Audit-Based Access Control for Electronic Health Records

Share/Save/Bookmark

Dekker, M.A.C. and Etalle, S. (2006) Audit-Based Access Control for Electronic Health Records. In: Proceedings of the Second International Workshop on Views on Designing Complex Architectures (VODCA), 16-17 Sept 2006, Bertinoro, Italy.

[img]PDF
Restricted to UT campus only
: Request a copy
326Kb
Abstract:Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e.before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori access control. In this paper we show how the framework can be used in a practical scenario. In particular, we work out the example of an Electronic Health Record (EHR) system, we outline the full architecture needed for audit-based access control and we discuss the requirements and limitations of this approach concerning the underlying infrastructure and its users.
Item Type:Conference or Workshop Item
Faculty:
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:http://purl.utwente.nl/publications/63193
Official URL:http://dx.doi.org/10.1016/j.entcs.2006.08.028
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page

Metis ID: 237436