Role-Based Access Control Models
Computer
Trust requirements in e-business
Communications of the ACM
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Identity management and its support of multilateral security
Computer Networks: The International Journal of Computer and Telecommunications Networking
Dynamically authorized role-based access control for secure distributed computation
Proceedings of the 2002 ACM workshop on XML security
A stratification-based approach for handling conflicts in access control
Proceedings of the eighth ACM symposium on Access control models and technologies
An integrated approach to engineer and enforce context constraints in RBAC environments
ACM Transactions on Information and System Security (TISSEC)
A Study on How to Classify the Security Rating of Medical Information Neural Network
ISNN '07 Proceedings of the 4th international symposium on Neural Networks: Part II--Advances in Neural Networks
Extending access control models with break-glass
Proceedings of the 14th ACM symposium on Access control models and technologies
Role based access control for a medical database
SEA '07 Proceedings of the 11th IASTED International Conference on Software Engineering and Applications
Context-Based Constraints in Security: Motivations and First Approach
Electronic Notes in Theoretical Computer Science (ENTCS)
Access control requirements for processing electronic health records
BPM'07 Proceedings of the 2007 international conference on Business process management
MeD-Lights: a usable metaphor for patient controlled access to electronic health records
Proceedings of the 1st ACM International Health Informatics Symposium
Cryptography based access control in healthcare web systems
2010 Information Security Curriculum Development Conference
A survey of security issue in multi-agent systems
Artificial Intelligence Review
Spatial context in role-based access control
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Development of mobile hybrid medintegraweb app for interoperation between u-RPMS and HIS
ICCSA'12 Proceedings of the 12th international conference on Computational Science and Its Applications - Volume Part III
Context-awareness: exploring the imperative shared context of security and ubiquitous computing
Proceedings of the 14th International Conference on Information Integration and Web-based Applications & Services
| Hi-index | 0.00 |
This paper describes an application of authorization and access control based on the Role Based Access Control (RBAC) method and integrated in a comprehensive trust infrastructure of a health care application. The method is applied to a health care business process that involves multiple actors accessing data and resources needed for performing clinical and logistics tasks in the application. The notion of trust constituency is introduced as a concept for describing the context of authorisation. In addition, the applied RBAC covers time constraints, hierarchies and multi-level authorization rules for coping with the multi-actor nature and the complexity of the application domain. The DRIVE RBAC model clearly distinguishes between static role assignment to users and dynamic allocation of roles at session time. The paper, while focusing on the authorization and access control approach, also describes how the RBAC functions have been integrated in a trust infrastructure including smart cards.