Audit-Based Access Control for Electronic Health Records

13 years 11 months ago

Download wwwhome.cs.utwente.nl

Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e. before granting a request for a document. There are scenarios however where the security decision can not be made on the ﬂy. For these settings we developed a language and a framework for a-posteriori access control. In this paper we show how the framework can be used in a practical scenario. In particular, we work out the example of an Electronic Health Record (EHR) system, we outline the full architecture needed for audit-based access control and we discuss the requirements and limitations of this approach concerning the underlying infrastructure and its users.

M. A. C. Dekker, Sandro Etalle

Real-time Traffic

A-posteriori Access Control | Access Control | ENTCS 2007 | Traditional Access Control |

claim paper

Post Info
More Details (n/a)

Added	13 Dec 2010
Updated	13 Dec 2010
Type	Journal
Year	2007
Where	ENTCS
Authors	M. A. C. Dekker, Sandro Etalle

Comments (0)

Sciweavers

Audit-Based Access Control for Electronic Health Records

A-posteriori Access Control | Access Control | ENTCS 2007 | Traditional Access Control |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers