Sciweavers

ENTCS
2007

Audit-Based Access Control for Electronic Health Records

13 years 11 months ago
Audit-Based Access Control for Electronic Health Records
Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e. before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori access control. In this paper we show how the framework can be used in a practical scenario. In particular, we work out the example of an Electronic Health Record (EHR) system, we outline the full architecture needed for audit-based access control and we discuss the requirements and limitations of this approach concerning the underlying infrastructure and its users.
M. A. C. Dekker, Sandro Etalle
Added 13 Dec 2010
Updated 13 Dec 2010
Type Journal
Year 2007
Where ENTCS
Authors M. A. C. Dekker, Sandro Etalle
Comments (0)