论文信息 - SGAC: A Multi-Layered Access Control Model with Conflict Resolution Strategy

SGAC: A Multi-Layered Access Control Model with Conflict Resolution Strategy

This paper presents SGAC (Solution de Gestion Automatisée du Consentement / automated consent management solution), a new healthcare access control model and its support tool, which manages patient wishes regarding access to their electronic health records (EHR). This paper also presents the verification of access control policies for SGAC using two first-order-logic model checkers based on distinct technologies, Alloy and ProB. The development of SGAC has been achieved within the scope of a project with the University of Sherbrooke Hospital (CHUS), and thus has been adapted to take into account regional laws and regulations applicable in Québec and Canada, as they set bounds to patient wishes: for safety reasons, under strictly defined contexts, patient consent can be overriden to protect his/her life (break-the-glass rules). Since patient wishes and those regulations can be in conflict, SGAC provides a mechanism to address this problem based on priority, specificity and modality. In order to protect patient privacy while ensuring effective caregiving in safety-critical situations, we check four types of properties: accessibility, availability, contextuality and rule effectivity. We conducted performance tests comparison: implementation of SGAC versus an implementation of another access control model, XACML, and property verification with Alloy versus ProB. The performance results show that SGAC performs better than XACML and that ProB outperforms Alloy by two order of magnitude thanks to its programmable approach to constraint solving.

[1] Jerry den Hartog,et al. Formal analysis of XACML policies using SMT , 2017, Comput. Secur..

[2] Nghi Huynh,et al. Validating the RBAC ANSI 2012 Standard Using B , 2014, ABZ.

[3] Martyn Thomas,et al. Industrial Deployment of System Engineering Methods , 2013, Springer Berlin Heidelberg.

[4] Michael Leuschel,et al. Under consideration for publication in Formal Aspects of Computing Automated Property Verification for Large Scale B Models with ProB , 2010 .

[5] Régine Laleau,et al. Enforcing ASTD Access-Control Policies with WS-BPEL Processes in SOA Environments , 2011, Int. J. Syst. Serv. Oriented Eng..

[6] Andrew C. Simpson,et al. On Formalizing and Normalizing Role-Based Access Control Systems , 2009, Comput. J..

[7] John S. Fitzgerald,et al. Formal Engineering of XACML Access Control Policies in VDM++ , 2007, ICFEM.

[8] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.

[9] Michael Leuschel,et al. Improving Railway Data Validation with ProB , 2013, Industrial Deployment of System Engineering Methods.

[10] Vijayalakshmi Atluri,et al. Role-based Access Control , 1992 .

[11] Daniel Jackson,et al. Software Abstractions - Logic, Language, and Analysis , 2006 .

[12] Mao Bi,et al. Role based Access Control Model , 2003 .

[13] Jean-Raymond Abrial,et al. The B-book - assigning programs to meanings , 1996 .