Behavior-Based Access Control for Distributed Healthcare Environment

Yarmand, Mohammad H.; Sartipi, Kamran; Down, Douglas G.

doi:10.1109/cbms.2008.14

Cited by 12 publications

(6 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, other features for confidentiality, privacy and provenance control are frequently available. All studies presented some authorization mechanism for health data integration through semantic web technologies [6,15,16,18,32,35,36,38,39,47,[50][51][52]57,60]. However, only a few have implemented additional features for authentication [16,18,36,38,51,57], confidentiality [16,18], privacy [16,18,39,47,52], and provenance [47].…”

Section: Access Controlmentioning

confidence: 99%

Security approaches for electronic health data handling through the Semantic Web: A scoping review

Lima

Alves

Bernardi

et al. 2023

View full text Add to dashboard Cite

Integration of health information systems are crucial to advance the effective delivery of healthcare for individuals and communities across organizational boundaries. Semantic Web technologies may be used to connect, correlate, and integrate heterogeneous datasets spread over the internet. However, when working with sensitive data, such as health data, security mechanisms are needed. A scoping review of the literature was undertaken to provide a broad view of security mechanisms applied to, or along with, Semantic Web technologies that could allow its use with health data. Searches were conducted in the most relevant databases for the scope of this work. The findings were classified according to the main objective and features presented by each solution. Twenty-six studies were included in the review. They introduced mechanisms that addressed several security attributes, such as authentication, authorization, integrity, availability, confidentiality, privacy, and provenance. These mechanisms support access control frameworks, semantic and functional interoperability infrastructures, and privacy compliance solutions. The findings suggest that the application and use of Semantic Web technologies is still growing, with the healthcare area being particularly interested. The main security mechanisms for Semantic Web technologies, the key security attributes and properties, and the main gaps in the literature were identified, helping to understand the technical needs to mitigate the risks of handling personal health information over the Semantic Web. Also, this research has shown that complex and robust solutions are available to successfully address several security properties and features, depending on the context that the electronic health data is being managed.

show abstract

Section: Access Controlmentioning

confidence: 99%

Security approaches for electronic health data handling through the Semantic Web: A scoping review

Lima

Alves

Bernardi

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Weerasinghe et al [30] present a security capsule with token management architecture in order to have secure transmission and data storage on device. Some models also use access control for healthcare systems based on users behaviours [31]. In [33] the authors propose a role-based prorogate framework.…”

Section: Healthcare Information Systemsmentioning

confidence: 99%

A Trust-Based Framework for Information Sharing Between Mobile Health Care Applications

Behrooz

Marsh

2016

Trust Management X

View full text Add to dashboard Cite

The use of information systems in the health care area, specifically in Mobile health care, can result in delivering high quality and efficient patient care. At the same time, using electronic systems for sharing information contributes to some challenges regarding privacy and access control. Despite the importance of this issue, there is a lack of frameworks in this area. In this paper, we propose a trust-based model for information sharing between mobile health care applications. This model consists of two parts, the first part calculates the needed amount of trust for sharing a specific part of information for each user, and the second part calculates the (contextual) current existing amount of trust. A decision for sharing information would be made based on a comparison between the components. To examine the model, we provide different scenarios. Using mathematical analysis, we illustrate how the model works in those scenarios.

show abstract

“…Securing the processing of private data in distributed environment has been the subject of intense research, given the rise of social network and e-health systems. Many researches have contributed to this aspect ranging from access control, usage control, usage policy expression languages, secure communication protocol, and enforcement of usage policy (Li and Hoang, 2009;Russello et al, 2008;Lillian, 2008;yarmand et al, 2008). Among them, enforcing the privacy-aware usage policy is the main challenge, given the fact that, in distributed environment, the direct control on data is not possible.…”

Section: Motivation and Related Workmentioning

confidence: 99%

Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare

Rath

Colin

2013

IJSN

View full text Add to dashboard Cite

Enforcing the purpose of data usage means to ensure that data are used as it intends for and that excessive usage cannot happen. In general, the enforcement of purpose is a complicated task. The main difficulty is to identify the purpose of an agent when it requests to perform an action. In this paper, we discuss the design issue of usage purpose enforcement model based on our proposed enforcement structure: pre-, ongoing-, and post-enforcement. We also propose an enforcement solution for usage control designed for distributed healthcare information system, particularly, the pre-and ongoing-enforcement of purpose. Furthermore, we validate our model with a prototype developed in Java.Reference to this paper should be made as follows: Rath, A.T. and Colin, J-N. (2013) 'Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare', Int.

show abstract

Behavior-Based Access Control for Distributed Healthcare Environment

Cited by 12 publications

References 25 publications

Security approaches for electronic health data handling through the Semantic Web: A scoping review

Security approaches for electronic health data handling through the Semantic Web: A scoping review

A Trust-Based Framework for Information Sharing Between Mobile Health Care Applications

Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare

Contact Info

Product

Resources

About