论文信息 - Security Model for Health Care Computing and Communication Systems

Security Model for Health Care Computing and Communication Systems

Health Care Computing and Communication Systems (HCCS) are characterized by the complexity of the organizations to take into account and the richness of properties that are required. To address this complexity and richness, we propose a security policy based on roles, groups of objects and context. Indeed, similarly to roles that structure the subjects, we introduce the new concept “group of objects„ which structures objects. Our major aim is to facilitate the security policy management, to cope with access right complexity, and to reduce administration errors. Then we develop a security model that covers the diversity of HCCS while achieving a good compromise between the respect of the least privilege principle and the flexibility of the access control. Following a logical approach, we design a formal system that extends the deontic logic, and we express the security policy in our language.

Anas Abou El Kalam | Yves Deswarte

[1] Ernesto Damiani,et al. An Access Control Model for Data Archives , 2001, SEC.

[2] Ramaswamy Chandramouli,et al. The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[3] B. Woodward. The computer-based patient record and confidentiality. , 1995, The New England journal of medicine.

[4] Ross J. Anderson. Personal medical information : security, engineering, and ethics : personal information workshop, Cambridge, UK, June 21-22, 1996 : proceedings , 1997 .

[5] Gregory D. Abowd,et al. Towards a Better Understanding of Context and Context-Awareness , 1999, HUC.

[6] Sabrina De Capitani di Vimercati,et al. A fine-grained access control system for XML documents , 2002, TSEC.

[7] Roshan K. Thomas,et al. Flexible team-based access control using contexts , 2001, SACMAT '01.

[8] Gregory D. Abowd,et al. Securing context-aware applications using environment roles , 2001, SACMAT '01.

[9] Elisa Bertino,et al. A Temporal Access Control Mechanism for Database Systems , 1996, IEEE Trans. Knowl. Data Eng..