On the Need for Federated Authorization in Cross-organizational e-Health Platforms

Maarten Decat, Dimitri Van Landuyt, Bert Lagaisse, Wouter Joosen

2015

Abstract

Health care is currently witnessing increased specialization as well as a need for integrated care delivery. As a result, care organizations should collaborate and in order to facilitate this, e-health collaboration platforms are being created. Access control is a primary concern for such cross-organizational platforms and efficient access control management is crucial to their adoption. Federated access control is a potential technique to achieve this and our experience in multiple research projects shows that federated authorization is an essential building block for future collaboration platforms. However, this technology still faces open research challenges. This paper wants to spark research on these challenges by motivating the need for federated authorization in the context of a real-world collaborative care platform. Based on this case study, we also discuss the state of the art and present a set of key requirements to realize wide-scale adoption of federated authorization in practice.

References

  1. Chakraborty, S. and Ray, I. (2006). TrustBAC: integrating trust relationships into the RBAC model for access control in open systems. In SACMAT, pages 49-58. ACM.
  2. CloudAuthZ (2013). OASIS (CloudAuthZ) TC | OASIS. open.org/committees/cloudauthz/.
  3. Colombo, M., Lazouski, A., Martinelli, F., and Mori, P. (2010). Access and usage control in grid systems. In Handbook of Information and Communication Security.
  4. Decat, M., Van Landuyt, D., Lagaisse, B., Crispo, B., and Joosen, W. (2013). Federated authorization for software-as-a-service applications. In To be published in the proceedings of DOA-Trusted Cloud'13.
  5. Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, D., and Chandramouli, R. (2001). Proposed NIST standard for rolebased access control. TISSEC, 4(3):224-274.
  6. Freudenthal, E., Pesin, T., Port, L., Keenan, E., and Karamcheti, V. (2002). dRBAC: distributed role-based access control for dynamic coalition environments. In DSS, pages 411-420.
  7. Jin, X., Krishnan, R., and Sandhu, R. (2012). A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC. In Data and Applications Security and Privacy XXVI, pages 41-55. Springer Berlin Heidelberg.
  8. Lischka, M., Endo, Y., and Sánchez Cuenca, M. (2009). Deductive policies with xacml. In Proceedings of the 2009 ACM workshop on Secure web services, pages 37-44. ACM.
  9. OASIS (2013). eXtensible Access Control Markup Language (XACML) Version 3.0.
  10. OCareCloudS (2014). OCareCloudS - Overview projects - iMinds. http://www.iminds.be/en/research/overviewprojects/p/detail/ocareclouds-2.
  11. OpenId (2013). OpenID Authentication 2.0 - Final. http:// openid.net/specs/openid-authentication-2_0.html.
  12. Poortinga-van Wijnen, R., Hulsebosch, B., Reitsma, J., and Wegdam, M. (2010). Federated authorisation and group management in e-science.
  13. PUMA (2014). Permission, User Management and Availability for multi-tenant SaaS applications (PUMA). http://distrinet.cs.kuleuven.be/research/projects/ PUMA.
  14. Samarati, P. and de Vimercati, S. C. (2001). Access control: Policies, models, and mechanisms. In Foundations of Security Analysis and Design, pages 137-196. Springer.
  15. Vitalink (2013). Home | Vitalink. http://www.vitalink.be/.
Download


Paper Citation


in Harvard Style

Decat M., Van Landuyt D., Lagaisse B. and Joosen W. (2015). On the Need for Federated Authorization in Cross-organizational e-Health Platforms . In Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2015) ISBN 978-989-758-068-0, pages 540-545. DOI: 10.5220/0005264905400545


in Bibtex Style

@conference{healthinf15,
author={Maarten Decat and Dimitri Van Landuyt and Bert Lagaisse and Wouter Joosen},
title={On the Need for Federated Authorization in Cross-organizational e-Health Platforms},
booktitle={Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2015)},
year={2015},
pages={540-545},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005264905400545},
isbn={978-989-758-068-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Health Informatics - Volume 1: HEALTHINF, (BIOSTEC 2015)
TI - On the Need for Federated Authorization in Cross-organizational e-Health Platforms
SN - 978-989-758-068-0
AU - Decat M.
AU - Van Landuyt D.
AU - Lagaisse B.
AU - Joosen W.
PY - 2015
SP - 540
EP - 545
DO - 10.5220/0005264905400545