Dies ist eine Übersichtsseite mit Metadaten zu dieser wissenschaftlichen Arbeit. Der vollständige Artikel ist beim Verlag verfügbar.
Attribute Based Access Control for Healthcare Resources
31
Zitationen
6
Autoren
2017
Jahr
Abstract
Fast Health Interoperability Services (FHIR) is the most recent in the line of standards for healthcare resources. FHIR represents different types of medical artifacts as resources and also provides recommendations for their authorized disclosure using web-based protocols including O-Auth and OpenId Connect and also defines security labels. In most cases, Role Based Access Control (RBAC) is used to secure access to FHIR resources. We provide an alternative approach based on Attribute Based Access Control (ABAC) that allows attributes of subjects and objects to take part in authorization decision. Our system allows various stakeholders to define policies governing the release of healthcare data. It also authenticates the end user requesting access. Our system acts as a middle-layer between the end-user and the FHIR server. Our system provides efficient release of individual and batch resources both during normal operations and also during emergencies. We also provide an implementation that demonstrates the feasibility of our approach.
Ähnliche Arbeiten
Not So Different After All: A Cross-Discipline View Of Trust
1998 · 10.007 Zit.
Role-based access control models
1996 · 5.786 Zit.
The Eigentrust algorithm for reputation management in P2P networks
2003 · 3.350 Zit.
A survey of trust and reputation systems for online service provision
2005 · 3.293 Zit.
Proposed NIST standard for role-based access control
2001 · 2.513 Zit.