Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information

Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information

This article discusses potential clashes between different types of security policies that regulate resource access requests on clinical patient data in hospitals by employees. Attribute-based Access Control (ABAC) is proposed as a proper means for such regulation. A proper representation of ABAC po...

Full description

Saved in:
Bibliographic Details
Main Author: Raik Kuhlisch
Format: Article
Language:English
Published: Riga Technical University Press 2017-07-01
Series:Complex Systems Informatics and Modeling Quarterly
Subjects:
Hospital intra-enterprise policy conflict
policy compliance verification
information security
knowledge representation.
Online Access:https://csimq-journals.rtu.lv/article/view/1783
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This article discusses potential clashes between different types of security policies that regulate resource access requests on clinical patient data in hospitals by employees. Attribute-based Access Control (ABAC) is proposed as a proper means for such regulation. A proper representation of ABAC policies must include a handling of policy attributes among different policy types. In this article, we propose a semantic policy model with predefined policy conflict categories. A conformance verification function detects erroneous, clashing or mutually susceptible rules early during the policy planning phase. The model and conflicts are used in a conceptual application environment and evaluated in a technical experiment during an interoperability test event.
ISSN:2255-9922

Similar Items