An efficient technique for aspect-based EHR access policy administration on ABAC

The adoption of electronically formatted medical records, so called Electronic Health Record (EHR), has become extremely important in healthcare systems to enable the exchange of medical information among healthcare providers. To the best of our knowledge, no approach has yet administrated the access policies on the basis of different aspects and subject types in a flexible, scalable and cost-effective manner. We have thus focused on an efficient improvement of policy administration along with the application of ABAC. To achieve this, we believe that a desirable EHR access policy should be created on the fly based on the appropriate primitive policies. In this paper, we thus propose AAS-pada - the composition-based technique for EHR access policy administration on ABAC. Given a subject´s attributes and a set of primitive policies, AAS-pada (i) selects the desirable primitive policies across five aspects corresponding to a subject´s attributes. (ii) instantiates these primitive policies with the attribute values; and (iii) composes these instantiated primitive policies to form a desirable access policy. Our experimental results show that AAS-pada supports the coverage of all subject types with less investment on the initially created policies. Moreover, it has less impact when the edition of an individual aspect concern is required. Essentially, AAS-pada brings few contributions: flexibility, scalability and cost-effective in administrating the EHR access policies to various subject types.