Combining Task- and Role-Based Access Control with Multi-Constraints for a Medical Workflow System

Author

Mallare, Ivy Joy G. ; Pancho-Festin, S.

Author_Institution

Coll. of Eng., Dept. of Comput. Sci., Comput. Security Group, Univ. of the Philippines, Diliman, Philippines

fYear

2013

fDate

16-18 Dec. 2013

Firstpage

1

Lastpage

4

Abstract

We investigate the effects of combining Task and Role-based access control models for a medical workflow system. Although Role-based Access Control (RBAC) models provide a generalized approach to access control, it cannot cope with the growing complexity of modern health care systems that require dynamic authorizations. Task-based Access Control (TBAC ) can help address the need for dynamic authorizations but TBAC alone cannot address healthcare access control requirements. Roles and tasks together can form a much flexible access control than roles or tasks alone. We studied the integration of TBAC and RBAC for a workflow system. Moreover, we applied multiple constraints on users, roles, and tasks.

Keywords

authorisation; health care; RBAC models; TBAC; dynamic authorizations; flexible access control; healthcare access control; medical workflow system; modern health care systems; multiconstraints; multiple constraints; role-based access control; task-based access control; Authorization; Computational modeling; Medical diagnostic imaging; Medical services; Permission;

fLanguage

English

Publisher

ieee

Conference_Titel

IT Convergence and Security (ICITCS), 2013 International Conference on

Conference_Location

Macao

Type

conf

DOI

10.1109/ICITCS.2013.6717814

Filename

6717814