Risk-based Access Control Model for Hospital Information Systems

Authors

  • Xue Chen

DOI:

https://doi.org/10.54097/fcis.v2i3.5315

Keywords:

Access Control, Risk, Hospital Information System, Access Permissions

Abstract

With the advancement of healthcare reform in various countries, hospital information systems (HIS) and electronic medical records are developing rapidly and providing a source of power for the development of the healthcare industry. Due to the electronification of medical record information and excessive access rights of medical information systems, there is a risk of internal leakage of medical information. Therefore, based on medical information system, this paper proposes a risk-based access control model, which gets the risk value of doctors by quantifying their access behavior and divides the access interval according to the risk value for access behavior control. According to the simulation experiments, it can be seen that the model proposed in this paper is more suitable for medical scenarios than the traditional access control model.

Downloads

Download data is not yet available.

References

AKHUSEYINOGLU N B, JOSHI J. A Risk-Aware Access Control Framework for Cyber-Physical Systems; proceedings of the 2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC), F 15-17 Oct. 2017, 2017 [C].

HOU M W, LAN X, XING L, et al. Study on the Application of Privacy Protection Technology in the Publication of Health Care Big Data [J]. Chin Digital Med, 2020, 15(02): 92-4.

XIAO L, LI D, SUN Y, et al. Protection of personal privacy in the health and medical big data environment [J]. Chine Med Record, 2019, 20(12): 48-50.

SOCEANU A, VASYLENKO M, EGNER A, et al. Managing the Privacy and Security of eHealth Data; proceedings of the 2015 20th International Conference on Control Systems and Computer Science, F 27-29 May 2015, 2015 [C].

HOSSAIN A, FERDOUS S M S, ISLAM S, et al. Rapid Cloud Data Processing with Healthcare Information Protection; proceedings of the IEEE World Congress on Services (SERVICES), Anchorage, AK, F Jun 27-Jul 02, 2014 [C]. 2014.

WANG Q, JIN H. Quantified risk-adaptive access control for patient privacy protection in health information systems; proceedings of the Proceedings of the 6th International Symposium on Information, Computer and Communications Security, ASIACCS 2011, F, 2011 [C]. Association for Computing Machinery.

ALUVALU R, MUDDANA L. A dynamic attribute-based risk aware access control model (DA-RAAC) for cloud computing; proceedings of the 7th IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), Agni Coll Technol, Chennai, INDIA, F Dec 15-17, 2016 [C]. 2016.

ZAKARIA H, ABU BAKAR N A, HASSAN N H, et al. IoT Security Risk Management Model for Secured Practice in Healthcare Environment [J]. Procedia Comput Sci, 2019, 161: 1241-8.

WU X, ZHANG Y T, WANG A M, et al. MNSSp3: Medical big data privacy protection platform based on Internet of things [J]. Neural Comput Appl, 2020: 15.

HUI Z, LI H, ZHANG M, et al. Risk-adaptive access control model for big data in healthcare [J]. J Comm, 2015, 36(12): 190-9.

Downloads

Published

16-02-2023

Issue

Vol. 2 No. 3 (2022)

Section

Articles

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

Chen, X. (2023). Risk-based Access Control Model for Hospital Information Systems. Frontiers in Computing and Intelligent Systems, 2(3), 82-84. https://doi.org/10.54097/fcis.v2i3.5315
Crossref
Scopus
Google Scholar
Europe PMC