A role and activity based access control for secure healthcare systems
Pulur, Naim Alperen and Karaoğlan, Duygu and Levi, Albert (2015) A role and activity based access control for secure healthcare systems. In: 30th International Symposium on Computer and Information Sciences (ISCIS 2015), London, UK
Official URL: http://dx.doi.org/10.1007/978-3-319-22635-4_8
We introduce a novel access control mechanism in order to safeguard privacy of medical data of patients in dynamic environments. Our access control model takes advantages from role-based access control (RBAC) and criticality aware access control (CAAC). In this way, our original approach allows the medical professionals with different roles to be granted access to medical records of patients automatically and without explicit request in case of a medical emergency. In this context, we design secure and privacy aware protocols from initial login to patients' medical data transmission and retrieval by the medical professionals. Moreover, we formally define access control policies for our system. Finally we show the feasibility of our approach by implementation and performance evaluation.
Repository Staff Only: item control page