{"title":"电子健康记录访问权授权的分布式方法","authors":"M. F. F. Khan, K. Sakamura","doi":"10.1109/ICEIC49074.2020.9051092","DOIUrl":null,"url":null,"abstract":"Delegation of access rights to patients' health records is an important feature for eHealth systems. Often considered an add-on to legacy access control systems, most of the existing delegation schemes are extension of the widely used role-based access control mechanism. However, when it comes to handling patient data in healthcare applications, a growing body of international technical standards, and national and regional healthcare regulations have been suggesting use of individual discretion as the basis, or at least a critical component, of access control. Along this line of access-control strategy, we are of the view that delegation is intrinsically discretionary, and it should be implemented in a way that directly translates user discretion as much as possible. In this paper, we propose a distributed system for delegation management that enables a patient to securely delegate access rights to her health records to someone she trusts. We implemented this discretionary approach using our eTRON enterprise security architecture, cryptographically assuring the authorization of any delegation.","PeriodicalId":271345,"journal":{"name":"2020 International Conference on Electronics, Information, and Communication (ICEIC)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A Distributed Approach to Delegation of Access Rights for Electronic Health Records\",\"authors\":\"M. F. F. Khan, K. Sakamura\",\"doi\":\"10.1109/ICEIC49074.2020.9051092\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Delegation of access rights to patients' health records is an important feature for eHealth systems. Often considered an add-on to legacy access control systems, most of the existing delegation schemes are extension of the widely used role-based access control mechanism. However, when it comes to handling patient data in healthcare applications, a growing body of international technical standards, and national and regional healthcare regulations have been suggesting use of individual discretion as the basis, or at least a critical component, of access control. Along this line of access-control strategy, we are of the view that delegation is intrinsically discretionary, and it should be implemented in a way that directly translates user discretion as much as possible. In this paper, we propose a distributed system for delegation management that enables a patient to securely delegate access rights to her health records to someone she trusts. We implemented this discretionary approach using our eTRON enterprise security architecture, cryptographically assuring the authorization of any delegation.\",\"PeriodicalId\":271345,\"journal\":{\"name\":\"2020 International Conference on Electronics, Information, and Communication (ICEIC)\",\"volume\":\"52 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 International Conference on Electronics, Information, and Communication (ICEIC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICEIC49074.2020.9051092\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 International Conference on Electronics, Information, and Communication (ICEIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICEIC49074.2020.9051092","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Distributed Approach to Delegation of Access Rights for Electronic Health Records
Delegation of access rights to patients' health records is an important feature for eHealth systems. Often considered an add-on to legacy access control systems, most of the existing delegation schemes are extension of the widely used role-based access control mechanism. However, when it comes to handling patient data in healthcare applications, a growing body of international technical standards, and national and regional healthcare regulations have been suggesting use of individual discretion as the basis, or at least a critical component, of access control. Along this line of access-control strategy, we are of the view that delegation is intrinsically discretionary, and it should be implemented in a way that directly translates user discretion as much as possible. In this paper, we propose a distributed system for delegation management that enables a patient to securely delegate access rights to her health records to someone she trusts. We implemented this discretionary approach using our eTRON enterprise security architecture, cryptographically assuring the authorization of any delegation.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
