Title :
Towards enforcement of purpose for privacy policy in distributed healthcare
Author :
Rath, A.T. ; Colin, J.-N.
Author_Institution :
PReCISE Res. Center, Univ. of Namur, Namur, Belgium
Abstract :
Purpose of access is one of the core concepts in privacy which considers the data user´s intent as a factor in making access control decisions and enforcement of purpose is required to ensure that data is used as what it intends for. In general, the enforcement of purpose is a complicated task. The main difficulty is how to identify the purpose of an agent when it requests to perform an action. In this paper, we discuss the design issue of purpose enforcement based on our proposed (defined) enforcement structure: pre-enforcement, ongoing-enforcement, and post-enforcement. We also propose an enforcement solution for usage control designed for distributed healthcare information system, particularly, the pre-enforcement of purpose (the validation of claimed purpose at the initial state before data is granted access).
Keywords :
biomedical communication; health care; access control decisions; data user; distributed healthcare information system; enforcement structure; ongoing-enforcement; post-enforcement; preenforcement; privacy policy; Abstracts; Access control; Conferences; Data privacy; Engines; Surgery; distributed healthcare; privacy; purpose enforcement; security;
Conference_Titel :
Consumer Communications and Networking Conference (CCNC), 2013 IEEE
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4673-3131-9
DOI :
10.1109/CCNC.2013.6488578
