DOrMac: Privacy-aware Organization Based Access Control Model
Loading...
Date
2015
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Mekanne Salem, Meziane Abdelkrim
Abstract
SIMPLE FAILURES IN PROTECTING MEDICAL DATA
CAN HAVE DRAMATIC CONSEQUENCES ON A PATIENT PRIVACY. IN
THIS ARTICLE, WE FOCUS MAINLY ON ACCESS CONTROL FOR
PROTECTING SENSITIVE DATA WITHIN PATIENT’S ELECTRONIC
HEALTH RECORD (EHR). WE PROPOSE A NEW ACCESS CONTROL
MODEL CALLED DORMAC CAPABLE OF EXPRESSING BOTH A SECURITY
POLICY ESTABLISHED BY A HEALTHCARE PROVIDER AND A PRIVACY
POLICY DEFINED BY A PATIENT. FOR EXPRESSING PRIVACY, WE
ENRICHED THE ORGANIZATION BASED ACCESS CONTROL MODEL
(ORBAC) BY SOME SECURITY CONCEPTS INSPIRED FROM
DISCRETIONARY AND MANDATORY POLICIES. THIS MODEL ACHIEVE A
GOOD BALANCE BETWEEN AVAILABILITY OF DATA DURING CARE AND
PRIVACY PROTECTION.
Description
Keywords
Security, Privacy, Access Control, Electronic Health Record, DOrMac