Delegation in a Distributed Healthcare Context: A Survey of Current Approaches

The development of infrastructures to facilitate the sharing of data for healthcare delivery and research purposes is becoming increasingly widespread. In addition to the technical requirements pertaining to efficient and transparent sharing of data across organisational boundaries, there are requirements pertaining to ethical and legal issues. Functional and non-functional concerns need to be balanced: for resource sharing to be as transparent as possible, an entity should be allowed to delegate a subset of its rights to another so that the latter can perform actions on the former's behalf, yet such delegation needs to be performed in a fashion that complies with relevant legal and ethical restrictions. The contribution of this paper is twofold: to characterise the requirements for secure and flexible delegation within the emerging distributed liealthcare context; and to evaluate existing approaches with respect to these requirements. We also suggest how some of these limitations might be overcome.

[1]  Gail-Joon Ahn,et al.  A role-based delegation framework for healthcare information systems , 2002, SACMAT '02.

[2]  Andrew C. Simpson,et al.  NeuroGrid: using grid technology to advance neuroscience , 2005, 18th IEEE Symposium on Computer-Based Medical Systems (CBMS'05).

[3]  Ian Foster,et al.  The Grid 2 - Blueprint for a New Computing Infrastructure, Second Edition , 1998, The Grid 2, 2nd Edition.

[4]  Ian T. Foster,et al.  A security architecture for computational grids , 1998, CCS '98.

[5]  Steven Tuecke,et al.  X.509 Proxy Certificates for Dynamic Delegation , 2004 .

[6]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[7]  Jun Wang,et al.  Extending the security assertion markup language to support delegation for Web services and grid services , 2005, IEEE International Conference on Web Services (ICWS'05).

[8]  M. Humber National programme for information technology , 2004, BMJ : British Medical Journal.

[9]  Mark Slaymaker,et al.  Towards secure Grid-enabled healthcare: Research Articles , 2005 .

[10]  Andrew C. Simpson,et al.  Towards secure Grid‐enabled healthcare , 2005, Softw. Pract. Exp..

[11]  Morrie Gasser,et al.  An architecture for practical delegation in a distributed system , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[13]  Thomas Sandholm,et al.  Policy administration control and delegation using XACML and Delegent , 2005, The 6th IEEE/ACM International Workshop on Grid Computing, 2005..