e-Infrastructure and e-Services for Developing Countries. 10th EAI International Conference, AFRICOMM 2018, Dakar, Senegal, November 29-30, 2019, Proceedings

Research Article

Access Control Model Based on Dynamic Delegations and Privacy in a Health System of Connected Objects

Download
125 downloads
  • @INPROCEEDINGS{10.1007/978-3-030-16042-5_11,
        author={Jeanne Ngo Bilong and K\^{e}ba Gueye and Gervais Mendy and Samuel Ouya},
        title={Access Control Model Based on Dynamic Delegations and Privacy in a Health System of Connected Objects},
        proceedings={e-Infrastructure and e-Services for Developing Countries. 10th EAI International Conference, AFRICOMM 2018, Dakar, Senegal, November 29-30, 2019, Proceedings},
        proceedings_a={AFRICOMM},
        year={2019},
        month={3},
        keywords={Access control Delegation IoT E-health},
        doi={10.1007/978-3-030-16042-5_11}
    }
    
  • Jeanne Ngo Bilong
    Kéba Gueye
    Gervais Mendy
    Samuel Ouya
    Year: 2019
    Access Control Model Based on Dynamic Delegations and Privacy in a Health System of Connected Objects
    AFRICOMM
    Springer
    DOI: 10.1007/978-3-030-16042-5_11
Jeanne Ngo Bilong1,*, Kéba Gueye1,*, Gervais Mendy1,*, Samuel Ouya1,*
  • 1: University of Dakar
*Contact email: jeanneroux.ngobilong@ucad.edu.sn, keba.gueye@esp.sn, gervais.mendy@ucad.edu.sn, samuel.ouya@gmail.com

Abstract

The Internet of Things (IoT) promotes the development of new platforms, services and applications that connect the physical world to the virtual world. Defining access control policies for these platforms remains a challenge for researchers, as security gaps are still observed in several domains, including health. There are much scientific work on systems for remote patient monitoring and most of them have technological limits in access control of patients’ personal and confidential information. Moreover, these systems do not allow collaborative work because the doctor, in case of unavailability or in case of need of collegial decision, cannot delegate his role to another doctor having the same skills and the same attributes as him. In this paper, we propose a model based on dynamic role delegation, emphasizing on collaborative work and the protection of patients’ privacy. This model is a redefinition of the ORBAC model taking into account the notion of user attributes. We use first order logic and non-monotonic logic T-JCLASSICε to perform an axiomatic interpretation of the model. We implement the model with WebRTC, Node.js and Kurento Media Server technologies to facilitate real-time communication between users, and raspberry pi for collecting biometric information received from sensors.