WinBUGS – A Bayesian modelling framework: Concepts, structure, and extensibility
Statistics and Computing
Learning Program Behavior Profiles for Intrusion Detection
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
A Study of Access Control Requirements for Healthcare Systems Based on Audit Trails from Access Logs
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
In a 'trusting' environment, everyone is responsible for information security
Information Security Tech. Report
A Framework for Computing the Privacy Scores of Users in Online Social Networks
ACM Transactions on Knowledge Discovery from Data (TKDD)
Managing an Information Security and Privacy Awareness and Training Program, Second Edition
Managing an Information Security and Privacy Awareness and Training Program, Second Edition
Hi-index | 0.00 |
Insider threats in health care systems constitute the majority of patient privacy breaches. To mitigate such insider threats many research proposals were made to develop anomaly detectors based on past behavior patterns and data mining audit trails to investigate abuses in networks and organizational settings. However such systems detect rather then prevent breaches. In this paper, we argue that current health security systems do not consider the risk level of the authorized user and lack a reward/penalty mechanism for proper data handling. We propose that building such a tool, as an add-on to an access controller, would help dissuade users from committing privacy breaches. We propose a framework for scoring user behavior regarding privacy risk by drawing concepts from psychology, anomaly detection theory and item response theory. We test our method with synthetic data and demonstrate its efficacy. The model provides improvement in information management, information access, and the training of care providers in handling patient data.