Cassandra: Flexible trust management, applied to electronic health records

Proceedings of the Computer Security Foundations Workshop

Volumn 17, Issue , 2004, Pages 139-154

  Becker, Moritz Y ^a   Sewell, Peter ^a  

^a UNIVERSITY OF CAMBRIDGE   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

APPROXIMATION THEORY; COMPUTATIONAL METHODS; CONSTRAINT THEORY; DATABASE SYSTEMS; HIERARCHICAL SYSTEMS; QUERY LANGUAGES;

ACCESS CONTROL; AD HOC FEATURES; APPLICATION CODE; ELECTRONIC HEALTH RECORDS;

DISTRIBUTED COMPUTER SYSTEMS;

EID: 4944223328     PISSN: 10636900     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (49)

1. S. Abiteboul, R. Hull, and V. Vianu. Foundations of databases. Addison-Wesley, 1995.
2. G.-J. Ahn and R. Sandhu. Role-based authorization constraints specification. ACM Transactions on Information and System Security, 3(4):207-226, 2000.
3. R. Anderson. A security policy model for clinical information systems. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 30-42, 1996.
4. N. Baker and H. Sondergaard. Definiteness analysis for CLP(R). In Australian Computer Science Conference, pages 321-332, 1993.
5. M. Y. Becker. Cassandra policies for a national EHR architecture, http://wwv.cl.cam.ac.uk/users/mywyb2/policy.
6. M. Y. Becker and P. Sewell. Cassandra: distributed access control policies with tunable expressiveness. In Policy Workshop, June 2004.
7. M. Blaze, I. Feigenbaum, J. loannidis, and A. D. Kerornytis. RFC 2704: The KeyNote trust management system version 2, 1999.
8. M. Blaze, J. Feigenbaum, and A. D. Keromytis. KeyNote: Trust management for public-key infrastructures (position paper). Lecture Notes in Computer Science, 1550:59-63, 1999.
9. M. Blaze, J. Feigenbaum, and A. D. Keromytis. The role of trust management in distributed systems security. In Secure Internet Programming, pages 185-210, 1999.
10. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In IEEE Symposium on Security and Privacy, pages 164-173, 1996.
11. W. Chen and D. S. Warren. Towards effective evaluation of general logic programs. Technical report, State University of New York at Stony Brook, 1993.
12. D. Clarke, J.-E. Elien, C. Ellison, M. Fredette, A. Morcos, and R. L. Rivest. Certificate chain discovery in SPKI/SDSI. Journal of Computer Security, 9(4):285-322, 2001.
13. T. Collins. Doctors express alarm at plans to store patient data without consent (15/07/03). Computer Weekly, 2003.
14. T. Collins. How the national programme came to be the health service's riskiest IT project (16/09/03). Computer Weekly, 2003.
15. T. Collins and M. Simons. NHS plan branded a 'farce' (03/06/03). Computer Weekly, 2003.
16. A. Cornwall. Electronic health records: an international perspective. Health Issues, 73, 2002.
17. M. Cross. NHS spree revealed (12/06/03). The Guardian, 2003.
18. N. Damianou, N. Dulay, E. Lupu, and M. Sloman. The Ponder policy specification language. In Policy Workshop, 2001.
19. Department of Health, UK. Building the information core: Implementing the NHS plan. 2001.
20. Department of Health, UK. Building the information core: Protecting and using confidential patient information. 2001.
21. Department of Health, UK. Legal and policy constraints on electronic records. 2002.
22. Foundation for Information Policy Research. NHS confidentiality consultation - FIPR response. February 2003. http://www.cl.cam.ac.uk/users/ rjal4/f iprmedconf.html.
23. N. Gaunt. Confidentiality and consent: Use cases applicable to shared electronic health record. S&W Devon ERDIP Project, 2003.
24. L. Giuri and P. Iglio. Role templates for content-based access control. In Proceedings of the 2nd ACM Workshop on Role-Based Access Control (RBAC-97), pages 153-159, 1997.
25. J. Y. Halpem and V. Wdssman. Using first-order logic to reason about policies. In Proceedings of the Computer Security Foundations Workshop (CSFW'03), 2003.
26. R. Hayton, J. Bacon, and K. Moody. OASIS: Access control in an open distributed environment. In Proceedings of the 1998 IEEE Symposium on Security and Privacy, pages 3-14, 1998.
27. J. Jaffar and M. J. Maher. Constraint logic programming: a survey. Journal of Logic Programming, 19/20:503-581, 1994.
28. S. Jajodia, P. Samarati, M. Sapino, and V. S. Subrahmanian. Flexible support for multiple access control policies. ACM Transactions on Database Systems, 26(2):214-260, 2001.
29. T. Jim. SD3: A trust management system with certified evaluation. In Proceedings of the 2001 IEEE Symposium on Security and Privacy, pages 106-115, 2001.
30. J. B. D. Joshi, B. Shafiq, A. Ghafoor, and E. Bertino. Dependencies and separation of duty constraints in GTRBAC. In Proceedings of the eighth ACM symposium on Access control models and technologies, pages 51-64. ACM Press, 2003.
31. N. Li, B. N. Grosof, and J. Feigenbaum. Delegation Logic: a logic-based approach to distributed authorization. ACM Transactions on Information and System Security, pages 128-171, 2003.
32. N. Li and J. C. Mitchell. Datalog with constraints: A foundation for trust management languages. In Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages, pages 58-73, 2003 2003.
33. N. Li, J. C. Mitchell, and W. H. Winsborougb, Design of a role-based trust management framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 114-130, 2002.
34. E. C. Lupu and M. Sloman. Reconciling role-based management and role-based access control In ACM Workshop on Role-based Access Control, pages 135-141, 1997.
35. National Health Service, UK. The Caldicott committee: report on the review of patient-identifiable information. 1997.
36. National Health Service, UK. Information for health: an information strategy for the modern NHS 1998-2005. 1998.
37. National Health Service, UK. ERDIP evaluation: Technical options for the implementation of electronic health record nationally. 2002.
38. National Health Service, UK. Integrated Care Records Service: Output based specification version 2. 2003.
39. M. Palmer. A complex operation for the NHS spine (14/08/03). Computer Weekly, 2003.
40. P. Revesz. Introduction to constraint databases. Springer Verlag, 2002.
41. J. Rogers. GPs voice patient confidentiality concerns (20/05/03). Computer Weekly, 2003.
42. R. Sandhu. Rationale for the RBAC96 family of access control models. In Proceedings of the 1st ACM Workshop on Role-Based Access Control, 1997.
43. R. Sandhu, V. Bhamidipati, E. Coyne, S. Canta, and C. Youman. The ARBAC97 model for role-based administration of roles: Preliminary description and outline. In Proceedings of 2nd ACM Workshop on Role-Based Access Control, pages 41-54, 1997.
44. A. Sommerville, N.-J. Macdonald, and R. Weston. Medical Ethics Today: Its Practice and Philosophy. British Medical Association, BMI Publishing Group, 1993.
45. D. Toman. Memoing evaluation for constraint extensions of datalog. Conjlrainte,2(3/4):337-359, 1997.
46. W. Winsborough, K. Seamons, and V. Jones. Automated trust negotiation. In DARPA Information Survivability Conference and Exposition, volume 1, pages 88-102, 2000.
47. W. H. Winsborough and N. Li. Towards practical automated trust negotiation. In Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks, pages 92-103, 2002.
48. W. Yao, K. Moody, and J. Bacon. A model of OASIS rolebased access control and its support of active security. ACM Transactions on Information and System Security, 5(4), 2002.
49. L. Zhang, G.-J. Ahn, and B.-T. Chu. A rule-based framework for role-based delegation and revocation. ACM Transactions on Information and System Security, 6(3):404-441,2003.