A dynamic access control policy model for sharing of healthcare data in multiple domains

Ahmad Salehi Shahraki, Carsten Rudolph, Marthie Grobler

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

Abstract

Authorization models have been developed to prevent unauthorized access to valuable resources such as electronic healthcare records (EHRs). In an applied environment, such as the healthcare domain, there are several types of authorities that generate EHRs and other security parameters via central authority for their users and the attribute authorities. The use of a central authority introduces several challenges in terms of security and privacy due to the increased risk if the central authority is compromised or corrupted. Observing that this research area has not been well addressed to date, we propose and present the first decentralized multi-authority attribute-based access control (DMA-ABAC) model based on the policy model, which enables authorities to independently control their security settings. We present an access control framework for a dynamic cross-domain authorization model that combines Attribute-Based Access Control (ABAC) and Attribute-Based Group Signature (ABGS). This combination aims at providing flexible access control with resistance against reply and third party storage attacks and attribute collusion, and enhanced access control, privacy and selective attributes.

Original languageEnglish
Title of host publicationProceedings - 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering
EditorsLiqun Chen, Ryan Ko, Liming Zhu
Place of PublicationPiscataway NJ USA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages618-625
Number of pages8
ISBN (Electronic)9781728127767
ISBN (Print)9781728127781
DOIs
Publication statusPublished - 2019
EventIEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) 2019 - Rotorua, New Zealand
Duration: 5 Aug 20198 Aug 2019
Conference number: 18th
https://crow.org.nz/TrustCom2019

Conference

ConferenceIEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) 2019
Abbreviated titleTrustCom 2019
CountryNew Zealand
CityRotorua
Period5/08/198/08/19
Internet address

Keywords

  • Anonymity
  • Attribute-based access control
  • Cross domain
  • Distributed
  • Healthcare
  • Privacy
  • Security

Cite this

Salehi Shahraki, A., Rudolph, C., & Grobler, M. (2019). A dynamic access control policy model for sharing of healthcare data in multiple domains. In L. Chen, R. Ko, & L. Zhu (Eds.), Proceedings - 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering (pp. 618-625). [8887394] Piscataway NJ USA: IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/TrustCom/BigDataSE.2019.00088
Salehi Shahraki, Ahmad ; Rudolph, Carsten ; Grobler, Marthie. / A dynamic access control policy model for sharing of healthcare data in multiple domains. Proceedings - 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering. editor / Liqun Chen ; Ryan Ko ; Liming Zhu. Piscataway NJ USA : IEEE, Institute of Electrical and Electronics Engineers, 2019. pp. 618-625
@inproceedings{b4cbcbc8891e46318221792574d0e759,
title = "A dynamic access control policy model for sharing of healthcare data in multiple domains",
abstract = "Authorization models have been developed to prevent unauthorized access to valuable resources such as electronic healthcare records (EHRs). In an applied environment, such as the healthcare domain, there are several types of authorities that generate EHRs and other security parameters via central authority for their users and the attribute authorities. The use of a central authority introduces several challenges in terms of security and privacy due to the increased risk if the central authority is compromised or corrupted. Observing that this research area has not been well addressed to date, we propose and present the first decentralized multi-authority attribute-based access control (DMA-ABAC) model based on the policy model, which enables authorities to independently control their security settings. We present an access control framework for a dynamic cross-domain authorization model that combines Attribute-Based Access Control (ABAC) and Attribute-Based Group Signature (ABGS). This combination aims at providing flexible access control with resistance against reply and third party storage attacks and attribute collusion, and enhanced access control, privacy and selective attributes.",
keywords = "Anonymity, Attribute-based access control, Cross domain, Distributed, Healthcare, Privacy, Security",
author = "{Salehi Shahraki}, Ahmad and Carsten Rudolph and Marthie Grobler",
year = "2019",
doi = "10.1109/TrustCom/BigDataSE.2019.00088",
language = "English",
isbn = "9781728127781",
pages = "618--625",
editor = "Chen, {Liqun } and Ko, {Ryan } and Zhu, {Liming }",
booktitle = "Proceedings - 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
address = "United States of America",

}

Salehi Shahraki, A, Rudolph, C & Grobler, M 2019, A dynamic access control policy model for sharing of healthcare data in multiple domains. in L Chen, R Ko & L Zhu (eds), Proceedings - 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering., 8887394, IEEE, Institute of Electrical and Electronics Engineers, Piscataway NJ USA, pp. 618-625, IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) 2019, Rotorua, New Zealand, 5/08/19. https://doi.org/10.1109/TrustCom/BigDataSE.2019.00088

A dynamic access control policy model for sharing of healthcare data in multiple domains. / Salehi Shahraki, Ahmad; Rudolph, Carsten; Grobler, Marthie.

Proceedings - 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering. ed. / Liqun Chen; Ryan Ko; Liming Zhu. Piscataway NJ USA : IEEE, Institute of Electrical and Electronics Engineers, 2019. p. 618-625 8887394.

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

TY - GEN

T1 - A dynamic access control policy model for sharing of healthcare data in multiple domains

AU - Salehi Shahraki, Ahmad

AU - Rudolph, Carsten

AU - Grobler, Marthie

PY - 2019

Y1 - 2019

N2 - Authorization models have been developed to prevent unauthorized access to valuable resources such as electronic healthcare records (EHRs). In an applied environment, such as the healthcare domain, there are several types of authorities that generate EHRs and other security parameters via central authority for their users and the attribute authorities. The use of a central authority introduces several challenges in terms of security and privacy due to the increased risk if the central authority is compromised or corrupted. Observing that this research area has not been well addressed to date, we propose and present the first decentralized multi-authority attribute-based access control (DMA-ABAC) model based on the policy model, which enables authorities to independently control their security settings. We present an access control framework for a dynamic cross-domain authorization model that combines Attribute-Based Access Control (ABAC) and Attribute-Based Group Signature (ABGS). This combination aims at providing flexible access control with resistance against reply and third party storage attacks and attribute collusion, and enhanced access control, privacy and selective attributes.

AB - Authorization models have been developed to prevent unauthorized access to valuable resources such as electronic healthcare records (EHRs). In an applied environment, such as the healthcare domain, there are several types of authorities that generate EHRs and other security parameters via central authority for their users and the attribute authorities. The use of a central authority introduces several challenges in terms of security and privacy due to the increased risk if the central authority is compromised or corrupted. Observing that this research area has not been well addressed to date, we propose and present the first decentralized multi-authority attribute-based access control (DMA-ABAC) model based on the policy model, which enables authorities to independently control their security settings. We present an access control framework for a dynamic cross-domain authorization model that combines Attribute-Based Access Control (ABAC) and Attribute-Based Group Signature (ABGS). This combination aims at providing flexible access control with resistance against reply and third party storage attacks and attribute collusion, and enhanced access control, privacy and selective attributes.

KW - Anonymity

KW - Attribute-based access control

KW - Cross domain

KW - Distributed

KW - Healthcare

KW - Privacy

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=85075186655&partnerID=8YFLogxK

U2 - 10.1109/TrustCom/BigDataSE.2019.00088

DO - 10.1109/TrustCom/BigDataSE.2019.00088

M3 - Conference Paper

SN - 9781728127781

SP - 618

EP - 625

BT - Proceedings - 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering

A2 - Chen, Liqun

A2 - Ko, Ryan

A2 - Zhu, Liming

PB - IEEE, Institute of Electrical and Electronics Engineers

CY - Piscataway NJ USA

ER -

Salehi Shahraki A, Rudolph C, Grobler M. A dynamic access control policy model for sharing of healthcare data in multiple domains. In Chen L, Ko R, Zhu L, editors, Proceedings - 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering. Piscataway NJ USA: IEEE, Institute of Electrical and Electronics Engineers. 2019. p. 618-625. 8887394 https://doi.org/10.1109/TrustCom/BigDataSE.2019.00088