By Topic

Toward a synergy among discretionary, role-based and context-aware access control models in healthcare information technology

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Khan, M.F.F. ; Grad. Sch. of Interdiscipl. Inf. Studies, Univ. of Tokyo, Tokyo, Japan ; Sakamura, K.

Healthcare information systems collect, store and manage sensitive information about patients and, hence, it is imperative for such systems to provide robust access control mechanisms with a view to thwarting potential security and privacy threats. The access-control requirements in healthcare systems are quite diverse as compared to those of other systems. The existing subject-, role-, object-, attribute-, or context-centric approaches seem insufficient to efficiently and flexibly model the access-control needs of the healthcare domain. In this paper, we propose a combined access control scheme for healthcare information systems, amalgamating features of discretionary access control (DAC), role-based access control (RBAC) and context-aware access control. We discuss the design, implementation and evaluation of the proposed scheme, and explain the rationale behind the combination.

Published in:

Internet Security (WorldCIS), 2012 World Congress on

Date of Conference:

10-12 June 2012