loading
Documents

Research.Publish.Connect.

Paper

Authors: Mohamed Abomhara ; Geir M. Køien ; Vladimir A. Oleshchuk and Mohamed Hamid

Affiliation: University of Agder, Norway

ISBN: 978-989-758-282-0

Keyword(s): Access Control, Healthcare Information Sharing, Electronic Health Records, Security, Privacy, Risk Assessment, Risk Management.

Abstract: Access control models play an important role in the response to insider threats such as misuse and unauthorized disclosure of the electronic health records (EHRs). In our previous work in the area of access control, we proposed a work-based access control (WBAC) model that strikes a balance between collaboration and safeguarding sensitive patient information. In this study, we propose a framework for risk assessment that extend the WBAC model by incorporating a risk assessment process, and the trust the system has on its users. Our framework determines the risk associated with access requests (user’s trust level and requested object’s security level) and weighting such risk against the risk appetite and risk threshold of situational conditions. Specifically, an access request will be permitted if the risk threshold outweighs the risk of granting access to information, otherwise it will be denied.

PDF ImageFull Text

Download
Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.235.48.106

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Abomhara M., M. Køien G., Oleshchuk V. and Hamid M. (2018). Towards Risk-aware Access Control Framework for Healthcare Information Sharing.In Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-282-0, pages 312-321. DOI: 10.5220/0006608103120321

@conference{icissp18,
author={Mohamed Abomhara and Geir M. Køien and Vladimir A. Oleshchuk and Mohamed Hamid},
title={Towards Risk-aware Access Control Framework for Healthcare Information Sharing},
booktitle={Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2018},
pages={312-321},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006608103120321},
isbn={978-989-758-282-0},
}

TY - CONF

JO - Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Towards Risk-aware Access Control Framework for Healthcare Information Sharing
SN - 978-989-758-282-0
AU - Abomhara M.
AU - M. Køien G.
AU - Oleshchuk V.
AU - Hamid M.
PY - 2018
SP - 312
EP - 321
DO - 10.5220/0006608103120321

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.