Activity-based Access Control Model to Hospital Information

Le Xuan Hung, Sungyoung Lee, Young-Koo Lee, Heejo Lee
2007 13th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA 2007)  
Hospital work is characterized by the need to manage multiple activities simultaneously, constant local mobility, frequently interruptions, and intense collaboration and communication. Hospital employees must handle a large amount of data that is often tied to specific work activities. This calls for a proper access control model. In this paper, we propose a novel approach, Activity-based access Control Model (ACM). Unlike conventional approaches which exploit user identity/role information,
more » ... ole information, ACM leverages user's activities to determine the access permissions for that user. In ACM, a user is assigned to perform a number of actions if s/he poses a set of satisfactory attributes. Access permissions to hospital information are granted according to user's actions. By doing this, ACM contributes a number of advantages over conventional models: (1) facilitates user's work; (2) reduces complexity and cost of access management. Though the design of ACM first aims to support clinical works in hospitals, it can be applied in other activity-centered environments. 2. Activity-based Access Control Model 13th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications(RTCSA 2007) 0-7695-2975-5/07 $25.00
doi:10.1109/rtcsa.2007.18 dblp:conf/rtcsa/HungLLL07 fatcat:z45x6ufrjrfddiokc5ic6ifewi