{"title":"一种访问控制框架,用于使用层次相似性分析器安全共享电子健康记录","authors":"Shalini Bhartiya, D. Mehrotra","doi":"10.1504/IJEH.2015.075327","DOIUrl":null,"url":null,"abstract":"Sharing relevant and authorised health data referred as electronic health records (EHRs) among interoperable e-health environments requires identification and mitigation of security gaps accruing out of these collaborations. Ensuring confidentiality and availability of EHR during transit requires a standard access control framework that can efficiently and securely realise collaborations. Disparity in access policies often result in policy conflicts and rule redundancy. The framework must encompass heterogeneity of workflow and frequently changing demands of health professionals and resolves policy conflicts and reduces rule-redundancy. This paper proposes a framework and its verification for integrating access control policies based on similarities between user and resource hierarchies of healthcare units. The framework comprises of a hierarchical similarity analyser (HSA) that assign a security level to each attribute generated on the similarities obtained. The verification of the framework is performed through access control policy testing (ACPT) developed by National Institute of Standards and Technology (NIST).","PeriodicalId":341094,"journal":{"name":"Int. J. Electron. Heal.","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"An access control framework for secured sharing of electronic health records using hierarchy similarity analyser\",\"authors\":\"Shalini Bhartiya, D. Mehrotra\",\"doi\":\"10.1504/IJEH.2015.075327\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Sharing relevant and authorised health data referred as electronic health records (EHRs) among interoperable e-health environments requires identification and mitigation of security gaps accruing out of these collaborations. Ensuring confidentiality and availability of EHR during transit requires a standard access control framework that can efficiently and securely realise collaborations. Disparity in access policies often result in policy conflicts and rule redundancy. The framework must encompass heterogeneity of workflow and frequently changing demands of health professionals and resolves policy conflicts and reduces rule-redundancy. This paper proposes a framework and its verification for integrating access control policies based on similarities between user and resource hierarchies of healthcare units. The framework comprises of a hierarchical similarity analyser (HSA) that assign a security level to each attribute generated on the similarities obtained. The verification of the framework is performed through access control policy testing (ACPT) developed by National Institute of Standards and Technology (NIST).\",\"PeriodicalId\":341094,\"journal\":{\"name\":\"Int. J. Electron. Heal.\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Int. J. Electron. Heal.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1504/IJEH.2015.075327\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Electron. Heal.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/IJEH.2015.075327","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 6
摘要
在可互操作的电子卫生环境中共享被称为电子健康记录(EHRs)的相关和授权的健康数据,需要识别和缓解这些协作所产生的安全漏洞。确保电子病历在传输过程中的保密性和可用性需要一个标准的访问控制框架,可以有效和安全地实现协作。访问策略的差异往往会导致策略冲突和规则冗余。该框架必须包含工作流程的异质性和卫生专业人员不断变化的需求,并解决政策冲突和减少规则冗余。本文提出了一个基于医疗保健单位用户和资源层次相似性的访问控制策略集成框架及其验证。该框架由层次相似性分析器(HSA)组成,该分析器为获得的相似性生成的每个属性分配安全级别。通过NIST (National Institute of Standards and Technology)开发的访问控制策略测试(ACPT)对框架进行验证。
An access control framework for secured sharing of electronic health records using hierarchy similarity analyser
Sharing relevant and authorised health data referred as electronic health records (EHRs) among interoperable e-health environments requires identification and mitigation of security gaps accruing out of these collaborations. Ensuring confidentiality and availability of EHR during transit requires a standard access control framework that can efficiently and securely realise collaborations. Disparity in access policies often result in policy conflicts and rule redundancy. The framework must encompass heterogeneity of workflow and frequently changing demands of health professionals and resolves policy conflicts and reduces rule-redundancy. This paper proposes a framework and its verification for integrating access control policies based on similarities between user and resource hierarchies of healthcare units. The framework comprises of a hierarchical similarity analyser (HSA) that assign a security level to each attribute generated on the similarities obtained. The verification of the framework is performed through access control policy testing (ACPT) developed by National Institute of Standards and Technology (NIST).
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
