Title :
An Enhanced Role-Based Access Control Mechanism for Hospital Information Systems
Author :
He, Chen-Guang ; Cao, Cun-Zhang ; Bao, Shu-Di
Author_Institution :
Shenzhen Inst. of Adv. Technol., Shenzhen, China
Abstract :
This paper describes the security of hospital information system with particular requirements on electric patient record format and application scenarios, and proposes an enhanced role-based access control (ERBAC) mechanism based on the principle of fine granularity through decomposing the access privilege of sources to finer granularities. Through the study on the social relationships of the individual identity, a formal definition of ERBAC is detailed with implementation of a practical access control policy extended from the core RBAC. The object of each session shall be finer granularity so that the subjects can be accessed using more flexible privileges according to different contexts of environment under this policy.
Keywords :
authorisation; medical information systems; ERBAC mechanism; electronic patient record format; enhanced role-based access control mechanism; fine granularity principle; hospital information system; source access privilege decomposition; Access control; Hospitals; Information systems; Medical diagnostic imaging; HIS; access control; enhanced RBAC; finer granularity;
Conference_Titel :
Computational Intelligence and Security (CIS), 2011 Seventh International Conference on
Conference_Location :
Hainan
Print_ISBN :
978-1-4577-2008-6
DOI :
10.1109/CIS.2011.224
