Loading…
A Dynamic Access Control Policy Model for Sharing of Healthcare Data in Multiple Domains
Authorization models have been developed to prevent unauthorized access to valuable resources such as electronic healthcare records (EHRs). In an applied environment, such as the healthcare domain, there are several types of authorities that generate EHRs and other security parameters via central au...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Conference Proceeding |
| Language: | English |
| Subjects: | |
| Online Access: | Request full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | |
|---|---|
| cites | |
| container_end_page | 625 |
| container_issue | |
| container_start_page | 618 |
| container_title | |
| container_volume | |
| creator | Salehi Shahraki, Ahmad Rudolph, Carsten Grobler, Marthie |
| description | Authorization models have been developed to prevent unauthorized access to valuable resources such as electronic healthcare records (EHRs). In an applied environment, such as the healthcare domain, there are several types of authorities that generate EHRs and other security parameters via central authority for their users and the attribute authorities. The use of a central authority introduces several challenges in terms of security and privacy due to the increased risk if the central authority is compromised or corrupted. Observing that this research area has not been well addressed to date, we propose and present the first decentralized multi-authority attribute-based access control (DMA-ABAC) model based on the policy model, which enables authorities to independently control their security settings. We present an access control framework for a dynamic cross-domain authorization model that combines Attribute-Based Access Control (ABAC) and Attribute-Based Group Signature (ABGS). This combination aims at providing flexible access control with resistance against reply and third party storage attacks and attribute collusion, and enhanced access control, privacy and selective attributes. |
| doi_str_mv | 10.1109/TrustCom/BigDataSE.2019.00088 |
| format | conference_proceeding |
| fullrecord | <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_8887394</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8887394</ieee_id><sourcerecordid>8887394</sourcerecordid><originalsourceid>FETCH-LOGICAL-i258t-194c21ffa27e83ad6af6b198ecaf7694d65373936aa30912c2717bac92f1655a3</originalsourceid><addsrcrecordid>eNotjcFOAjEURauJiQT5AjfduBzoa2em7RIHFBOIJmDijjxKCzWdKWmHBX8vRlc3uTn3XEKegI0BmJ5s0jn3TWwnz_4wwx7X8zFnoMeMMaVuyEhLBZIr4FLK8pYMuOBloRmIezLK-fuKCc5KUNWAfE3p7NJh6w2dGmNzpk3s-hQD_YjBmwtdxb0N1MVE10dMvjvQ6OjCYuiPBpOlv__Ud3R1Dr0_hWsRW_RdfiB3DkO2o_8cks-X-aZZFMv317dmuiw8r1RfgC4NB-eQS6sE7mt09Q60sgadrHW5ryshhRY1omAauOES5A6N5g7qqkIxJI9_Xm-t3Z6SbzFdtkqp66oUP_AqVo8</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>A Dynamic Access Control Policy Model for Sharing of Healthcare Data in Multiple Domains</title><source>IEEE Xplore All Conference Series</source><creator>Salehi Shahraki, Ahmad ; Rudolph, Carsten ; Grobler, Marthie</creator><creatorcontrib>Salehi Shahraki, Ahmad ; Rudolph, Carsten ; Grobler, Marthie</creatorcontrib><description>Authorization models have been developed to prevent unauthorized access to valuable resources such as electronic healthcare records (EHRs). In an applied environment, such as the healthcare domain, there are several types of authorities that generate EHRs and other security parameters via central authority for their users and the attribute authorities. The use of a central authority introduces several challenges in terms of security and privacy due to the increased risk if the central authority is compromised or corrupted. Observing that this research area has not been well addressed to date, we propose and present the first decentralized multi-authority attribute-based access control (DMA-ABAC) model based on the policy model, which enables authorities to independently control their security settings. We present an access control framework for a dynamic cross-domain authorization model that combines Attribute-Based Access Control (ABAC) and Attribute-Based Group Signature (ABGS). This combination aims at providing flexible access control with resistance against reply and third party storage attacks and attribute collusion, and enhanced access control, privacy and selective attributes.</description><identifier>EISSN: 2324-9013</identifier><identifier>EISBN: 9781728127774</identifier><identifier>EISBN: 1728127777</identifier><identifier>DOI: 10.1109/TrustCom/BigDataSE.2019.00088</identifier><language>eng</language><publisher>IEEE</publisher><subject>Access control ; Anonymity ; Attribute-based access control ; Computational modeling ; Cross domain ; Data models ; Distributed ; Healthcare ; Medical services ; NIST ; Privacy ; Security</subject><ispartof>2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2019, p.618-625</ispartof><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8887394$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,27924,54554,54931</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/8887394$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Salehi Shahraki, Ahmad</creatorcontrib><creatorcontrib>Rudolph, Carsten</creatorcontrib><creatorcontrib>Grobler, Marthie</creatorcontrib><title>A Dynamic Access Control Policy Model for Sharing of Healthcare Data in Multiple Domains</title><title>2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)</title><addtitle>TrustCom</addtitle><description>Authorization models have been developed to prevent unauthorized access to valuable resources such as electronic healthcare records (EHRs). In an applied environment, such as the healthcare domain, there are several types of authorities that generate EHRs and other security parameters via central authority for their users and the attribute authorities. The use of a central authority introduces several challenges in terms of security and privacy due to the increased risk if the central authority is compromised or corrupted. Observing that this research area has not been well addressed to date, we propose and present the first decentralized multi-authority attribute-based access control (DMA-ABAC) model based on the policy model, which enables authorities to independently control their security settings. We present an access control framework for a dynamic cross-domain authorization model that combines Attribute-Based Access Control (ABAC) and Attribute-Based Group Signature (ABGS). This combination aims at providing flexible access control with resistance against reply and third party storage attacks and attribute collusion, and enhanced access control, privacy and selective attributes.</description><subject>Access control</subject><subject>Anonymity</subject><subject>Attribute-based access control</subject><subject>Computational modeling</subject><subject>Cross domain</subject><subject>Data models</subject><subject>Distributed</subject><subject>Healthcare</subject><subject>Medical services</subject><subject>NIST</subject><subject>Privacy</subject><subject>Security</subject><issn>2324-9013</issn><isbn>9781728127774</isbn><isbn>1728127777</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2019</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNotjcFOAjEURauJiQT5AjfduBzoa2em7RIHFBOIJmDijjxKCzWdKWmHBX8vRlc3uTn3XEKegI0BmJ5s0jn3TWwnz_4wwx7X8zFnoMeMMaVuyEhLBZIr4FLK8pYMuOBloRmIezLK-fuKCc5KUNWAfE3p7NJh6w2dGmNzpk3s-hQD_YjBmwtdxb0N1MVE10dMvjvQ6OjCYuiPBpOlv__Ud3R1Dr0_hWsRW_RdfiB3DkO2o_8cks-X-aZZFMv317dmuiw8r1RfgC4NB-eQS6sE7mt09Q60sgadrHW5ryshhRY1omAauOES5A6N5g7qqkIxJI9_Xm-t3Z6SbzFdtkqp66oUP_AqVo8</recordid><startdate>20190801</startdate><enddate>20190801</enddate><creator>Salehi Shahraki, Ahmad</creator><creator>Rudolph, Carsten</creator><creator>Grobler, Marthie</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>20190801</creationdate><title>A Dynamic Access Control Policy Model for Sharing of Healthcare Data in Multiple Domains</title><author>Salehi Shahraki, Ahmad ; Rudolph, Carsten ; Grobler, Marthie</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i258t-194c21ffa27e83ad6af6b198ecaf7694d65373936aa30912c2717bac92f1655a3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Access control</topic><topic>Anonymity</topic><topic>Attribute-based access control</topic><topic>Computational modeling</topic><topic>Cross domain</topic><topic>Data models</topic><topic>Distributed</topic><topic>Healthcare</topic><topic>Medical services</topic><topic>NIST</topic><topic>Privacy</topic><topic>Security</topic><toplevel>online_resources</toplevel><creatorcontrib>Salehi Shahraki, Ahmad</creatorcontrib><creatorcontrib>Rudolph, Carsten</creatorcontrib><creatorcontrib>Grobler, Marthie</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE/IET Electronic Library</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Salehi Shahraki, Ahmad</au><au>Rudolph, Carsten</au><au>Grobler, Marthie</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>A Dynamic Access Control Policy Model for Sharing of Healthcare Data in Multiple Domains</atitle><btitle>2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)</btitle><stitle>TrustCom</stitle><date>2019-08-01</date><risdate>2019</risdate><spage>618</spage><epage>625</epage><pages>618-625</pages><eissn>2324-9013</eissn><eisbn>9781728127774</eisbn><eisbn>1728127777</eisbn><abstract>Authorization models have been developed to prevent unauthorized access to valuable resources such as electronic healthcare records (EHRs). In an applied environment, such as the healthcare domain, there are several types of authorities that generate EHRs and other security parameters via central authority for their users and the attribute authorities. The use of a central authority introduces several challenges in terms of security and privacy due to the increased risk if the central authority is compromised or corrupted. Observing that this research area has not been well addressed to date, we propose and present the first decentralized multi-authority attribute-based access control (DMA-ABAC) model based on the policy model, which enables authorities to independently control their security settings. We present an access control framework for a dynamic cross-domain authorization model that combines Attribute-Based Access Control (ABAC) and Attribute-Based Group Signature (ABGS). This combination aims at providing flexible access control with resistance against reply and third party storage attacks and attribute collusion, and enhanced access control, privacy and selective attributes.</abstract><pub>IEEE</pub><doi>10.1109/TrustCom/BigDataSE.2019.00088</doi><tpages>8</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | EISSN: 2324-9013 |
| ispartof | 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2019, p.618-625 |
| issn | 2324-9013 |
| language | eng |
| recordid | cdi_ieee_primary_8887394 |
| source | IEEE Xplore All Conference Series |
| subjects | Access control Anonymity Attribute-based access control Computational modeling Cross domain Data models Distributed Healthcare Medical services NIST Privacy Security |
| title | A Dynamic Access Control Policy Model for Sharing of Healthcare Data in Multiple Domains |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-11T05%3A33%3A45IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=A%20Dynamic%20Access%20Control%20Policy%20Model%20for%20Sharing%20of%20Healthcare%20Data%20in%20Multiple%20Domains&rft.btitle=2019%2018th%20IEEE%20International%20Conference%20On%20Trust,%20Security%20And%20Privacy%20In%20Computing%20And%20Communications/13th%20IEEE%20International%20Conference%20On%20Big%20Data%20Science%20And%20Engineering%20(TrustCom/BigDataSE)&rft.au=Salehi%20Shahraki,%20Ahmad&rft.date=2019-08-01&rft.spage=618&rft.epage=625&rft.pages=618-625&rft.eissn=2324-9013&rft_id=info:doi/10.1109/TrustCom/BigDataSE.2019.00088&rft.eisbn=9781728127774&rft.eisbn_list=1728127777&rft_dat=%3Cieee_CHZPO%3E8887394%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i258t-194c21ffa27e83ad6af6b198ecaf7694d65373936aa30912c2717bac92f1655a3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=8887394&rfr_iscdi=true |