Role-Based Access Control Models
Computer
Temporal sequence learning and data reduction for anomaly detection
ACM Transactions on Information and System Security (TISSEC)
Role-based access control on the web
ACM Transactions on Information and System Security (TISSEC)
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
The Value of Intrusion Detection Systems in Information Technology Security Architecture
Information Systems Research
Application of SVM and ANN for intrusion detection
Computers and Operations Research
Journal of Biomedical Informatics - Special issue: Human-centered computing in health information systems. Part 2: Evaluation
HIT and MIS: implications of health information technology and medical information systems
Communications of the ACM - The digital society
Beyond streams and graphs: dynamic tensor analysis
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
How to Break Access Control in a Controlled Manner
CBMS '06 Proceedings of the 19th IEEE Symposium on Computer-Based Medical Systems
A Study of Access Control Requirements for Healthcare Systems Based on Audit Trails from Access Logs
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Continuous auditing with a multi-agent system
Decision Support Systems
Insider Attack and Cyber Security: Beyond the Hacker (Advances in Information Security)
Insider Attack and Cyber Security: Beyond the Hacker (Advances in Information Security)
Situation-Based Access Control: Privacy management via modeling of patient data access scenarios
Journal of Biomedical Informatics
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Towards improved privacy policy coverage in healthcare using policy refinement
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Detection of anomalous insiders in collaborative environments via relational analysis of access logs
Proceedings of the first ACM conference on Data and application security and privacy
Learning relational policies from electronic health record access logs
Journal of Biomedical Informatics
Rumpole: a flexible break-glass access control model
Proceedings of the 16th ACM symposium on Access control models and technologies
Proceedings of the VLDB Endowment
IEEE Security and Privacy
Considering complexity in healthcare systems
Journal of Biomedical Informatics
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
A contextual role-based access control authorization model for electronic patient record
IEEE Transactions on Information Technology in Biomedicine
Probabilistic techniques for intrusion detection based on computer audit data
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Access control: principle and practice
IEEE Communications Magazine
RBAC-Matrix-Based EMR Right Management System to Improve HIPAA Compliance
Journal of Medical Systems
Detecting Anomalous User Behaviors in Workflow-Driven Web Applications
SRDS '12 Proceedings of the 2012 IEEE 31st Symposium on Reliable Distributed Systems
Hi-index | 0.00 |
In electronic medical record (EMR) systems, administrators often provide EMR users with broad access privileges, which may leave the system vulnerable to misuse and abuse. Given that patient care is based on a coordinated workflow, we hypothesize that care pathways can be represented as the progression of a patient through a system and introduce a strategy to model the patient’s flow as a sequence of accesses defined over a graph. Elements in the sequence correspond to features associated with the access transaction (e.g., reason for access). Based on this motivation, we model patterns of patient record usage, which may indicate deviations from care workflows. We evaluate our approach using several months of data from a large academic medical center. Empirical results show that this framework finds a small portion of accesses constitute outliers from such flows. We also observe that the violation patterns deviate for different types of medical services. Analysis of our results suggests greater deviation from normal access patterns by nonclinical users. We simulate anomalies in the context of real accesses to illustrate the efficiency of the proposed method for different medical services. As an illustration of the capabilities of our method, it was observed that the area under the receiver operating characteristic (ROC) curve for the Pediatrics service was found to be 0.9166. The results suggest that our approach is competitive with, and often better than, the existing state-of-the-art in its outlier detection performance. At the same time, our method is more efficient, by orders of magnitude, than previous approaches, allowing for detection of thousands of accesses in seconds.