Role-based and time-bound access and management of EHR data

Rui Zhang, Ling Liu, Rui Xue
<span title="2013-06-21">2013</span> <i title="Wiley"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/sdme5pnua5auzcsjgqmqefb66m" style="color: black;">Security and Communication Networks</a> </i> &nbsp;
Security and privacy are widely recognized as important and personalized requirements for access and management of Electric Health Record (EHR) data. Different patients may have different privacy and security policies for their EHR data in different context. In this paper we argue that EHR data needs to be managed with customizable access control in both spatial and temporal dimension. We present a role-based and time-bound access control model (RBTBAC) that provides more flexibility of both
more &raquo; ... es (spatial capability) and temporal capability to control the access of sensitive data from time dimension. Through algorithmic combination of role-based access control and time-bound key management, RBTBAC model has three salient features. First, we have developed a privacy-aware and dynamic key structure for role-based privacy aware access and management of EHR data, focusing on the consistency of access authorization (including data and time interval) with the activated role of user. In addition to role-based access, a path-invisible EHR structure is build for preserving privacy of patients. Second, we have employed a time tree method for generating time granule values, offering fine granularity of time-bound access authorization and control. Our experimental results show that tree-like time structure can improve the performance of the key management scheme significantly and RBTBAC model is more suitable than existing solutions for EHR data management since it offers high-efficiency and better security and privacy for patients.
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1002/sec.817">doi:10.1002/sec.817</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/cuivguqtirevplxowwdnrkuj6a">fatcat:cuivguqtirevplxowwdnrkuj6a</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20170829090057/https://www.cc.gatech.edu/~lingliu/papers/2011/HISec11.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/66/f0/66f07df65bf61b1ea6c7f99ce73c6c0f93e4df9d.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1002/sec.817"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="unlock alternate icon" style="background-color: #fb971f;"></i> wiley.com </button> </a>