User-managed access control for health care systems

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 3674 LNCS, Issue , 2005, Pages 63-72

  Chinaei, Amir H ^a   Tompa, Frank Wm ^a  

^a UNIVERSITY OF WATERLOO   (Canada)

Author keywords

[No Author keywords available]

Indexed keywords

CONTROL SYSTEMS; DATA PRIVACY; DATABASE SYSTEMS; HEALTH CARE; XML;

CORPORATE POLICY; HEALTH CARE SYSTEMS; ROLE BASED ACCESS CONTROL; USER-MANAGED ACCESS CONTROL;

SECURITY OF DATA;

EID: 33646164415     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/11552338_5     Document Type: Conference Paper

References (26)

1. M. A. Al-Kahtani and R. Sandhu. Induced Role Hierarchies with Attribute-Based RBAC. In Proc. of the 8th ACM Symposium on Access Control Models and Technologies, pp. 12-20, June 2003.
2. D. Bell and L. LaPadula. Secure Computer System: Unified Exposition and Multics Interpretation. Technical Report, ESD-TR-75-306, The MITRE Corp, March 1976.
3. E. Bertino, S. Jajodia, and P. Samarati. A Flexible Authorization for Relational Data Management Systems. ACM Transactions on Information Systems, vol. 17, no. 2, pp. 101-140, April 1999.
4. K. J. Biba. Integrity Considerations for Secure Computer Systems. Technical Report, ESD-TR-76-372, USAF Electronic Systems Division, April 1977.
5. R. A. Botha and J. H. P. Eloff. Separation of Duties for Access Control Enforcement in Workflow Environments. IBM Systems Journal, vol. 40, no. 3, pp. 666-682, 2001.
6. S. Damodaran and C. Adams. XACML- Summary of Use Cases. http://xml.coverpages.org/RLTC-XACML-Reqs200207.pdf. 2001.
7. D. F. Ferraiolo, G. J. Ahn, R. Chandramouli, and S. I. Gavrila. The Role Control Center: Features and Case Studies. In Proc. of the 8th ACM Symposium on Access Control Models and Technologies, pp. 12-20, June 2003.
8. D.F. Ferraiolo and D.R. Kuhn. Role Based Access Control. In Proc. of the 15th NIST-NCST National Computer Security Conference, pp. 554-563, October 1992.
9. R. Focardi and R. Gorrieri. Non Interference: Past, Present and Future. In Proc. of DARPA Workshop on Foundations for Secure Mobile Code, 1997.
10. J. Goguen and J. Meseguer. Security Policy and Security Models. In Proc. of the 1982 IEEE Symposium on Security and Privacy, pp. 11-20, IEEE Computer Society Press, April 1982.
11. G. S. Graham and P. J. Denning. Protection - Principles and Practice. In Proc. of AFIPS Spring Joint Computr Conference, vol. 40, 1972.
12. P. P. Griffith and B. W. Wade, An Authorization Mechanism for a Relational Database System, ACM Transactions on Database Systems, vol. 1, no. 3, pp. 242-255, 1976.
13. M. A. Harrison, W. L. Ruzzo, and J. D. Ullman. Protection in Operating Systems. Communications of ACM. vol. 19, no. 8, August 1976.
14. W.A. Jansen. Inheritance Properties of Role Hierarchies. In Proc. of the 21st NIST-NCSC National Information Systems Security Conference, October 1998.
15. A. K. Jones, R. J. Lipton, and L. Snyder. A Linear Time Algorithm for Deciding Security. In Proc. of Foundations of Computer Science '76, pp. 33-41, IEEE, 1976.
16. V. E. Jones. Access Control for Client Server Object Databases. Ph.D. Thesis, Department of Computer Science, University of Illinois at Urbana-Champaign, 1997.
17. J. B. D. Joshi, and B. Shafigh. Dependencies and Separation of Duty Constraints in GTRBAC. In Proc. of the 8th ACM Symposium on Access Control Models and Technologies, pp. 51-64, June 2003.
18. M. Kudo. Use Cases for Access Control on XML Resources, http://www.oasis-open.org/ committees/xacml/docs /UseCase.doc. 2001.
19. D.R. Kuhn. Mutual Exclusion of Roles as a Means of Implementing Separation of Duty in Role-Based Access Control Systems. Second ACM Workshop on Role-Based Access Control, pp. 23-30, November 1997.
20. B. W. Lampson. Protection. In Proc. of the 5th Annual Princeton Conference on Information Sciences and Systems, pp. 437-443, March 1971.
21. J. S. Park, and J. Hwang. Role-based Access Control for Collaborative Enterprise in Peer-to-Peer Computing Environments. In Proc. of the 8th ACM Symposium on Access Control Models and Technologies, pp. 93-99, June 2003.
22. R. Sandhu. Lattice-Based Access Control Models. IEEE Computer, vol. 26, no. 11, pp. 9-19, November 1993.
23. R. Sandhu. The Typed Access Matrix Model. In Proc. of the IEEE Symposium on Security and Privacy, pp. 122-136, 1992.
24. H. F. Wedde, and M. Lischka. Cooperative Role-Based Administration. In Proc. of the 8th ACM Symposium on Access Control Models and Technologies, pp. 21-32, June 2003.
25. T. Yu, D. Srivastava, L. V. S. Lakshmanan, and H. V. Jagadish. Compressed Accessibility Map: Efficient Access Control for XML. In Proc. of Very Large Data Bases, pp. 478-489, August 2002.
26. D. Zhuo. On Fine-Grained Access Control for XML. Master's Thesis, School of Computer Science, University of Waterloo, 2003.