The Secure Authorization Model for Healthcare Information System

Authors:
Wen-Shin Hsu;Jiann-I Pan
Affiliations:
Institute of Medical Science, Tzu Chi University, Hualien, Republic of China;Department of Medical Informatics, Tzu Chi University, Hualien, Republic of China
Venue:
Journal of Medical Systems
Year:
2013

Citing 7
Cited 1

Role-Based Access Control Models

Computer
TRBAC: A temporal role-based access control model

ACM Transactions on Information and System Security (TISSEC)
A role-based delegation framework for healthcare information systems

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A Role-Based Access Control for Intranet Security

IEEE Internet Computing
A case study in access control requirements for a Health Information System

ACSW Frontiers '04 Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation - Volume 32
A new security scheme for e-health system

CTS '09 Proceedings of the 2009 International Symposium on Collaborative Technologies and Systems
Delivering a Lifelong Integrated Electronic Health Record Based on a Service Oriented Architecture

IEEE Transactions on Information Technology in Biomedicine

A New Method Based on Adaptive Discrete Wavelet Entropy Energy and Neural Network Classifier (ADWEENN) for Recognition of Urine Cells from Microscopic Images Independent of Rotation and Scaling

Journal of Medical Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Exploring healthcare system for assisting medical services or transmitting patients' personal health information in web application has been widely investigated. Information and communication technologies have been applied to the medical services and healthcare area for a number of years to resolve problems in medical management. In the healthcare system, not all users are allowed to access all the information. Several authorization models for restricting users to access specific information at specific permissions have been proposed. However, as the number of users and the amount of information grows, the difficulties for administrating user authorization will increase. The critical problem limits the widespread usage of the healthcare system. This paper proposes an approach for role-based and extends it to deal with the information for authorizations in the healthcare system. We propose the role-based authorization model which supports authorizations for different kinds of objects, and a new authorization domain. Based on this model, we discuss the issues and requirements of security in the healthcare systems. The security issues for services shared between different healthcare industries will also be discussed.