Managing access control in collaborative processes for healthcare applications

Xuan Hung Le, Dongwen Wang

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

Team-based patient care, biomedical research, and clinical education require coordinated access of relevant information in specific contexts of workflow and collaboration. Research on methodology development to manage information access in collaborative processes therefore is essential to build successful healthcare applications. In this chapter, we first survey the existing research on access control to support team collaboration and workflow management. We then introduce an illustrative example, New York State HIV Clinical Education Initiative (CEI), as a domain application requiring complex information access in the combined contexts of workflow and team collaboration. To address the specific challenges in access control for CEI, we present a series of studies on model development, system implementation, and effectiveness evaluation. Specifically, we describe the enhancement of the Role-Based Access Control (RBAC) model through formulating universal constraints, defining bridging entities and contributing attributes, extending access permissions to include workflow contexts, synthesizing a rolebased access delegation model to target on specific objects, and developing domain ontologies as instantiations of the general model to particular applications.We illustrate the development of a generic system framework to implement the enhanced RBAC model, with three functional layers: encoding of access control policies, interpretation of these policies, and application of the policies to specific scenarios for information access management. We present an evaluation study to assess the effectiveness of the enhanced RBAC model when applied to CEI, with quantitative measures on degree of agreement with a control system as well as sensitivity, specificity, and accuracy based on a gold-standard. We close this chapter with discussions, future works, and some conclusion remarks.

Original languageEnglish (US)
Title of host publicationMedical Data Privacy Handbook
PublisherSpringer International Publishing
Pages313-359
Number of pages47
ISBN (Print)9783319236339, 9783319236322
DOIs
StatePublished - Jan 1 2015
Externally publishedYes

Fingerprint

Workflow
Access control
Delivery of Health Care
Education
Information Management
Access to Information
Patient Care Team
Gold
Biomedical Research
Research Design
HIV
Sensitivity and Specificity
Ontology
Research
Control systems

ASJC Scopus subject areas

  • Computer Science(all)
  • Medicine(all)

Cite this

Le, X. H., & Wang, D. (2015). Managing access control in collaborative processes for healthcare applications. In Medical Data Privacy Handbook (pp. 313-359). Springer International Publishing. https://doi.org/10.1007/978-3-319-23633-9_13

Managing access control in collaborative processes for healthcare applications. / Le, Xuan Hung; Wang, Dongwen.

Medical Data Privacy Handbook. Springer International Publishing, 2015. p. 313-359.

Research output: Chapter in Book/Report/Conference proceedingChapter

Le, XH & Wang, D 2015, Managing access control in collaborative processes for healthcare applications. in Medical Data Privacy Handbook. Springer International Publishing, pp. 313-359. https://doi.org/10.1007/978-3-319-23633-9_13
Le XH, Wang D. Managing access control in collaborative processes for healthcare applications. In Medical Data Privacy Handbook. Springer International Publishing. 2015. p. 313-359 https://doi.org/10.1007/978-3-319-23633-9_13
Le, Xuan Hung ; Wang, Dongwen. / Managing access control in collaborative processes for healthcare applications. Medical Data Privacy Handbook. Springer International Publishing, 2015. pp. 313-359
@inbook{7e99535c4e064ea3ad9718dd193ebd34,
title = "Managing access control in collaborative processes for healthcare applications",
abstract = "Team-based patient care, biomedical research, and clinical education require coordinated access of relevant information in specific contexts of workflow and collaboration. Research on methodology development to manage information access in collaborative processes therefore is essential to build successful healthcare applications. In this chapter, we first survey the existing research on access control to support team collaboration and workflow management. We then introduce an illustrative example, New York State HIV Clinical Education Initiative (CEI), as a domain application requiring complex information access in the combined contexts of workflow and team collaboration. To address the specific challenges in access control for CEI, we present a series of studies on model development, system implementation, and effectiveness evaluation. Specifically, we describe the enhancement of the Role-Based Access Control (RBAC) model through formulating universal constraints, defining bridging entities and contributing attributes, extending access permissions to include workflow contexts, synthesizing a rolebased access delegation model to target on specific objects, and developing domain ontologies as instantiations of the general model to particular applications.We illustrate the development of a generic system framework to implement the enhanced RBAC model, with three functional layers: encoding of access control policies, interpretation of these policies, and application of the policies to specific scenarios for information access management. We present an evaluation study to assess the effectiveness of the enhanced RBAC model when applied to CEI, with quantitative measures on degree of agreement with a control system as well as sensitivity, specificity, and accuracy based on a gold-standard. We close this chapter with discussions, future works, and some conclusion remarks.",
author = "Le, {Xuan Hung} and Dongwen Wang",
year = "2015",
month = "1",
day = "1",
doi = "10.1007/978-3-319-23633-9_13",
language = "English (US)",
isbn = "9783319236339",
pages = "313--359",
booktitle = "Medical Data Privacy Handbook",
publisher = "Springer International Publishing",

}

TY - CHAP

T1 - Managing access control in collaborative processes for healthcare applications

AU - Le, Xuan Hung

AU - Wang, Dongwen

PY - 2015/1/1

Y1 - 2015/1/1

N2 - Team-based patient care, biomedical research, and clinical education require coordinated access of relevant information in specific contexts of workflow and collaboration. Research on methodology development to manage information access in collaborative processes therefore is essential to build successful healthcare applications. In this chapter, we first survey the existing research on access control to support team collaboration and workflow management. We then introduce an illustrative example, New York State HIV Clinical Education Initiative (CEI), as a domain application requiring complex information access in the combined contexts of workflow and team collaboration. To address the specific challenges in access control for CEI, we present a series of studies on model development, system implementation, and effectiveness evaluation. Specifically, we describe the enhancement of the Role-Based Access Control (RBAC) model through formulating universal constraints, defining bridging entities and contributing attributes, extending access permissions to include workflow contexts, synthesizing a rolebased access delegation model to target on specific objects, and developing domain ontologies as instantiations of the general model to particular applications.We illustrate the development of a generic system framework to implement the enhanced RBAC model, with three functional layers: encoding of access control policies, interpretation of these policies, and application of the policies to specific scenarios for information access management. We present an evaluation study to assess the effectiveness of the enhanced RBAC model when applied to CEI, with quantitative measures on degree of agreement with a control system as well as sensitivity, specificity, and accuracy based on a gold-standard. We close this chapter with discussions, future works, and some conclusion remarks.

AB - Team-based patient care, biomedical research, and clinical education require coordinated access of relevant information in specific contexts of workflow and collaboration. Research on methodology development to manage information access in collaborative processes therefore is essential to build successful healthcare applications. In this chapter, we first survey the existing research on access control to support team collaboration and workflow management. We then introduce an illustrative example, New York State HIV Clinical Education Initiative (CEI), as a domain application requiring complex information access in the combined contexts of workflow and team collaboration. To address the specific challenges in access control for CEI, we present a series of studies on model development, system implementation, and effectiveness evaluation. Specifically, we describe the enhancement of the Role-Based Access Control (RBAC) model through formulating universal constraints, defining bridging entities and contributing attributes, extending access permissions to include workflow contexts, synthesizing a rolebased access delegation model to target on specific objects, and developing domain ontologies as instantiations of the general model to particular applications.We illustrate the development of a generic system framework to implement the enhanced RBAC model, with three functional layers: encoding of access control policies, interpretation of these policies, and application of the policies to specific scenarios for information access management. We present an evaluation study to assess the effectiveness of the enhanced RBAC model when applied to CEI, with quantitative measures on degree of agreement with a control system as well as sensitivity, specificity, and accuracy based on a gold-standard. We close this chapter with discussions, future works, and some conclusion remarks.

UR - http://www.scopus.com/inward/record.url?scp=84957000888&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84957000888&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-23633-9_13

DO - 10.1007/978-3-319-23633-9_13

M3 - Chapter

AN - SCOPUS:84957000888

SN - 9783319236339

SN - 9783319236322

SP - 313

EP - 359

BT - Medical Data Privacy Handbook

PB - Springer International Publishing

ER -