Formal specification of role-based security policies for clinical information systems

Karsten Sohr, Michael Drouineaud, Gail-Joon Ahn

Research output: Chapter in Book/Report/Conference proceedingConference contribution

18 Scopus citations

Abstract

Many healthcare organizations have transited from their old and disparate business models based on ink and paper to a new, consolidated ones based on electronic patient records. There are significant demands on secure mechanisms for collaboration and data sharing among clinicians, patients and researchers through clinical information systems. In order to fulfil the high demands of data protection in such systems, we believe that access control policies play an important role to reduce the risks to confidentiality, integrity, and availability of medical data. In this paper, we attempt to formally specify access control policies in clinical information systems which are highly dynamic and complex environments. We leverage characteristics of temporal linear first-order logic to cope with dynamic access control policies in clinical information systems.

Original languageEnglish (US)
Title of host publicationProceedings of the ACM Symposium on Applied Computing
Pages332-339
Number of pages8
Volume1
DOIs
StatePublished - 2005
Externally publishedYes
Event20th Annual ACM Symposium on Applied Computing - Santa Fe, NM, United States
Duration: Mar 13 2005Mar 17 2005

Other

Other20th Annual ACM Symposium on Applied Computing
CountryUnited States
CitySanta Fe, NM
Period3/13/053/17/05

Keywords

  • Authorisation constraints
  • Healthcare environments
  • LTL

ASJC Scopus subject areas

  • Computer Science(all)

Fingerprint Dive into the research topics of 'Formal specification of role-based security policies for clinical information systems'. Together they form a unique fingerprint.

  • Cite this

    Sohr, K., Drouineaud, M., & Ahn, G-J. (2005). Formal specification of role-based security policies for clinical information systems. In Proceedings of the ACM Symposium on Applied Computing (Vol. 1, pp. 332-339) https://doi.org/10.1145/1066677.1066756