Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information

Kuhlisch, Raik (2017) Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information. Complex Systems Informatics and Modeling Quarterly (CSIMQ), 11. pp. 1-19.

[img]
Preview
 Text
Modeling and Recognizing Policy Conflicts.pdf
Download (557kB) | Preview
Official URL: https://doi.org/10.7250/csimq.2017-11.01

Abstract

This article discusses potential clashes between different types of security policies that regulate resource access requests on clinical patient data in hospitals by employees. Attribute-based Access Control (ABAC) is proposed as a proper means for such regulation. A proper representation of ABAC policies must include a handling of policy attributes among different policy types. In this article, we propose a semantic policy model with predefined policy conflict categories. A conformance verification function detects erroneous, clashing or mutually susceptible rules early during the policy planning phase. The model and conflicts are used in a conceptual application environment and evaluated in a technical experiment during an interoperability test event.

Item Type: Article
Depositing User: Birger Lantow
Date Deposited: 11 Apr 2018 19:28
Last Modified: 19 Oct 2018 13:04
URI: http://eprints.win.informatik.uni-rostock.de/id/eprint/549

Actions (login required)

View Item View Item
Win Publication Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.