Christos Ilioudis, Dimitrios Baltatzis, George Pangalos, Christos Georgiadis



Grid technologies promise to change the way that health organizations tackle complex problems by offering unprecedented opportunities for resource sharing and collaboration. Healthgrids are Grid infrastructures comprising applications, services or middleware components that deal with the specific problems arising in the processing of biomedical data. Resources in Healthgrids are databases, computing power, medical expertise and even medical devices. Securing this new environment in Health organizations is a major issue today. Security considerations and more specifically authorization decisions is a critical problem. Personal data is confidential, so access to the information must be restricted to authorized and authenticated persons. Furthermore data must be protected to guarantee its confidentiality and integrity. This work provides a suitable authorization mechanism that facilitates the usage of grid and agent technology in HealthGrid environments. More specifically, our approach applies the RBAC access control model for dynamically assigning security roles to visiting agents on hosts of the HealthGrid environment. Our methodology proposes a flexible role decomposition method, which facilitates the role assignment process. The role decomposition relies on a set of common Attribute Fields, shared between Grid’s hosts, filled with Attribute values that every host evaluates according to its security goals. In any case, every host participating in the grid retains its security policy without altering or compromising its security policy in order to participate in the agent exchange process. The proposed process and the related assignment algorithms have been experimentally implemented and applied in a typical health environment. The results have shown that the proposed framework is applicable and implementable, and can be applied successfully in real life health care environments.


  1. Al-Kahtani, R.Sandhu, 2002 A model for Attribute-Based User-Role Assignment. Proceedings of the 18th Annual Computer Security Applications Conference, Las Vegas.
  2. Chadwick, Otenko, 2002. “The PERMIS X.509 Role Based Privilege Management Infrastructure”, Proceedings of the seventh ACM symposium on Access control models and technologies SACMAT 2002, Monterey, California, USA
  3. Ferraiolo, Sandhu, Gavrila, Kuhn, Chandramouli: 2001 Proposed NIST standard for role-based access control. TISSEC 4(3): 224-274.
  4. Foster I, Jennings N, Kesselman C, Brain Meets Brawn: 2004 Why grid and Agents Need Each other, AAMAS'04, NY, ACM.
  5. Herveg, J., Crazzolara, F., Middleton, S. E., Marvin, D. J. and Poullet, Y. 2004, “GEMSS: Privacy and security for a Medical Grid”. In Proceedings of HealthGRID 2004, Clermont-Ferrand, France.
  6. Jennings, N., 2001.An agent-based approach for building complex software systems. Communications of the ACM, 44(4). 35-41.
  7. Lorch, B.Cowles, R.Baker, L,Gommans, P.Madsen, A.McNab, L. Ramakrishnan, K.Sankar, D.Skow, M. Thomson, 2004 Conceptual Grid Authorization Framework and Classification, Global Grid Forum, ..
  8. OASIS 2003, Security Services Technical Committee XAMCL, extendible access control markup language (XACML) committee specification 1.0.
  9. SAML 2003 Security Services Technical Committee, Assertions and protocol for the oasis security assertion markup language (SAML), OASIS .
  10. Scott Richard., Jennett Penny, Yeo Maryann, 2004, Access and authorisation in a Glocal e-Health Policy context, International Journal of Medical Informatics Elsevier (2004) 73, 259-266
  11. Siebenlist, V. Welch, S. Tuecke, I. Foster, N. Nagaratnam, P. Janson, J. Dayka, A. Nadalin, 2002, OGSA security roadmap, Open Grid Services Architecture Group.
  12. Simpson Andrew, Power David, Slaymaker Mark, 2006, On tracker attacks in health grids, SAC'06 April 2006, Dijon, France
  13. Welch, F. Siebenlist, I. Foster, J. Bresnahan, K. Czajkowski, J. Gawor, C. Kesselman, S. Meder, L. Pearlman, S. Tuecke, 2003. Security for Grid Services. Twelfth International Symposium on High Performance Distributed Computing (HPDC-12), IEEE Press

Paper Citation

in Harvard Style

Ilioudis C., Baltatzis D., Pangalos G. and Georgiadis C. (2007). SECURING HEALTHGRID ENVIRONMENTS . In Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007) ISBN 978-989-8111-12-8, pages 394-401. DOI: 10.5220/0002123203940401

in Bibtex Style

author={Christos Ilioudis and Dimitrios Baltatzis and George Pangalos and Christos Georgiadis},
booktitle={Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)},

in EndNote Style

JO - Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)
SN - 978-989-8111-12-8
AU - Ilioudis C.
AU - Baltatzis D.
AU - Pangalos G.
AU - Georgiadis C.
PY - 2007
SP - 394
EP - 401
DO - 10.5220/0002123203940401