Dies ist eine Übersichtsseite mit Metadaten zu dieser wissenschaftlichen Arbeit. Der vollständige Artikel ist beim Verlag verfügbar.
Role prediction using Electronic Medical Record system audits.
30
Zitationen
5
Autoren
2011
Jahr
Abstract
Electronic Medical Records (EMRs) provide convenient access to patient data for parties who should have it, but, unless managed properly, may also provide it to those who should not. Distinguishing the two is a core security challenge for EMRs. Strategies proposed to address these problems include Role Based Access Control (RBAC), which assigns collections of privileges called roles to users, and Experience Based Access Management (EBAM), which analyzes audit logs to determine access rights. In this paper, we integrate RBAC and EBAM through an algorithm, called Roll-Up, to manage roles effectively. In doing so, we introduce the concept of "role prediction" to identify roles from audit data. We apply the algorithm to three months of logs from Northwestern Memorial Hospital's Cerner system with approximately 8000 users and 140 roles. We demonstrate that existing roles can be predicted with 50% accuracy and intelligent grouping of roles through Roll-Up can facilitate 65% accuracy.
Ähnliche Arbeiten
Not So Different After All: A Cross-Discipline View Of Trust
1998 · 10.007 Zit.
Role-based access control models
1996 · 5.786 Zit.
The Eigentrust algorithm for reputation management in P2P networks
2003 · 3.350 Zit.
A survey of trust and reputation systems for online service provision
2005 · 3.293 Zit.
Proposed NIST standard for role-based access control
2001 · 2.513 Zit.