Access Control in e-Health Portal Systems

Author

Lu, Shuo ; Hong, Yuan ; Liu, Qian ; Wang, Lingyu ; Dssouli, Rachida

Author_Institution

Concordia Univ., Montreal

fYear

2007

fDate

18-20 Nov. 2007

Firstpage

88

Lastpage

92

Abstract

Many e-health portal systems are implemented using off-the-shelf software components. The security features provided by such components are usually insufficient. This paper addresses the issue from the access control perspective. More specifically, we first propose a two-tier approach to access control for e-health portals. The approach supplements existing role based access control (RBAC) capabilities with a rule-based access control module based on the classical flexible authorization framework (FAF) model. We study conflict resolution and interaction between the two modules. We also address authentication for real-time services provided by remote service providers.

Keywords

authorisation; health care; knowledge based systems; medical information systems; portals; software packages; access control; conflict resolution; e-health portal systems; flexible authorization framework; off-the-shelf software component; remote service provider; role based access control; rule-based access control module; Access control; Authentication; Authorization; Data security; Decision support systems; Information security; Information systems; Medical services; Portals; Telemedicine;

fLanguage

English

Publisher

ieee

Conference_Titel

Innovations in Information Technology, 2007. IIT '07. 4th International Conference on

Conference_Location

Dubai

Print_ISBN

978-1-4244-1840-4

Electronic_ISBN

978-1-4244-1841-1

Type

conf

DOI

10.1109/IIT.2007.4430378

Filename

4430378