Logics of time and computation
Logics of time and computation
Temporal verification of reactive systems: safety
Temporal verification of reactive systems: safety
Role-Based Access Control Models
Computer
Access control for large collections
ACM Transactions on Information Systems (TOIS)
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
TRBAC: a temporal role-based access control model
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Flexible team-based access control using contexts
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
A model for role administration using organization structure
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
STeP: The Stanford Temporal Prover
TAPSOFT '95 Proceedings of the 6th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
A First Step Towards Formal Verification of Security Policy Properties for RBAC
QSIC '04 Proceedings of the Quality Software, Fourth International Conference
Isabelle/HOL: a proof assistant for higher-order logic
Isabelle/HOL: a proof assistant for higher-order logic
Articulating and enforcing authorisation policies with UML and OCL
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Role based access control for a medical database
SEA '07 Proceedings of the 11th IASTED International Conference on Software Engineering and Applications
Capability-based delegation model in RBAC
Proceedings of the 15th ACM symposium on Access control models and technologies
Modular context-aware access control for medical sensor networks
Proceedings of the 15th ACM symposium on Access control models and technologies
Validation of security-design models using Z
ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
Specification and validation of authorisation constraints using UML and OCL
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Federation and security aspects for the management of the EHR in italy
ADNTIIC'11 Proceedings of the Second international conference on Advances in New Technologies, Interactive Interfaces and Communicability
| Hi-index | 0.00 |
Many healthcare organizations have transited from their old and disparate business models based on ink and paper to a new, consolidated ones based on electronic patient records. There are significant demands on secure mechanisms for collaboration and data sharing among clinicians, patients and researchers through clinical information systems. In order to fulfil the high demands of data protection in such systems, we believe that access control policies play an important role to reduce the risks to confidentiality, integrity, and availability of medical data. In this paper, we attempt to formally specify access control policies in clinical information systems which are highly dynamic and complex environments. We leverage characteristics of temporal linear first-order logic to cope with dynamic access control policies in clinical information systems.