DOrMac: Privacy-aware Organization Based Access Control Model

View/ Open
Author(s) :
Mekanne, Salem
Date :
2015Abstract
SIMPLE FAILURES IN PROTECTING MEDICAL DATA
CAN HAVE DRAMATIC CONSEQUENCES ON A PATIENT PRIVACY. IN
THIS ARTICLE, WE FOCUS MAINLY ON ACCESS CONTROL FOR
PROTECTING SENSITIVE DATA WITHIN PATIENT’S ELECTRONIC
HEALTH RECORD (EHR). WE PROPOSE A NEW ACCESS CONTROL
MODEL CALLED DORMAC CAPABLE OF EXPRESSING BOTH A SECURITY
POLICY ESTABLISHED BY A HEALTHCARE PROVIDER AND A PRIVACY
POLICY DEFINED BY A PATIENT. FOR EXPRESSING PRIVACY, WE
ENRICHED THE ORGANIZATION BASED ACCESS CONTROL MODEL
(ORBAC) BY SOME SECURITY CONCEPTS INSPIRED FROM
DISCRETIONARY AND MANDATORY POLICIES. THIS MODEL ACHIEVE A
GOOD BALANCE BETWEEN AVAILABILITY OF DATA DURING CARE AND
PRIVACY PROTECTION.
Subject:
Security, Privacy, Access Control, Electronic Health Record, DOrMac
Publisher/Institution:
Mekanne Salem, Meziane Abdelkrim
Place:
singapor, malesia