Simeon Veloudis, I. Paraskakis, Giannis Verginadis, Ioannis Patiniotakis, G. Mentzas
{"title":"规范云中敏感医疗数据访问的本体模板","authors":"Simeon Veloudis, I. Paraskakis, Giannis Verginadis, Ioannis Patiniotakis, G. Mentzas","doi":"10.1109/CBMS.2017.154","DOIUrl":null,"url":null,"abstract":"By embracing the cloud computing paradigm for storing and processing electronic medical records (EMRs), modern healthcare providers are able to realise significant cost savings. However, relinquishing control of sensitive medical data by delegating their storage and processing to third-party cloud providers naturally raises significant security concerns. One way to alleviate these concerns is to devise appropriate policies that infuse adequate access controls in cloud services. Nevertheless, the heterogeneous nature of these services, coupled with the dynamicity inherent in cloud environments, hinder the formulation of effective and interoperable policies that are appropriate for the underlying domain of application. To this end, this work adopts the ontological templates proposed in [5] for the representation of access control policies in the medical sector. By capturing the knowledge that must be infused into an access control policy, these templates sufficiently address the needs of the underlying domain of application in which such a policy is to be enforced; at the same time, they facilitate developers in infusing adequate access controls to their cloud applications.","PeriodicalId":141105,"journal":{"name":"2017 IEEE 30th International Symposium on Computer-Based Medical Systems (CBMS)","volume":"134 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Ontological Templates for Regulating Access to Sensitive Medical Data in the Cloud\",\"authors\":\"Simeon Veloudis, I. Paraskakis, Giannis Verginadis, Ioannis Patiniotakis, G. Mentzas\",\"doi\":\"10.1109/CBMS.2017.154\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"By embracing the cloud computing paradigm for storing and processing electronic medical records (EMRs), modern healthcare providers are able to realise significant cost savings. However, relinquishing control of sensitive medical data by delegating their storage and processing to third-party cloud providers naturally raises significant security concerns. One way to alleviate these concerns is to devise appropriate policies that infuse adequate access controls in cloud services. Nevertheless, the heterogeneous nature of these services, coupled with the dynamicity inherent in cloud environments, hinder the formulation of effective and interoperable policies that are appropriate for the underlying domain of application. To this end, this work adopts the ontological templates proposed in [5] for the representation of access control policies in the medical sector. By capturing the knowledge that must be infused into an access control policy, these templates sufficiently address the needs of the underlying domain of application in which such a policy is to be enforced; at the same time, they facilitate developers in infusing adequate access controls to their cloud applications.\",\"PeriodicalId\":141105,\"journal\":{\"name\":\"2017 IEEE 30th International Symposium on Computer-Based Medical Systems (CBMS)\",\"volume\":\"134 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE 30th International Symposium on Computer-Based Medical Systems (CBMS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CBMS.2017.154\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE 30th International Symposium on Computer-Based Medical Systems (CBMS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CBMS.2017.154","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Ontological Templates for Regulating Access to Sensitive Medical Data in the Cloud
By embracing the cloud computing paradigm for storing and processing electronic medical records (EMRs), modern healthcare providers are able to realise significant cost savings. However, relinquishing control of sensitive medical data by delegating their storage and processing to third-party cloud providers naturally raises significant security concerns. One way to alleviate these concerns is to devise appropriate policies that infuse adequate access controls in cloud services. Nevertheless, the heterogeneous nature of these services, coupled with the dynamicity inherent in cloud environments, hinder the formulation of effective and interoperable policies that are appropriate for the underlying domain of application. To this end, this work adopts the ontological templates proposed in [5] for the representation of access control policies in the medical sector. By capturing the knowledge that must be infused into an access control policy, these templates sufficiently address the needs of the underlying domain of application in which such a policy is to be enforced; at the same time, they facilitate developers in infusing adequate access controls to their cloud applications.