2nd International ICST Conference on Pervasive Computing Technologies for Healthcare

Research Article

Multi-domain and Privacy-aware Role Based Access Control in eHealth

Download430 downloads
  • @INPROCEEDINGS{10.4108/ICST.PERVASIVEHEALTH2008.2504,
        author={Lorenzo D. Martino and Qun Ni and Dan Lin and Elisa Bertino},
        title={Multi-domain and Privacy-aware Role Based Access Control in eHealth},
        proceedings={2nd International ICST Conference on Pervasive Computing Technologies for Healthcare},
        publisher={IEEE},
        proceedings_a={PERVASIVEHEALTH},
        year={2008},
        month={7},
        keywords={Privacy Multi-Domain P-RBAC Data Profile.},
        doi={10.4108/ICST.PERVASIVEHEALTH2008.2504}
    }
    
  • Lorenzo D. Martino
    Qun Ni
    Dan Lin
    Elisa Bertino
    Year: 2008
    Multi-domain and Privacy-aware Role Based Access Control in eHealth
    PERVASIVEHEALTH
    ICST
    DOI: 10.4108/ICST.PERVASIVEHEALTH2008.2504
Lorenzo D. Martino1,*, Qun Ni2,*, Dan Lin2,*, Elisa Bertino2,*
  • 1: Comp & Info Tech, Purdue University, USA.
  • 2: Computer Science, Purdue University, USA.
*Contact email: lmartino@purdue.edu, ni@cs.purdue.edu, lindan@cs.purdue.edu, bertino@cs.purdue.edu

Abstract

Information Technology-supported Heathcare (eHealth) is crucial in order to reduce healthcare costs, and improve quality of care and patient safety. Among technologies in eHealth, Electronic Medical/Health Records (EMR/EHR) enabling communication of patient data between different healthcare professionals (e.g. specialists, pharmacy), is the most important and sensitive. There are three crucial requirements when accessing EMRs: such access must be both secure and privacy preserving; such access must be allowed to individuals from different organizations; such access should be confined based on meta information about the EMRs. In this paper, we propose a multi-domain privacy-aware role based access control meeting these requirements.