DOrMac: Privacy-aware Organization Based Access Control Model

Mekanne, Salem

DOrMac: Privacy-aware Organization Based Access Control Model

Date

2015-11-22

Authors

Mekanne, Salem

Publisher

CERIST

Abstract

— SIMPLE FAILURES IN PROTECTING MEDICAL DATA CAN HAVE DRAMATIC CONSEQUENCES ON A PATIENT PRIVACY. IN THIS ARTICLE, WE FOCUS MAINLY ON ACCESS CONTROL FOR PROTECTING SENSITIVE DATA WITHIN PATIENT’S ELECTRONIC HEALTH RECORD (EHR). WE PROPOSE A NEW ACCESS CONTROL MODEL CALLED DORMAC CAPABLE OF EXPRESSING BOTH A SECURITY POLICY ESTABLISHED BY A HEALTHCARE PROVIDER AND A PRIVACY POLICY DEFINED BY A PATIENT. FOR EXPRESSING PRIVACY, WE ENRICHED THE ORGANIZATION BASED ACCESS CONTROL MODEL (ORBAC) BY SOME SECURITY CONCEPTS INSPIRED FROM DISCRETIONARY AND MANDATORY POLICIES. THIS MODEL ACHIEVE A GOOD BALANCE BETWEEN AVAILABILITY OF DATA DURING CARE AND PRIVACY PROTECTION.

Keywords

Security, Privacy, Access Control, Electronic Health Record, DOrMac.

URI

http://dl.cerist.dz/handle/CERIST/779

Collections

Research Reports

Full item page

DOrMac: Privacy-aware Organization Based Access Control Model

Date

Authors

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Description

Keywords

Citation

URI

Collections

Endorsement

Review

Supplemented By

Referenced By