Towards enforcement of purpose for privacy policy in distributed healthcare

Thavy Mony Annanda Rath, Jean-Noël Colin

Research output: Contribution in Book/Catalog/Report/Conference proceedingConference contribution

111 Downloads (Pure)

Abstract

Purpose of access is one of the core concepts in privacy which considers the data user's intent as a factor in making access control decisions and enforcement of purpose is required to ensure that data is used as what it intends for. In general, the enforcement of purpose is a complicated task. The main difficulty is how to identify the purpose of an agent when it requests to perform an action. In this paper, we discuss the design issue of purpose enforcement based on our proposed (defined) enforcement structure: pre-enforcement, ongoing-enforcement, and post-enforcement. We also propose an enforcement solution for usage control designed for distributed healthcare information system, particularly, the pre-enforcement of purpose (the validation of claimed purpose at the initial state before data is granted access).

Original languageEnglish
Title of host publication2013 IEEE 10th Consumer Communications and Networking Conference, CCNC 2013
Pages881-886
Number of pages6
DOIs
Publication statusPublished - 15 Apr 2013
Event2013 IEEE 10th Consumer Communications and Networking Conference, CCNC 2013 - Las Vegas, United States
Duration: 11 Jan 201314 Jan 2013

Conference

Conference2013 IEEE 10th Consumer Communications and Networking Conference, CCNC 2013
Country/TerritoryUnited States
CityLas Vegas
Period11/01/1314/01/13

Keywords

  • distributed healthcare
  • privacy
  • purpose enforcement
  • security

Fingerprint

Dive into the research topics of 'Towards enforcement of purpose for privacy policy in distributed healthcare'. Together they form a unique fingerprint.

Cite this