Abstract
We previously developed an enhanced Role-Based Access Control (RBAC) model to support information access management in the context of team collaboration and workflow. We report in this paper a generic system framework to implement the enhanced RBAC with three functional layers: (1) encoding of access control policies; (2) interpretation of the encoded policies; and (3) application of policies to specific cases and scenarios for information access management. Based on this system framework, we have successfully applied the enhanced RBAC model to the New York State HIV Clinical Education Initiative (CEI) for coordination of clinical education programs. An evaluation has shown that the enhanced RBAC can be effectively used for information access management in collaborative processes. Future work includes extension of this system framework to support the continuous development of the enhanced RBAC and deployment of it to other domain applications for clinical education, biomedical research, and patient care.
Original language | English (US) |
---|---|
State | Published - 2012 |
Externally published | Yes |
Event | 3rd USENIX Workshop on Health Security and Privacy, HealthSec 2012, co-located with the 21st USENIX Security Symposium - Bellevue, United States Duration: Aug 6 2012 → Aug 7 2012 |
Conference
Conference | 3rd USENIX Workshop on Health Security and Privacy, HealthSec 2012, co-located with the 21st USENIX Security Symposium |
---|---|
Country/Territory | United States |
City | Bellevue |
Period | 8/6/12 → 8/7/12 |
Keywords
- Access control
- Computation model
- Computer supported cooperative work
- Information management
- Medical education
- Workflow
ASJC Scopus subject areas
- Computer Networks and Communications
- Information Systems
- Safety, Risk, Reliability and Quality
- Health Informatics
- Health Policy