Volume 17, Issue 3 (11-2020)
JSDP 2020, 17(3): 109-140 |
Back to browse issues page
Download citation:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:
Ghofrani F, Amini M. Privacy Preserving Dynamic Access Control Model with Access Delegation for eHealth. JSDP 2020; 17 (3) :109-140
URL: http://jsdp.rcisp.ac.ir/article-1-916-en.html
URL: http://jsdp.rcisp.ac.ir/article-1-916-en.html
Sharif University of Technology
Abstract: (2972 Views)
eHealth is the concept of using the stored digital data to achieve clinical, educational, and administrative goals and meet the needs of patients, experts, and medical care providers. Expansion of the utilization of information technology and in particular, the Internet of Things (IoT) in eHealth, raises various challenges, where the most important one is security and access control. In this regard, different security requirements have been defined; such as the physician’s access to the patient’s EHR (electronic health record) based on the physician’s physical location, detection of emergency conditions and dynamically granting access to the existing physician or nurse, preserving patients’ privacy based on their preferences, and delegation of duties and related permissions. In security and access control models presented in the literature, we cannot find a model satisfying all these requirements altogether. To fill this gap, in this paper, we present a privacy preserving dynamic access control model with access delegation capability in eHealth (called TbDAC). The proposed model is able to tackle the security challenges of these environments when the physicians and nurses access the patients’ EHR. The model also includes the data structures, procedures, and the mechanisms necessary for providing the access delegation capability.
The proposed access control model in this paper is in fact a family of models named TbDAC for access control in eHealth considering the usual hospital procedures. In the core model (called TbDAC0), two primitive concepts including team and role are employed for access control in hospitals. In this model, a set of permission-types is assigned to each role and a medical team (including a set of hospital staff with their roles) is assigned to each patient. In fact the role of a person in a team determines his/her permissions on the health information of the patient. Since patients’ vital information is collected from some IoT sensors, a dynamic access control using a set of dynamic and context-aware access rules is considered in this model. Detecting emergency conditions and providing proper permissions for the nearest physicians and nurses (using location information) is a key feature in this model.
Since health information is one of the most sensitive individuals’ personal information, the core model has been enhanced to be a privacy preserving access control model (named TbDAC1). To this aim, the purpose of information usage and the privacy preferences of the patients are considered in the access control enforcement procedure.
Delegation of duties is a necessity in medical care. Thus, we added access delegation capability to the core model and proposed the third member of the model family, which is named TbDAC2. The complete model that considers all security requirements of these environments including emergency conditions, privacy, and delegation is the last member of this family, named TbDAC3. In each one of the presented models, the therapeutic process carried out in the hospitals, the relational model, and the entities used in the model are precisely and formally defined. Furthermore in each model, the access control process and the dynamic access rules for different situations are defined.
Evaluation of the proposed model is carried out using three approaches; comparing the model with the models proposed in related research, assessing the real-world scenarios in a case study, and designing and implementing a prototype of an access control system based on the proposed model for mobile Android devices. The evaluations show the considerable capabilities of the model in satisfying the security requirements in comparison to the existing models which proposed in related research and also its applicability in practice for different simple and complicated access scenarios.
The proposed access control model in this paper is in fact a family of models named TbDAC for access control in eHealth considering the usual hospital procedures. In the core model (called TbDAC0), two primitive concepts including team and role are employed for access control in hospitals. In this model, a set of permission-types is assigned to each role and a medical team (including a set of hospital staff with their roles) is assigned to each patient. In fact the role of a person in a team determines his/her permissions on the health information of the patient. Since patients’ vital information is collected from some IoT sensors, a dynamic access control using a set of dynamic and context-aware access rules is considered in this model. Detecting emergency conditions and providing proper permissions for the nearest physicians and nurses (using location information) is a key feature in this model.
Since health information is one of the most sensitive individuals’ personal information, the core model has been enhanced to be a privacy preserving access control model (named TbDAC1). To this aim, the purpose of information usage and the privacy preferences of the patients are considered in the access control enforcement procedure.
Delegation of duties is a necessity in medical care. Thus, we added access delegation capability to the core model and proposed the third member of the model family, which is named TbDAC2. The complete model that considers all security requirements of these environments including emergency conditions, privacy, and delegation is the last member of this family, named TbDAC3. In each one of the presented models, the therapeutic process carried out in the hospitals, the relational model, and the entities used in the model are precisely and formally defined. Furthermore in each model, the access control process and the dynamic access rules for different situations are defined.
Evaluation of the proposed model is carried out using three approaches; comparing the model with the models proposed in related research, assessing the real-world scenarios in a case study, and designing and implementing a prototype of an access control system based on the proposed model for mobile Android devices. The evaluations show the considerable capabilities of the model in satisfying the security requirements in comparison to the existing models which proposed in related research and also its applicability in practice for different simple and complicated access scenarios.
Type of Study: Research |
Subject:
Paper
Received: 2018/10/19 | Accepted: 2020/01/22 | Published: 2020/12/5 | ePublished: 2020/12/5
Received: 2018/10/19 | Accepted: 2020/01/22 | Published: 2020/12/5 | ePublished: 2020/12/5
References
1. ]1[ I. B. Ida, A. Jemai, and A. Loukil, "A survey on security of IoT in the context of ehealth and clouds," in Proceedings of 11th International Design Test Symposium (IDT), pp.25-30, Dec2016. [DOI:10.1109/IDT.2016.7843009]
2. [2] A. J. Jara, A. F. Alcolea, M. A. Zamora, A. F. G. Skarmeta, and M. Alsaedy, "Drugs interaction checker based on iot," in Proceedings of 2010 Internet of Things (IOT), pp.1-8, Nov2010. [DOI:10.1109/IOT.2010.5678458]
3. [3] A, Kevin, "That 'internet of things' thing," RFID journal, vol. 22, pp.97-114, Jul2009.
4. [4] D.Lu and T.Liu, "The application of iot in medical system," in Proceedings of 2011 IEEE International Symposium on IT in Medicine and Education, vol.1, pp.272-275, Dec2011.
5. [5] R. Marti, J. Delgado, and X. Perramon, "Security specification and implementation for mobile e-health services," in Proceedings of 2004 IEEE International Conference on e-Technology, e-Commerce and e-Service, March.2004, pp.241-248. [DOI:10.1109/EEE.2004.1287316]
6. [6] F. Rezaeibagha and Y. Mu, "Distributed clinical data sharing via dynamic access-control policy transformation," International Journal of Medical Informatics, vol.89, no.Supplement C, pp.25-31, 2016. [DOI:10.1016/j.ijmedinf.2016.02.002] [PMID]
7. [7] I. lakovidis, "Towards Personal Health Record: Current Situation, Obstacles and Trends in Implementation of Electronic Healthcare Record in Europe," International Journal of Medical Informatics, vol.52, pp.105-115, 1998. [DOI:10.1016/S1386-5056(98)00129-4]
8. [8] M.Sicuranza, A.Esposito, and M.Ciampi, "A view-based access control model for her systems," in Proceedings of Intelligent Distributed Computing VIII, pp.443-452, Springer, 2015. [DOI:10.1007/978-3-319-10422-5_46]
9. [9] M. Abomhara, H. Yang, G. M. Køien, and M. B. Lazreg, "Work-based access control model for cooperative healthcare environments: Formal specification and verification," Journal of Healthcare Informatics Research, vol.1, pp.19-51, Jun2017. [DOI:10.1007/s41666-017-0004-7]
10. [10] H. S. G. Pussewalage and V. A. Oleshchuk, "An attribute based access control scheme for secure sharing of electronic health records," in Proceedings of 18th IEEE International Conference on e-Health Networking, Applications and Services (Healthcom), Sept.2016, pp.1-6. [DOI:10.1109/HealthCom.2016.7749516]
11. [11] M.Sicuranza and A.Esposito, "An access control model for easy management of patient privacy in her systems," in Proceedings of 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013), Dec.2013, pp.463-470. [DOI:10.1109/ICITST.2013.6750243]
12. [12] A. Ouaddah, H. Mousannif, A. A. Elkalam, and A. A. Ouahman, "Access control in the internet of things: Big challenges and new opportunities," Computer Networks, vol.112, no.Supplement C, pp.237-262, 2017. [DOI:10.1016/j.comnet.2016.11.007]
13. [13] M.F.F.Khan and K.Sakamura, "A secure and flexible e-health access control system with provisions for emergency access overrides and delegation of access privileges," in Proceedings of 18th International Conference on Advanced Communication Technology (ICACT), pp.541-546, Jan2016. [DOI:10.1109/ICACT.2016.7423463]
14. [14] M. Jayabalan and T. O'Daniel, "Access control and privilege management in electronic health record: a systematic literature review," Journal of Medical Systems, vol.40, p.261, Oct2016. [DOI:10.1007/s10916-016-0589-z] [PMID]
15. [15] M.F.F.Khan and K.Sakamura, "Context-aware access control for clinical information systems," in Proceedings of 2012 International Conference on Innovations in Information Technology (IIT), March.2012, pp.123-128. [DOI:10.1109/INNOVATIONS.2012.6207715]
16. [16] C. K. Georgiadis, I. Mavridis, G. Pangalos, and R. K. Thomas, "Flexible team-based access control using contexts," in Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies, SACMAT'01, (NewYork, NY, USA), pp.21-27, 2001. [DOI:10.1145/373256.373259]
17. [17] M. Yarmand, K. Sartipi, and D. Down, "Behavior-based access control for distributed healthcare environment," in Computer-Based Medical Systems, 2008. CBMS'08. 21st IEEE International Symposium on, pp.126-131, June2008. [DOI:10.1109/CBMS.2008.14]
18. [18] E. Georgakakis, S. Nikolidakis, D. Vergados, and C. Douligeris, "Spatio temporal emergency role based access control (stem-rbac): A time and location aware role based access control model with a break the glass mechanism," in Computers and Communications (ISCC): 2011 IEEE Symposium on, pp. 764-770, June2011. [DOI:10.1109/ISCC.2011.5983932]
19. [19] Q.Ni, A.Trombetta, E.Bertino, andJ.Lobo, "Privacy-aware role based access control, " in Proceedings of 12th ACM Symposium on Access Control Models and Technologies, SACMAT '07, pp.41-50, ACM, 2007. [DOI:10.1145/1266840.1266848]
20. [20] N. Yang, H. Barringer, and N. Zhang, "A purpose-based access control model," in Proceedings of Third International Symposium on Information Assurance and Security, pp.143-148, Aug2007. [DOI:10.1109/IAS.2007.29]
21. [21] K. Seol, Y.-G. Kim, E. Lee, Y.-D. Seo, and D.-K. Baik, ''Privacy preserving attribute-based access control model for XML-based electronic health record system,'' IEEE Access, vol. 6, pp. 9114-9128, 2018. [DOI:10.1109/ACCESS.2018.2800288]
22. [22] Majeed, Abdul, "Attribute-centric anonymization scheme for improving user privacy and utility of publishing e-health data," Journal of King Saud University-Computer and Information Sciences, March 2018. [DOI:10.1016/j.jksuci.2018.03.014]
23. [23] P.Gope and R.Amin, "A novel reference security model with the situation based access policy for accessing ephr data," Journal of Medical Systems, vol.40, p.242, Sep2016. [DOI:10.1007/s10916-016-0620-4] [PMID]
24. [24] H. Narayanan and M. Giine, "Ensuring access control in cloud provisioned healthcare systems," in Consumer Communications and Networking Conference (CCNC): 2011 IEEE, Jan.2011, pp.247-251. [DOI:10.1109/CCNC.2011.5766466]
25. [25] US Department of Health and Human Services, "Public Law 104-191: Health Insurance Portability and Accountability Act of 1996," Retrieved November 24 (2003): 2003.
26. [26] J. Jing, A. Gail-Joon, H. Hongxin, J. Michael, and Z.Xinwen, "Patient-centric authorization framework for electronic healthcare services," computers & security, vol.30, no.2-3, pp.116-127, 2011. [DOI:10.1016/j.cose.2010.09.001]
27. [27] M.A. Doostari, M. Miabi, and M. Momeni, "Proposing a privacy and anonymity protocol in ehealth using public key infrastructure", in Proceedings of the 4th International Conference on Applied Research in Computer Engineering and Signal Processing, Tehran, Iran, 2016.
28. [28] F. hashemibeni, "Privacy preserving access control in iot for ehealth," Master's thesis, Sharif University of Technology, September 2015.
Send email to the article author
| Rights and permissions | |
 |
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License. |
