Design of access control logic for HCRBAC
Moonian, Oveeyen; Khedo, Kavi Kumar; Cheerkoot-Jalim, Sudha; Ghurbhurrun-Nagowah, Soulakshmee D and Cadersaib, Zarine (2010) Design of access control logic for HCRBAC. Indian Journal of Medical Informatics, 5 (1). pp. 4-5. ISSN 0973-9254
Full text available as:
Role-Based access control provides an efficient technique for managing data access in systems that involve large organizations. Roles can be directly mapped to positions in the organization and role hierarchies can be defined. Data access rights are thus allocated to roles and users are mapped onto these roles. In organizations where the data is particularly sensitive, such as in healthcare institutions, role-based access-control needs to be further enhanced by using information based on context of access, such as location and time of access. In a previous paper, we motivated the need for the development of a secure access-control system for the Mauritian healthcare services. We presented HCRBAC (Healthcare Context-aware Role-Based Access Control) a data access system for the Mauritian healthcare service, where data access is based on roles, supported by context-awareness. In this paper we present a detailed design of the access control logic for HCRBAC, with emphasis on organization of the access-control information and the API of the system and we lay the necessary foundations for a prototype implementation.
Archive Staff Only: edit this record