ITM Web Conf.
Volume 12, 2017The 4th Annual International Conference on Information Technology and Applications (ITA 2017)
|Number of page(s)||6|
|Section||Session 3: Computer|
|Published online||05 September 2017|
Application of Privacy-aware Role-based Access Control Model in IHE-XDS
School of Computer Engineering and Science, Shanghai University, Shanghai, China
Integrating the Healthcare Enterprise (IHE)’s Cross-Enterprise Document Sharing (XDS) profile is an open standards-based architecture specification for EHR systems. In EHR systems, it is necessary to provide a mechanism for access control to protect security and privacy of patient data. On the basis of related studies, this paper addresses the issue of access control and privacy protection of privacy data in XDS-based EHR systems, aiming to identify a suitable, privacy-aware role-based access control model based on specific access requirements for IHE-XDS. Privacy-aware role-based access control model is an extension model of RBAC model. It not just has the benefits of RBAC, but additionally adds restrictions on the permission assignment for the roles by using the purpose enforcement and privacy-aware access control enforcement. The proposed model could further protect privacy data, while decreasing the complexity of the role assignment.
© The Authors, published by EDP Sciences, 2017
This is an Open Access article distributed under the terms of the Creative Commons Attribution License 4.0, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.