Privilege Management and Access Control in Shared Care IS and EHR

Realising the shared care concept based on distributed health information systems, we have to meet the challenge for advanced security and privacy based on a Public Key Infrastructure (PKI) Beside strong authentication, authorisation of principals and access control using role concepts and security object classification schemes are essential application security services. The paper presents the actual drafts of ISO and CEN standards dealing with privilege management and access control.