Role-Based Access Control Models
Computer
Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
A logical framework for reasoning about access control models
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Evaluating interfaces for privacy policy rule authoring
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Privacy-aware role based access control
Proceedings of the 12th ACM symposium on Access control models and technologies
Proceedings of the 12th ACM symposium on Access control models and technologies
An Initial Model and a Discussion of Access Control in Patient Controlled Health Records
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Extending access control models with break-glass
Proceedings of the 14th ACM symposium on Access control models and technologies
A cautionary note about policy conflict resolution
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
| Hi-index | 0.00 |
A central building block of data privacy is the individual right of information self-determination, once these information identify individual persons and can therefore be considered as sensitive. Following from that when dealing with shared electronic health records (SEHR), citizens, as the identified individuals of such health records, have to be enabled to decide what medical data can be used in which way by medical professionals. In this context individual preferences of privacy have to be reflected by authorization policies enforced to control access to personal health records. We see two potential challenges, when enabling patient-controlled access control policy authoring: First, an ordinary citizen is considered a non-security expert, thus not necessarily aware of implications of her/his actions of defining access control to protect personal health data. Second, permissions to access medical data are necessary to support the daily routines of medical personnel. The better the health-care information system supports these work procedures the more effective and useful it is. There should be a balance between access restrictions through privacy settings and required access permissions in order to allow the system to be effective. In this paper we present a case study in the context of SEHR in Austria. In this scenario we identify different types of authorization policies to support individuals' privacy. Patient privacy is an important factor in access decision making, but in order to ensure the privacy - effectiveness balance, citizen-authors of policies should be informed about implications of their privacy settings on the underlying information system. To ensure this balance, policies need to be analysed. In this paper we describe a policy analysis method based on generated rules to evaluate the consequences of citizens privacy settings. Analysis results can then be used to inform and support a citizen during the policy authoring process.