By Topic

Human-centric visual access control for clinical data management

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Fahl, S. ; Distrib. Comput. & Security Group, Leibniz Univ., Hannover, Germany ; Harbach, M. ; Smith, M.

This paper introduces a novel human-centric, visual, and context-aware access control (AC) system for distributed clinical data management and health information systems. Human-centricity in this context means that medical staff should be able to configure AC rules, both in a timesaving and reliable manner. Since medical data often include meta information about a patient, it is essential that an AC system only grants access requests that meet the patient's intent. Hence, it is desirable that a patient be included in the AC process. To cater for the strong security needs in the medical domain, both the AC policy creation by medical staff as well as the patient-interaction feature need to be supervised by governing policies. While traditional AC systems such as role-based access control offer sufficient security in theory, they lack in comfort and flexibility. This property does not fulfil the requirements of flexible and distributed environments. Distributed medical institutions could enormously benefit from the opportunity of dynamic AC configuration at an end-user level while adhering to legal, ethical or other privacy requirements. Hence, this paper presents a human-centric visual AC model for medical data, addressing usability, information security and patient interaction. To demonstrate our approach, an integration with the DCM4CHE open source system is presented.

Published in:

Digital Ecosystems Technologies (DEST), 2012 6th IEEE International Conference on

Date of Conference:

18-20 June 2012