DOrMac: Privacy-aware Organization Based Access Control Model

Loading...
Thumbnail Image
Date
2015-11-22
Journal Title
Journal ISSN
Volume Title
Publisher
CERIST
Abstract
— SIMPLE FAILURES IN PROTECTING MEDICAL DATA CAN HAVE DRAMATIC CONSEQUENCES ON A PATIENT PRIVACY. IN THIS ARTICLE, WE FOCUS MAINLY ON ACCESS CONTROL FOR PROTECTING SENSITIVE DATA WITHIN PATIENT’S ELECTRONIC HEALTH RECORD (EHR). WE PROPOSE A NEW ACCESS CONTROL MODEL CALLED DORMAC CAPABLE OF EXPRESSING BOTH A SECURITY POLICY ESTABLISHED BY A HEALTHCARE PROVIDER AND A PRIVACY POLICY DEFINED BY A PATIENT. FOR EXPRESSING PRIVACY, WE ENRICHED THE ORGANIZATION BASED ACCESS CONTROL MODEL (ORBAC) BY SOME SECURITY CONCEPTS INSPIRED FROM DISCRETIONARY AND MANDATORY POLICIES. THIS MODEL ACHIEVE A GOOD BALANCE BETWEEN AVAILABILITY OF DATA DURING CARE AND PRIVACY PROTECTION.
Description
Keywords
Security, Privacy, Access Control, Electronic Health Record, DOrMac.
Citation
Collections