A context-related authorization and access control method based on RBAC: A case study from the health care domain

Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002)

Volumn , Issue , 2002, Pages 117-124

  Wilikens, Marc ^a   Feriti, Simone ^b   Sanna, Alberto ^b   Masera, Marcelo ^a  

^a JOINT RESEARCH CENTRE   (Italy)

^b SAN RAFFAELE HOSPITAL   (Italy)

Author keywords

Role based access control (RBAC); Secure health care system; Trust infrastructure

Indexed keywords

CONSTRAINT THEORY; DATA ACQUISITION; HEALTH CARE; MATHEMATICAL MODELS; MEDICAL COMPUTING; RESOURCE ALLOCATION; SMART CARDS;

HEALTH CARE BUSINESS PROCESS; ROLE BASED ACCESS CONTROL;

SECURITY OF DATA;

EID: 0242709331     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (12)

1. Baker, Dixie. "PCASSO: A model for Safe Use of the Internet in healthcare". Journal of American Health Information Management Association (AHIMA), March 2000.
2. Bertino, E., Bonatti, P., Ferrari, E. "TRBAC: A Temporal Role-based Access Control Model". ACM Transactions on Information and System Security, 4(3), 2001
3. Clauss, S., Kohntopp, M. "Identity management and its support of multilateral security". In Computer Networks 37 (2001) 205-219, Elsevier Science B.V.
4. Common Criteria for Information Technology Security Evaluation. CC version 2.1, August 1999. (aligned with ISO 15408:1999). Common Criteria project Sponsoring Organisations.
5. Ferraiolo, Cugini, Kuhn "Role Based Access Control: Features and Motivations". Computer Security Applications Conference, 1995.
6. Ferraiolo, D. F., Sandhu, R., Gavrila, S., Kuhn, D. R., Chandramouli, R.: "A proposed standard for Role-Based Access Control" December 18, 2000.
7. Health Informatics: Public Key Infrastructure: Part 1: Framework and overview. ISO/TC 215 N188, Draft Technical Specification ISO/DTS 17090-1.
8. ISO TC 215/wg2: Healthcare Informatics - Trusted End-to-End Information flows. Technical report, 1 November 2000.
9. Jones, S., Wilikens, M., Morris, P., Masera, M. "Trust requirements in e-Business", Communications of the ACM (Association for Computing), Vol. 43, No 12, December 2000.
10. Mavridis, I., Georgiadis, C., Pangalis, G., Khair, M.: "Access Control based on Attribute Certificates for Medical Intranet Applications". Journal of Medical Internet Research (JMIR) 2001:3(1):e9.
11. OASIS: Organization for the Advancement of Structured Information Standards. eXtensible Access Control Markup Language (XACML). See http://www.oasis-open.org/committees/xacml/
12. Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E., Role-based access control models. IEEE Computer, 29 (2), February 1996.