{"title":"电子保健中的受控数据共享","authors":"I. Matteucci, P. Mori, M. Petrocchi, Luca Wiegand","doi":"10.1109/STAST.2011.6059251","DOIUrl":null,"url":null,"abstract":"In the last few years, the necessity of having documents in electronic format has been growing over and over. This phenomenon affects also healthcare organizations that have adopted a new model for managing clinical information based on so called Electronic Patient Records. On the one hand, the introduction of such models allows to easily share information among several and widespread healthcare organizations. On the other hand, this arises several questions, like how to guarantee security requirements as, e.g., confidentiality, integrity, and privacy of the information shared. In this paper, we present a formal framework for specifying and analysing policies that regulate the information sharing, in such a way that the security requirements of the author of the policy are satisfied. In particular, we consider a set of authorization, obligation, and prohibition clauses aiming at preserving confidentiality, integrity, and privacy of the clinical data of a patient.","PeriodicalId":293851,"journal":{"name":"2011 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Controlled data sharing in E-health\",\"authors\":\"I. Matteucci, P. Mori, M. Petrocchi, Luca Wiegand\",\"doi\":\"10.1109/STAST.2011.6059251\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the last few years, the necessity of having documents in electronic format has been growing over and over. This phenomenon affects also healthcare organizations that have adopted a new model for managing clinical information based on so called Electronic Patient Records. On the one hand, the introduction of such models allows to easily share information among several and widespread healthcare organizations. On the other hand, this arises several questions, like how to guarantee security requirements as, e.g., confidentiality, integrity, and privacy of the information shared. In this paper, we present a formal framework for specifying and analysing policies that regulate the information sharing, in such a way that the security requirements of the author of the policy are satisfied. In particular, we consider a set of authorization, obligation, and prohibition clauses aiming at preserving confidentiality, integrity, and privacy of the clinical data of a patient.\",\"PeriodicalId\":293851,\"journal\":{\"name\":\"2011 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST)\",\"volume\":\"47 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-11-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/STAST.2011.6059251\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/STAST.2011.6059251","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
In the last few years, the necessity of having documents in electronic format has been growing over and over. This phenomenon affects also healthcare organizations that have adopted a new model for managing clinical information based on so called Electronic Patient Records. On the one hand, the introduction of such models allows to easily share information among several and widespread healthcare organizations. On the other hand, this arises several questions, like how to guarantee security requirements as, e.g., confidentiality, integrity, and privacy of the information shared. In this paper, we present a formal framework for specifying and analysing policies that regulate the information sharing, in such a way that the security requirements of the author of the policy are satisfied. In particular, we consider a set of authorization, obligation, and prohibition clauses aiming at preserving confidentiality, integrity, and privacy of the clinical data of a patient.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
