Application of Privacy-aware Role-based Access Control Model in IHE-XDS

Dauletbek Daniya; Yuan Shi-Zhong

doi:10.1051/itmconf/20171203038

ITM Web of Conferences (Jan 2017)

Application of Privacy-aware Role-based Access Control Model in IHE-XDS

Dauletbek Daniya,
Yuan Shi-Zhong

Affiliations

Dauletbek Daniya
Yuan Shi-Zhong

DOI: https://doi.org/10.1051/itmconf/20171203038
Journal volume & issue: Vol. 12
p. 03038

Abstract

Read online

Integrating the Healthcare Enterprise (IHE)’s Cross-Enterprise Document Sharing (XDS) profile is an open standards-based architecture specification for EHR systems. In EHR systems, it is necessary to provide a mechanism for access control to protect security and privacy of patient data. On the basis of related studies, this paper addresses the issue of access control and privacy protection of privacy data in XDS-based EHR systems, aiming to identify a suitable, privacy-aware role-based access control model based on specific access requirements for IHE-XDS. Privacy-aware role-based access control model is an extension model of RBAC model. It not just has the benefits of RBAC, but additionally adds restrictions on the permission assignment for the roles by using the purpose enforcement and privacy-aware access control enforcement. The proposed model could further protect privacy data, while decreasing the complexity of the role assignment.

Published in ITM Web of Conferences

ISSN: 2271-2097 (Online)
Publisher: EDP Sciences
Country of publisher: France
LCC subjects: Technology: Technology (General): Industrial engineering. Management engineering: Information technology
Website: http://www.itm-conferences.org/

About the journal