A purpose model and policy enforcement engine for usage control in distributed healthcare information system

Thavy Mony Annanda Rath; Jean-Noël Colin

A purpose model and policy enforcement engine for usage control in distributed healthcare information system

Thavy Mony Annanda Rath, Jean-Noël Colin

Research output: Contribution in Book/Catalog/Report/Conference proceeding › Conference contribution

117 Downloads (Pure)

Abstract

This paper addresses two issues: the purpose model designed for distributed healthcare and the purpose-based usage policy enforcement engine based on our purpose-based UCON (the extended UCON model). UCON has been proposed and applied to support security requirements in different computing environments such as resources sharing in collaborative computing systems and data control in remote users or platforms, but apparently absent in its core model is "purpose", which is important for formulating a more sound privacy sensitive policy. In this paper, by observing a lack of comprehensive enforcement mechanism for purpose, we extend the UCON core model to explicitly support purpose expression and then propose a usage purpose enforcement engine, particularly for ongoing-enforcement, applied in distributed healthcare information system.

Original language	English
Title of host publication	HEALTHINF 2013 - Proceedings of the International Conference on Health Informatics
Pages	174-180
Number of pages	7
Publication status	Published - 27 May 2013
Event	International Conference on Health Informatics, HEALTHINF 2013 - Barcelona, Spain Duration: 11 Feb 2013 → 14 Feb 2013

Conference

Conference	International Conference on Health Informatics, HEALTHINF 2013
Country/Territory	Spain
City	Barcelona
Period	11/02/13 → 14/02/13

Keywords

E-health
Policy enforcement engine
Purpose
UCON (Usage CONtrol)

Access to Document

Purpose model and policy enforcement engine for purpose Submitted manuscript, 183 KB

Cite this

@inproceedings{486c1a91759448f695f457f6912002da,

title = "A purpose model and policy enforcement engine for usage control in distributed healthcare information system",

abstract = "This paper addresses two issues: the purpose model designed for distributed healthcare and the purpose-based usage policy enforcement engine based on our purpose-based UCON (the extended UCON model). UCON has been proposed and applied to support security requirements in different computing environments such as resources sharing in collaborative computing systems and data control in remote users or platforms, but apparently absent in its core model is {"}purpose{"}, which is important for formulating a more sound privacy sensitive policy. In this paper, by observing a lack of comprehensive enforcement mechanism for purpose, we extend the UCON core model to explicitly support purpose expression and then propose a usage purpose enforcement engine, particularly for ongoing-enforcement, applied in distributed healthcare information system.",

keywords = "E-health, Policy enforcement engine, Purpose, UCON (Usage CONtrol)",

author = "Rath, {Thavy Mony Annanda} and Jean-No{\"e}l Colin",

year = "2013",

month = may,

day = "27",

language = "English",

isbn = "9789898565372",

pages = "174--180",

booktitle = "HEALTHINF 2013 - Proceedings of the International Conference on Health Informatics",

note = "International Conference on Health Informatics, HEALTHINF 2013 ; Conference date: 11-02-2013 Through 14-02-2013",

}

TY - GEN

T1 - A purpose model and policy enforcement engine for usage control in distributed healthcare information system

AU - Rath, Thavy Mony Annanda

AU - Colin, Jean-Noël

PY - 2013/5/27

Y1 - 2013/5/27

N2 - This paper addresses two issues: the purpose model designed for distributed healthcare and the purpose-based usage policy enforcement engine based on our purpose-based UCON (the extended UCON model). UCON has been proposed and applied to support security requirements in different computing environments such as resources sharing in collaborative computing systems and data control in remote users or platforms, but apparently absent in its core model is "purpose", which is important for formulating a more sound privacy sensitive policy. In this paper, by observing a lack of comprehensive enforcement mechanism for purpose, we extend the UCON core model to explicitly support purpose expression and then propose a usage purpose enforcement engine, particularly for ongoing-enforcement, applied in distributed healthcare information system.

AB - This paper addresses two issues: the purpose model designed for distributed healthcare and the purpose-based usage policy enforcement engine based on our purpose-based UCON (the extended UCON model). UCON has been proposed and applied to support security requirements in different computing environments such as resources sharing in collaborative computing systems and data control in remote users or platforms, but apparently absent in its core model is "purpose", which is important for formulating a more sound privacy sensitive policy. In this paper, by observing a lack of comprehensive enforcement mechanism for purpose, we extend the UCON core model to explicitly support purpose expression and then propose a usage purpose enforcement engine, particularly for ongoing-enforcement, applied in distributed healthcare information system.

KW - E-health

KW - Policy enforcement engine

KW - Purpose

KW - UCON (Usage CONtrol)

UR - http://www.scopus.com/inward/record.url?scp=84877990320&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84877990320

SN - 9789898565372

SP - 174

EP - 180

BT - HEALTHINF 2013 - Proceedings of the International Conference on Health Informatics

T2 - International Conference on Health Informatics, HEALTHINF 2013

Y2 - 11 February 2013 through 14 February 2013

ER -

A purpose model and policy enforcement engine for usage control in distributed healthcare information system

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this