RBAC in Healthcare; Break The Glass and Delegation; Access Control
Résumé :
[en] In healthcare security, Role-based Access Control (RBAC) should be flexible and include capabilities such
as Break-the-Glass and Delegation. The former is useful in emergencies to overcome otherwise a denial of
access, the latter to transfer rights temporarily, for example, to substitute doctors. Current research studies
these policies separately, but it is unclear whether they are different and independent capabilities. Motivated
to look into this matter, we present a formal characterization of Break-the-Glass andDelegation in the RBAC
model and we inquire on how these two policies relate. After giving arguments in favour of keeping them
apart as different policies, we propose an RBAC model that includes them
Disciplines :
Sciences informatiques
Auteur, co-auteur :
Ferreira, Ana; CINTESIS - Centre for Health Technologies and Services Research > Faculty of Medicine, University of Porto
LENZINI, Gabriele ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Co-auteurs externes :
yes
Langue du document :
Anglais
Titre :
Comparing and Integrating Break-the-Glass and Delegation in Role-based Access Control for Healthcare
Date de publication/diffusion :
2016
Nom de la manifestation :
Int. Conference on International Conference in Information Systems Security and Privacy (ICISSP)
Organisateur de la manifestation :
INSTICC
Lieu de la manifestation :
Rome, Italie
Date de la manifestation :
18-22 February 2016
Manifestation à portée :
International
Titre de l'ouvrage principal :
Proc. of the nd Int. Conference on International Conference in Information Systems Security and Privacy (ICISSP)
