A framework for multiple authorization types in a healthcare application system

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn 2001-January, Issue , 2001, Pages 137-148

  Chandramouli, Ramaswamy ^a  

^a NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY   (United States)

Author keywords

Access control; Application software; Authorization; Computer security; Data security; Databases; Engines; Medical services; NIST; Permission

Indexed keywords

APPLICATION PROGRAMS; DATABASE SYSTEMS; ENGINES; HEALTH CARE; SECURITY OF DATA; SECURITY SYSTEMS;

AUTHORIZATION; AUTHORIZATION FRAMEWORKS; HEALTH CARE APPLICATION; MEDICAL SERVICES; NIST; PERMISSION; ROLE-BASED ACCESS CONTROL; TRANSFER SYSTEMS;

ACCESS CONTROL;

EID: 84949201378     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ACSAC.2001.991530     Document Type: Conference Paper

References (10)

1. D.R.Kuhn. Role based access control for world wide web http://hissa.ncsl.nist.gov/rbac/rbacweb/paper.ps, April 1997
2. W.Boebert and R.Kain. A Practical Alternative to Hierarchical Integrity Policies Proc. 8th National Computer Security Conference, October 1985
3. D.Ferraiolo, J.Cugini, and D.R.Kuhn. Role Based Access Control (RBAC): Features and Motivations Proc. 11th Annual Computer Security Applications Conference, December 1995
4. P.Greve, J.Hoffman and R.Smith. Using Type Enforcement to assure a configurable guard. Proc. 13th Annual Computer Security Applications Conference, December 1997
5. J.Hoffman. Implementing RBAC on a type enforced system Proc. 13th Annual Computer Security Applications Conference, December 1997
6. S. Jajodia, P.Samarati and V.S.Subrahmanian. A Logical Language for Expressing Authorizations IEEE Symposium on Security and Privacy 1997, p31-42
7. K.A. Oostendorp, L.Badger, C.D. Vance, W.G. Morrison, M.J. Petkac, D.L Sherman, D.F Sterne Domain and type enforcement firewalls Proc 13th Annual Computer Security Applications Conference, December 1997
8. R.S. Sandhu, E.J.Coyne, H.L.Feinstein and C.E.Youman. Role Based Access Control Models IEEE Computer, vol 29, Num 2, February 1996, p38-47
9. Security and Electronic Signature Standards; Proposed Rule. Federal Register, Vol 63, No. 155, August 12, 1998
10. J. Tidswell and J. Potter An Approach to Dynamic Domain and Type Enforcement Microsoft Research Institute, Department of Computing, Macquarie University, NSW Australia