Title :
A Fuzzy Modeling Approach for Risk-Based Access Control in eHealth Cloud
Author :
Juan Li ; Yan Bai ; Zaman, Nazia
Author_Institution :
Dept. of Comput. Sci., North Dakota State Univ., Fargo, ND, USA
Abstract :
A number of recent studies have adopted risk assessment in access control for healthcare applications, but few of the work is specifically concerned with the risk assessment in the presence of uncertainties, such as uncertain values of risk factors, and consequences of imprecision. This paper presents a fuzzy modeling-based approach that accounts for uncertainty analysis when evaluating the risk. Three inputs -- data sensitivity, action severity, and risk history -- are modeled with fuzzy set and used to calculate the level of risk associated with healthcare information access in a cloud environment. Experiments were conducted and demonstrated that the approach can generate accurate and realistic outcomes in assessing current security risk and predicting the scope and impact of different risk factors. This would lead to a great change of access control from being active to being proactive to security breach, and enhance the security level of eHealth cloud applications.
Keywords :
authorisation; cloud computing; fuzzy set theory; health care; risk management; action severity; data sensitivity; eHealth cloud applications; fuzzy modeling-based approach; fuzzy set; healthcare applications; healthcare information access; imprecision consequence; risk assessment; risk factor uncertain values; risk history; risk-based access control; uncertainty analysis; Access control; Fuzzy logic; Fuzzy sets; Medical services; Risk management; Sensitivity; access control; cloud computing; eHealth; fuzzy modeling; risk; security;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on
Conference_Location :
Melbourne, VIC
DOI :
10.1109/TrustCom.2013.66
