A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems

Choi, Donghee; Kim, Do-Hoon; Park, Seog

doi:10.1155/2015/265132

Cited by 21 publications

(12 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As a result, three of the existing model shows the relationship involving the adaptation of risk metrics into RBAC model [31], [33], [34]. This concept supports the statement regarding access control evolution to adapt with flexible and dynamic features in cloud computing.…”

Section: Risk-adaptable Access Control (Radac)supporting

confidence: 63%

See 1 more Smart Citation

Towards Secure Risk-Adaptable Access Control in Cloud Computing

Abdullah

Bakar

2018

ijacsa

View full text Add to dashboard Cite

The emergence of pervasive cloud computing has supported the transition of physical data and machine into virtualization environment. However, security threat and privacy have been identified as a challenge to support the widespread adoption of cloud among user. Moreover, user awareness on the importance of cloud computing has increase the needs to safeguard the cloud by implementing access control that works on dynamic environment. Therefore, the emergence of Risk-Adaptable Access Control (RAdAC) as a flexible medium in handling exceptional access request is a great countermeasure to deal with security and privacy challenges. However, the rising problem in safeguarding users' privacy in RAdAC model has not been discussed in depth by other researcher. This paper explores the architecture of cloud computing and defines the existing solutions influencing the adoption of cloud among user. At the same time, the obscurity factor in protecting privacy of user is found within RAdAC framework. Similarly, the two-tier authentication scheme in RAdAC has been proposed in responding to security and privacy challenges as shown through informal security analysis.

show abstract

Section: Risk-adaptable Access Control (Radac)supporting

confidence: 63%

“…Thus, this research has been the benchmark for this paper in designing the architecture of proposed authentication scheme. Afterwards, most of previous works bypass the need to protect privacy of user in developing risk based access control model [28], [31], [32].…”

Section: Risk-adaptable Access Control (Radac)mentioning

confidence: 99%

Towards Secure Risk-Adaptable Access Control in Cloud Computing

Abdullah

Bakar

2018

ijacsa

View full text Add to dashboard Cite

show abstract

“…Then the estimated risk value is checked against access policies to make the access decision, i.e., whether to grant or deny access. One example of this is [49], in which Choi et al offer an approach and framework for context-sensitive risk-based access control suitable for medical information systems. This approach categorizes context information, estimating and applying risk through context-based and treatment-based permission profiling and specifications by expanding the eXtensible Access Control Markup Language (XACML) to apply risk.…”

Section: ) Risk-based Access Controlmentioning

confidence: 99%

ARANAC: A Bring-Your-Own-Permissions Network Access Control Methodology for Android Devices

et al. 2021

View full text Add to dashboard Cite

In this paper, we introduce a new methodology for network access control for Android devices based on app risk assessment. Named ARANAC (which stands for Application Risk Assessment based Network Access Control), this methodology is specially tailored for scenarios using the Bring-Your-Own-Device (BYOD) policy, where the adoption of some solutions can lead to problems in security and privacy for both the employees and the business organization. ARANAC mainly relies on the analysis of an aggregate of permissions declared in the manifests of installed applications on users' devices. The access control scheme combines three operational modules: i) a device monitoring tool, ii) a novel permission-based risk model, and iii) an anomaly-based detection machine learning module based on a methodology (called MSNM, from Multivariate Statistical Network Monitoring) that provides both detection and diagnostic capabilities. ARANAC's novelty is in the combination of four features. Firstly, it is privacy-aware, and thus, it does not require detailed information about installed applications but only an aggregate of permissions. Secondly, it builds a normality model by combining expert knowledge with data, capturing the behavior of a complete population of mobile devices. Thirdly, it is dynamic, as permissions are updated in real time, allowing the network to re-assess access control on a continuous basis. Finally, its diagnostic capabilities allow for giving recommendations to final users so that they are capable of mitigating their risks when accessing networks. We evaluated the approach with more than 80 Android devices at a university campus network and obtained interesting results regarding security risks in the usual deployment of device apps.INDEX TERMS Android permissions, bring-your-own-device, mobile security, network access control, risk assessment.

show abstract

“…The access control policies are proper techniques used for privacy-preserving. Most of time, hybrid access control policies are adopted to propose a privacy-preserving access control mechanisms [28]- [33]. It is common to use the combination of the access control and the pseudonymization in one privacy-preserving scheme, which stores the users' data in an anonymized manner, and shared the anonymized data according to the access control policies.…”

Section: B Access Control Based Schemes For Ehealthcare Systemmentioning

confidence: 99%

Achieve Privacy-Preserving Priority Classification on Patient Health Data in Remote eHealthcare System

Wang

Guan

2019

IEEE Access

View full text Add to dashboard Cite

The wireless body area network (WBAN) has attracted considerable attention and becomes a promising approach to provide a 24-h on-the-go healthcare service for users. However, it still faces many challenges on the privacy of users' sensitive personal information and the confidentiality of healthcare center's disease models. For this reason, many privacy-preserving schemes have been proposed in recent years. However, the efficiency and accuracy of those privacy-preserving schemes become a big issue to be solved. In this paper, we propose an efficient and privacy-preserving priority classification scheme, named PPC, for classifying patients' encrypted data at the WBAN-gateway in a remote eHealthcare system. Specifically, to reduce the system latency, we design a non-interactive privacy-preserving priority classification algorithm, which allows the WBAN-gateway to conduct the privacy-preserving priority classification for the received users' medical packets by itself and to relay these packets according to their priorities (criticalities). A detailed security analysis shows that the PPC scheme can achieve the priority classification and packets relay without disclosing the privacy of the users' personal information and the confidentiality of the healthcare center's disease models. In addition, the extensive experiments with an android app and two java server programs demonstrate its efficiency in terms of computational costs and communication overheads.

show abstract

A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems

Cited by 21 publications

References 16 publications

Towards Secure Risk-Adaptable Access Control in Cloud Computing

Towards Secure Risk-Adaptable Access Control in Cloud Computing

ARANAC: A Bring-Your-Own-Permissions Network Access Control Methodology for Android Devices

Achieve Privacy-Preserving Priority Classification on Patient Health Data in Remote eHealthcare System

Contact Info

Product

Resources

About