Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information

Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information

This article discusses potential clashes between different types of security policies that regulate resource access requests on clinical patient data in hospitals by employees. Attribute-based Access Control (ABAC) is proposed as a proper means for such regulation. A proper representation of ABAC po...

Full description

Saved in:
Bibliographic Details
Main Author: Raik Kuhlisch
Format: Article
Language:English
Published: Riga Technical University Press 2017-07-01
Series:Complex Systems Informatics and Modeling Quarterly
Subjects:
Hospital intra-enterprise policy conflict
policy compliance verification
information security
knowledge representation.
Online Access:https://csimq-journals.rtu.lv/article/view/1783
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1832542959123300352
author Raik Kuhlisch
author_facet Raik Kuhlisch
author_sort Raik Kuhlisch
collection DOAJ
description This article discusses potential clashes between different types of security policies that regulate resource access requests on clinical patient data in hospitals by employees. Attribute-based Access Control (ABAC) is proposed as a proper means for such regulation. A proper representation of ABAC policies must include a handling of policy attributes among different policy types. In this article, we propose a semantic policy model with predefined policy conflict categories. A conformance verification function detects erroneous, clashing or mutually susceptible rules early during the policy planning phase. The model and conflicts are used in a conceptual application environment and evaluated in a technical experiment during an interoperability test event.
format Article
id doaj-art-69b59ab4f33344fab542b9fd48734a4a
institution Kabale University
issn 2255-9922
language English
publishDate 2017-07-01
publisher Riga Technical University Press
record_format Article
series Complex Systems Informatics and Modeling Quarterly
spelling doaj-art-69b59ab4f33344fab542b9fd48734a4a2025-02-03T12:03:20ZengRiga Technical University PressComplex Systems Informatics and Modeling Quarterly2255-99222017-07-0101111910.7250/csimq.2017-11.011015Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health InformationRaik Kuhlisch0Institute of Computer Science, University of Rostock, Albert-Einstein-Str. 22, 18059 RostockThis article discusses potential clashes between different types of security policies that regulate resource access requests on clinical patient data in hospitals by employees. Attribute-based Access Control (ABAC) is proposed as a proper means for such regulation. A proper representation of ABAC policies must include a handling of policy attributes among different policy types. In this article, we propose a semantic policy model with predefined policy conflict categories. A conformance verification function detects erroneous, clashing or mutually susceptible rules early during the policy planning phase. The model and conflicts are used in a conceptual application environment and evaluated in a technical experiment during an interoperability test event.https://csimq-journals.rtu.lv/article/view/1783Hospital intra-enterprise policy conflictpolicy compliance verificationinformation securityknowledge representation.
spellingShingle Raik Kuhlisch
Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information
Complex Systems Informatics and Modeling Quarterly
Hospital intra-enterprise policy conflict
policy compliance verification
information security
knowledge representation.
title Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information
title_full Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information
title_fullStr Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information
title_full_unstemmed Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information
title_short Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information
title_sort modeling and recognizing policy conflicts with resource access requests on protected health information
topic Hospital intra-enterprise policy conflict
policy compliance verification
information security
knowledge representation.
url https://csimq-journals.rtu.lv/article/view/1783
work_keys_str_mv AT raikkuhlisch modelingandrecognizingpolicyconflictswithresourceaccessrequestsonprotectedhealthinformation

Similar Items