Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSW
2004
2004
A Case Study in Access Control Requirements for a Health Information System
We present a detailed examination of the access constraints for a small real-world Health Information System with the aim of achieving minimal access rights for each of the involved principals. We show that, even for such a relatively simple system, the resulting constraints are very complex and cannot be expressed easily or clearly using the static per-method access control lists generally supported by component-based software. We derive general requirements for the expressiveness of access constraints and propose criteria for a more suitable access control mechanism in the context of componentbased systems. We describe a two-level mechanism which can fulfil these criteria.
Real-time Traffic| Added | 30 Oct 2010 |
| Updated | 30 Oct 2010 |
| Type | Conference |
| Year | 2004 |
| Where | ACSW |
| Authors | Mark Evered, Serge Bögeholz |
Comments (0)
Researcher Info
|
