DOrMac: Privacy-aware Organization Based Access Control Model

Loading...
Thumbnail Image
Date
2015
Journal Title
Journal ISSN
Volume Title
Publisher
Mekanne Salem, Meziane Abdelkrim
Abstract
SIMPLE FAILURES IN PROTECTING MEDICAL DATA CAN HAVE DRAMATIC CONSEQUENCES ON A PATIENT PRIVACY. IN THIS ARTICLE, WE FOCUS MAINLY ON ACCESS CONTROL FOR PROTECTING SENSITIVE DATA WITHIN PATIENT’S ELECTRONIC HEALTH RECORD (EHR). WE PROPOSE A NEW ACCESS CONTROL MODEL CALLED DORMAC CAPABLE OF EXPRESSING BOTH A SECURITY POLICY ESTABLISHED BY A HEALTHCARE PROVIDER AND A PRIVACY POLICY DEFINED BY A PATIENT. FOR EXPRESSING PRIVACY, WE ENRICHED THE ORGANIZATION BASED ACCESS CONTROL MODEL (ORBAC) BY SOME SECURITY CONCEPTS INSPIRED FROM DISCRETIONARY AND MANDATORY POLICIES. THIS MODEL ACHIEVE A GOOD BALANCE BETWEEN AVAILABILITY OF DATA DURING CARE AND PRIVACY PROTECTION.
Description
Keywords
Security, Privacy, Access Control, Electronic Health Record, DOrMac
Citation