Implementing context and team based access control in healthcare intranets

Medical Informatics and the Internet in Medicine

Volumn 27, Issue 3, 2002, Pages 185-201

  Georgiadis, Christos K ^a   Mavridis, Ioannis K ^a   Nikolakopoulou, Georgia ^a   Pangalos, George I ^a  

^a ARISTOTLE UNIVERSITY OF THESSALONIKI   (Greece)

Author keywords

Access control; Active security; Attribute certificates; Contexts; Information systems security; Teams

Indexed keywords

ACCESS TO INFORMATION; ARTICLE; COMPUTER MODEL; COMPUTER PROGRAM; COMPUTER SECURITY; COMPUTER SYSTEM; DATA BASE; HEALTH CARE SYSTEM; HUMAN; HUMAN COMPUTER INTERACTION; INTRANET; MEDICAL INFORMATION SYSTEM; PRIVACY;

COMPUTER COMMUNICATION NETWORKS; COMPUTER SECURITY; COMPUTER SIMULATION; CONFIDENTIALITY; DATABASE MANAGEMENT SYSTEMS; EFFICIENCY, ORGANIZATIONAL; GREECE;

EID: 80051743310     PISSN: 14639238     EISSN: None     Source Type: Journal    
DOI: 10.1080/1463923021000042715     Document Type: Article

References (20)

1. GRIMSON, J., GRIMSON, W., and HASSELBRING W., 2000, The System Integration (SI) Challenge in Health Care, Communications of the ACM, 43, 49-55, Vol. 6.
2. GIURI, L., and IGLIO, P., 1997, Role Templates for Content-Based Access Control, Proceedings of the Second ACM Workshop on Role-Based Access Control, RBAC'97, Fairfax, VA, USA. November 1997, pp. 153-159.
3. BEZNOSOV, K., 1998, Requirements for access control: US Healthcare domain, Proceedings of the Third ACM workshop on Role-Based Access Control, RBAC'98, Fairfax, VA, USA. October 1998, pp. 43.
4. LUPU, E., and SLOMAN, M., 1997, Reconciling Role Based Management and Role based Access Control, Proceedings of the Second ACM Workshop on Role-Based Access Control, RBAC'97, Fairfax, VA, USA. November 1997, pp. 135-141.
5. GEPRGIADIS, C. K., MAVRIDIS, I., PANGALOS, G., and THOMAS, R. K., 2001, Flexible Team-based Access Control Using Contexts, Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies, SACMAT 2001, Chantilly, VA, USA. May 2001, pp. 21-27.
6. SANDHU, R., FERRAIOLO, D., and KUHN, R., 2000, The NIST Model for Role-Based Access Control: Towards A Unified Standard, Proceedings of the Fifth ACM Workshop on Role-Based Access Control, RBAC 2000, Technical University of Berlin, Berlin, Germany. July 2000, pp. 47-63.
7. THOMAS, R. K., 1997, Team-Based Access Control (TMAC): A Primitive for Applying Role-Based Access Controls in Collaborative Environments, Proceedings of the Second ACM Workshop on Role-Based Access Control, RBAC 97, Fairfax, VA USA. November 1997, pp. 13-19.
8. GEORGIADIS, C. K., MAVRIDIS, I., and PANGALOS, G., 2000, Context and Role Based Hybrid Access Control for Collaborative Environments, Proceedings of the Fifth Nordic Workshop on Secure IT Systems - Encouraging Co-operation, NORDSEC 2000, Reykjavik, Iceland. October 2000, pp. 225-238.
9. SANDHU, R., 1998, Role-based Access Control, Advances in Computers, 46n Academic Press, 1998.
10. GEORGIADIS, C. K., MAVRIDIS, I., and PANGALOS, G., 2000, Active Security Issues in Healthcare Information Systems, Proceedings of the International Workshop on Emerging Issues in Computer and Systems Sciences, WS-EICSS'00, Stockholm, Sweden. September 2000, pp. 25-34.
11. HYNES, M., 2001, An Analysis of Distributed Network Security Services: Kerberos and Public Key Infrastructure (PKI), Guardent Inc. (white paper), Cisco World magazine, April 2001, http:// www.ciscoworldmagazine.com/webpapers/2001/04_guardent.shtml
12. UML, 1997, Unified Modelling Language Notation Guide version 1.1, Rational Software Corporation, September 1997, http://www.rational.com/uml
13. MAVRIDIS, I., GEORGIADIS, C. K., PANGALOS, G., and KHAIR, M., 2000, Access Control based on Attribute Certificates for Medical Intranet Applications, Journal of Medical Internet Research, JMIR, 2001;3(1):e9, http://www.jmir.org/2001/1/e9
14. ARSENAULT, A., and TURNER, S., 2000, Internet X.509 Public Key Infrastructure PXIX Roadmap, IETF Group, Internet Draft: draft.ietf.pkix.roadmap-06.txt, work in progress, November 2000, http://www.ietf.org/shadow.html
15. FARREL, S., and HOUSLEY, R., 2001, An Internet Attribute Certificate Profile for Authorization, IETF Group, Internet Draft: draft.ietf.pkix.ac509prof-09.txt, work in progress, June 2001, http:// www.ietf.org/shadow.html
16. LINN, J., and NYSTROM, M, 1999, Attribute Certification: An Enabling Technology for Delegation and Role-Based Controls in Distributed Environments, Proceedings of the Forth ACM Workshop on Role-Based Access Control, RBAC'99, Fairfax, VA, USA. October 1999, pp. 121-129.
17. OAS, 1999, Oracle Application Server Administration Guide (A60172-01), Oracle Application Server 4.0 Documentation Set, Oracle Corporation.
18. MAVRIDIS, I., GEORGIADIS, C. K., and PANGALOS, G., 2001, Access-rule Certificates for Secure Distributed Healthcare Applications over the Internet, Proceedings of the Sixth International Symposium on Health Information Management Research (iSHIMR 2001), Halkidiki, Greece. May 2001, pp. 153-168.
19. BESNOSOV, K., and DENG, Y., 1999, A Framework for Implementing Role-based Access Control Using CORBA Security Service, Proceedings of the Fourth ACM Workshop on Role-Based Access Control, RBAC'99, Fairfax, VA, USA. October 1999, pp. 19-32.
20. WTR, 1999, Oracle PL/SQL Web Toolkit Reference (A60123-01), Release 4.0, Oracle Corporation.