Cargando…
A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems
Since the access control environment has changed and the threat of insider information leakage has come to the fore, studies on risk-based access control models that decide access permissions dynamically have been conducted vigorously. Medical information systems should protect sensitive data such a...
| Autores principales: | , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Hindawi Publishing Corporation
2015
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4436520/ https://www.ncbi.nlm.nih.gov/pubmed/26075013 http://dx.doi.org/10.1155/2015/265132 |
| _version_ | 1782372097619656704 |
|---|---|
| author | Choi, Donghee Kim, Dohoon Park, Seog |
| author_facet | Choi, Donghee Kim, Dohoon Park, Seog |
| author_sort | Choi, Donghee |
| collection | PubMed |
| description | Since the access control environment has changed and the threat of insider information leakage has come to the fore, studies on risk-based access control models that decide access permissions dynamically have been conducted vigorously. Medical information systems should protect sensitive data such as medical information from insider threat and enable dynamic access control depending on the context such as life-threatening emergencies. In this paper, we suggest an approach and framework for context sensitive risk-based access control suitable for medical information systems. This approach categorizes context information, estimating and applying risk through context- and treatment-based permission profiling and specifications by expanding the eXtensible Access Control Markup Language (XACML) to apply risk. The proposed framework supports quick responses to medical situations and prevents unnecessary insider data access through dynamic access authorization decisions in accordance with the severity of the context and treatment. |
| format | Online Article Text |
| id | pubmed-4436520 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2015 |
| publisher | Hindawi Publishing Corporation |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-44365202015-06-14 A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems Choi, Donghee Kim, Dohoon Park, Seog Comput Math Methods Med Research Article Since the access control environment has changed and the threat of insider information leakage has come to the fore, studies on risk-based access control models that decide access permissions dynamically have been conducted vigorously. Medical information systems should protect sensitive data such as medical information from insider threat and enable dynamic access control depending on the context such as life-threatening emergencies. In this paper, we suggest an approach and framework for context sensitive risk-based access control suitable for medical information systems. This approach categorizes context information, estimating and applying risk through context- and treatment-based permission profiling and specifications by expanding the eXtensible Access Control Markup Language (XACML) to apply risk. The proposed framework supports quick responses to medical situations and prevents unnecessary insider data access through dynamic access authorization decisions in accordance with the severity of the context and treatment. Hindawi Publishing Corporation 2015 2015-05-04 /pmc/articles/PMC4436520/ /pubmed/26075013 http://dx.doi.org/10.1155/2015/265132 Text en Copyright © 2015 Donghee Choi et al. https://creativecommons.org/licenses/by/3.0/ This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. |
| spellingShingle | Research Article Choi, Donghee Kim, Dohoon Park, Seog A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems |
| title | A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems |
| title_full | A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems |
| title_fullStr | A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems |
| title_full_unstemmed | A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems |
| title_short | A Framework for Context Sensitive Risk-Based Access Control in Medical Information Systems |
| title_sort | framework for context sensitive risk-based access control in medical information systems |
| topic | Research Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4436520/ https://www.ncbi.nlm.nih.gov/pubmed/26075013 http://dx.doi.org/10.1155/2015/265132 |
| work_keys_str_mv | AT choidonghee aframeworkforcontextsensitiveriskbasedaccesscontrolinmedicalinformationsystems AT kimdohoon aframeworkforcontextsensitiveriskbasedaccesscontrolinmedicalinformationsystems AT parkseog aframeworkforcontextsensitiveriskbasedaccesscontrolinmedicalinformationsystems AT choidonghee frameworkforcontextsensitiveriskbasedaccesscontrolinmedicalinformationsystems AT kimdohoon frameworkforcontextsensitiveriskbasedaccesscontrolinmedicalinformationsystems AT parkseog frameworkforcontextsensitiveriskbasedaccesscontrolinmedicalinformationsystems |