An access control framework for secured sharing of electronic health records using hierarchy similarity analyser

Int. J. Electron. Heal. Pub Date : 1900-01-01 DOI:10.1504/IJEH.2015.075327

Shalini Bhartiya, D. Mehrotra

{"title":"An access control framework for secured sharing of electronic health records using hierarchy similarity analyser","authors":"Shalini Bhartiya, D. Mehrotra","doi":"10.1504/IJEH.2015.075327","DOIUrl":null,"url":null,"abstract":"Sharing relevant and authorised health data referred as electronic health records (EHRs) among interoperable e-health environments requires identification and mitigation of security gaps accruing out of these collaborations. Ensuring confidentiality and availability of EHR during transit requires a standard access control framework that can efficiently and securely realise collaborations. Disparity in access policies often result in policy conflicts and rule redundancy. The framework must encompass heterogeneity of workflow and frequently changing demands of health professionals and resolves policy conflicts and reduces rule-redundancy. This paper proposes a framework and its verification for integrating access control policies based on similarities between user and resource hierarchies of healthcare units. The framework comprises of a hierarchical similarity analyser (HSA) that assign a security level to each attribute generated on the similarities obtained. The verification of the framework is performed through access control policy testing (ACPT) developed by National Institute of Standards and Technology (NIST).","PeriodicalId":341094,"journal":{"name":"Int. J. Electron. Heal.","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Electron. Heal.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/IJEH.2015.075327","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

Sharing relevant and authorised health data referred as electronic health records (EHRs) among interoperable e-health environments requires identification and mitigation of security gaps accruing out of these collaborations. Ensuring confidentiality and availability of EHR during transit requires a standard access control framework that can efficiently and securely realise collaborations. Disparity in access policies often result in policy conflicts and rule redundancy. The framework must encompass heterogeneity of workflow and frequently changing demands of health professionals and resolves policy conflicts and reduces rule-redundancy. This paper proposes a framework and its verification for integrating access control policies based on similarities between user and resource hierarchies of healthcare units. The framework comprises of a hierarchical similarity analyser (HSA) that assign a security level to each attribute generated on the similarities obtained. The verification of the framework is performed through access control policy testing (ACPT) developed by National Institute of Standards and Technology (NIST).

查看原文本刊更多论文

一种访问控制框架，用于使用层次相似性分析器安全共享电子健康记录

在可互操作的电子卫生环境中共享被称为电子健康记录(EHRs)的相关和授权的健康数据，需要识别和缓解这些协作所产生的安全漏洞。确保电子病历在传输过程中的保密性和可用性需要一个标准的访问控制框架，可以有效和安全地实现协作。访问策略的差异往往会导致策略冲突和规则冗余。该框架必须包含工作流程的异质性和卫生专业人员不断变化的需求，并解决政策冲突和减少规则冗余。本文提出了一个基于医疗保健单位用户和资源层次相似性的访问控制策略集成框架及其验证。该框架由层次相似性分析器(HSA)组成，该分析器为获得的相似性生成的每个属性分配安全级别。通过NIST (National Institute of Standards and Technology)开发的访问控制策略测试(ACPT)对框架进行验证。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Int. J. Electron. Heal.

自引率

0.00%

发文量