stored elsewhere in the database. For example, if Alice has an appointment with Dr. Dave, this information is stored in the database, and it explains why Dr. Dave looked at Alice's record. Large numbers of data accesses can be explained using general forms called explanation templates. Rather than requiring an administrator to manually specify explanation templates, we propose a set of algorithms for automatically discovering frequent templates from the database (i.e., those that explain a large number of accesses). We also propose techniques for inferring collaborative user groups, which can be used to enhance the quality of the discovered explanations. Finally, we have evaluated our proposed techniques using an access log and data from the University of Michigan Health System. Our results demonstrate that in practice we can provide explanations for over 94% of data accesses in the log.