Development of a system framework for implementation of an enhanced role-based access control model to support collaborative processes

Authors:
Xuan Hung Le;Dongwen Wang
Affiliations:
University of Rochester Medical Center, Rochester, NY;University of Rochester Medical Center, Rochester, NY
Venue:
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
Year:
2012

Citing 34
Cited 1

Role-Based Access Control Models

Computer
An access control model supporting periodicity constraints and temporal reasoning

ACM Transactions on Database Systems (TODS)
Flexible team-based access control using contexts

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
TRBAC: A temporal role-based access control model

ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
A model of OASIS role-based access control and its support for active security

ACM Transactions on Information and System Security (TISSEC)
Using JessTab to Integrate Protégé and Jess

IEEE Intelligent Systems
DAMLJessKB: A Tool for Reasoning with the Semantic Web

IEEE Intelligent Systems
Jess in Action: Java Rule-Based Systems

Jess in Action: Java Rule-Based Systems
The UCONABC usage control model

ACM Transactions on Information and System Security (TISSEC)
uT-RBAC: Ubiquitous Role-Based Access Control Model

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Evaluation Methods in Biomedical Informatics (Health Informatics)

Evaluation Methods in Biomedical Informatics (Health Informatics)
Access control in collaborative commerce

Decision Support Systems
An architecture for access control management in collaborative enterprise systems based on organization models

Science of Computer Programming
Data security in location-aware applications: an approach based on RBAC

International Journal of Information and Computer Security
Status-Based Access Control

ACM Transactions on Information and System Security (TISSEC)
Situation-Based Access Control: Privacy management via modeling of patient data access scenarios

Journal of Biomedical Informatics
Dynamic protection structures

AFIPS '69 (Fall) Proceedings of the November 18-20, 1969, fall joint computer conference
Supporting RBAC with XACML+OWL

Proceedings of the 14th ACM symposium on Access control models and technologies
Engineering JADE agents with the Gaia methodology

NODe'02 Proceedings of the NODe 2002 agent-related conference on Agent technologies, infrastructures, tools, and applications for E-services
Privacy-aware role-based access control

ACM Transactions on Information and System Security (TISSEC)
Activity-oriented access control to ubiquitous hospital information and services

Information Sciences: an International Journal
Attribute-Based Messaging: Access Control and Confidentiality

ACM Transactions on Information and System Security (TISSEC)
MetDAT

Bioinformatics
xDAuth: a scalable and lightweight framework for cross domain access control and delegation

Proceedings of the 16th ACM symposium on Access control models and technologies
Relationship-based access control policies and their policy languages

Proceedings of the 16th ACM symposium on Access control models and technologies
Supporting rule system interoperability on the semantic web with SWRL

ISWC'05 Proceedings of the 4th international conference on The Semantic Web
Task-Based access control for virtual organizations

FIDJI'04 Proceedings of the 4th international conference on Scientific Engineering of Distributed Java Applications
TrustAC: trust-based access control for pervasive devices

SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
A teaching strategies engine using translation from SWRL to jess

ITS'06 Proceedings of the 8th international conference on Intelligent Tutoring Systems
A contextual role-based access control authorization model for electronic patient record

IEEE Transactions on Information Technology in Biomedicine
Location-aware access to hospital information and services

IEEE Transactions on Information Technology in Biomedicine
ABACS: An Attribute-Based Access Control System for Emergency Services over Vehicular Ad Hoc Networks

IEEE Journal on Selected Areas in Communications
An enhancement of the Role-Based Access Control model to facilitate information access management in context of team collaboration and workflow

Journal of Biomedical Informatics

An enhancement of the Role-Based Access Control model to facilitate information access management in context of team collaboration and workflow

Journal of Biomedical Informatics

Quantified Score

Hi-index	0.00

Visualization

Abstract

We previously developed an enhanced Role-Based Access Control (RBAC) model to support information access management in the context of team collaboration and workflow. We report in this paper a generic system framework to implement the enhanced RBAC with three functional layers: (1) encoding of access control policies; (2) interpretation of the encoded policies; and (3) application of policies to specific cases and scenarios for information access management. Based on this system framework, we have successfully applied the enhanced RBAC model to the New York State HIV Clinical Education Initiative (CEI) for coordination of clinical education programs. An evaluation has shown that the enhanced RBAC can be effectively used for information access management in collaborative processes. Future work includes extension of this system framework to support the continuous development of the enhanced RBAC and deployment of it to other domain applications for clinical education, biomedical research, and patient care.