Browse > Article

Study on The RBAC Protocol of Medical Information System  

Lim, Kyeong Suk (송원대학교/간호학과)
Kim, Jeom Goo (남서울대학교/컴퓨터학과)
Publication Information
Convergence Security Journal / v.16, no.7, 2016 , pp. 77-84 More about this Journal
Abstract
In general RBAC(Role-Based-Access Control) model, senior role has junior role's permissions by virtue of role hierarchy. But although the opposite case is needed partially in medical institutions, such case cannot be performed in medical information systems. This is because inheritances of permissions in role hierarchies are static. In order to tackle this problem, this paper defined a dynamic role assignment, thereby proposed the way for the junior temporarily to be able to perform the permissions of the senior, and showed the applications of medical information systems.
Keywords
RBAC; Medical Information; Vulnerability; Security; Protocol;
Citations & Related Records
연도 인용수 순위
  • Reference
1 E. C. Lupu, D. A. Marriott, M. S. Sloman, and N. Yialelis, "A Policy Based Role Framework for Access Control", First ACM/NIST Role Based Access Control Workshop, Dec, 1995
2 Department of Defence(USA), Department of Defence Trusted Computer System Evaluation Criteria, DoD 5200-78-STD, DoD, 1985
3 L. Giuri, "Role-Based Access Control in Java", 3rd ACM Role-Based Access Control Workshop, 1998.
4 E. C. Lupu, M. S. Sloman, "A Policy Based Role Object Model", Proceeding of IEEE EDOC'97, Oct, 1997.
5 N. Yialelis, M. S. Sloman, "A Security Framework Supporting Domain Based Access Control in Distributed Systems", ISOC Symposium on Network and Distributed System Security(SNDSS96), Feb 1996
6 David F. Ferraiolo and Richard Kuhn, "Role-based access control," Proceedings of the 15th NIST-NSA National computer security conference, 1992
7 Ravi S. sandhu, Edward J.Coyne, Hal L. Feinstein and Charles E. Youman, "Role_-Based Access Control Models," IEEE computer, Volume 29, number 2, Feb 1996
8 David F. Ferraiolo, J. Cugini and Richard Kuhn, "Role-Based Access Control: Features and Motivations," National Institute of standards and technology, 1995
9 J. Barkley, "RBAC in Health Care", 1995 http://hissa.ncsl.nist.gov/rbav/
10 C. Goh, A. Baldwin, "Towards a more Complete Model of Role", 3rd ACM Role-Based Access Control Workshop, 1998.
11 Min-Hoo Kim, "The Medical Information status and Legislation", Journal of Sungkyunkwan University Law, Vol. 17, No. 2, pp.110, 2006.12.
12 Young-Ju Jeun, "The Medical Information and Privacy Protection", Journal of Korean Law Association, Vol. 23, pp.525, 2006.8.
13 Young-Ju Jeun, "Legal Issues in The Medical Information", Chosun University Law, Vol. 14, No. 1, pp.126, 2007.
14 Kyu-Won Jung, "Medical Professional's Rights and Duties Manage Medical Information", HanYang University Law, Vol. 28, No. 1, pp36, 2011.
15 Bu-Gyun Jeong, "Issues on the Patient's Information Protection", Journal of Korean Association of Medical Law, Vol. 9, No. 2, pp.355, 2008.
16 Yun-Cheal Backeong, "America of Privacy Protection and HIPPA", Journal of America constitutinal Law Association, Vol. 19, No.1, pp.85-94, 2008.
17 Bu-Gyun Jeong, "Issues on The Patient's Information Protection", Journal of Korean Association of Medical Law, Vol. 9, No. 2, pp.355, 2008.
18 Yong-Yeub Jeong, "A Styudy on Legal Protection, Inspection and Delivery of the Copies of Health & Medical Data", Journal of Korean Association of Medical Law, Vol. 13, No. 1, pp.373, 2012.