Skip to main content
SpringerLink
Log in

Delegation in a Distributed Healthcare Context: A Survey of Current Approaches

  • Conference paper
Information Security (ISC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4176))

Included in the following conference series:

Abstract

The development of infrastructures to facilitate the sharing of data for healthcare delivery and research purposes is becoming increasingly widespread. In addition to the technical requirements pertaining to efficient and transparent sharing of data across organisational boundaries, there are requirements pertaining to ethical and legal issues. Functional and non-functional concerns need to be balanced: for resource sharing to be as transparent as possible, an entity should be allowed to delegate a subset of its rights to another so that the latter can perform actions on the former’s behalf, yet such delegation needs to be performed in a fashion that complies with relevant legal and ethical restrictions. The contribution of this paper is twofold: to characterise the requirements for secure and flexible delegation within the emerging distributed healthcare context; and to evaluate existing approaches with respect to these requirements. We also suggest how some of these limitations might be overcome.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. EGEE project, http://egee-intranet.web.cern.ch/

  2. Oasis eXstensible Access Control Markup Language Committee, XACML V2.0, www.oasis-open.org/committees/

  3. Oasis Security Services Technical Committee, SAML V2.0, www.oasis-open.org/committees/

  4. The Caldicott Report (December 1997), www.hpa.org.uk/confidentiality/caldicott.htm

  5. Datagrid project, http://eu-datagrid.web.cern.ch/eu-datagrid/

  6. Data protection act 1998. The Stationery Office Limited, London (1998)

    Google Scholar 

  7. Foster, I., Kesselman, C. (eds.): The Grid: Blueprint For A New Computing Infrastructure. Morgan Kaufmann, San Francisco (1999)

    Google Scholar 

  8. Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A security architecture for computational grids. In: 5th ACM Conference on Computer and Communications Security, pp. 83–92 (1998)

    Google Scholar 

  9. Gasser, M., McDermott, E.: An architecture for practical delegation in a distributed system. In: IEEE Symposium on Research in Security and Privacy (May 1990), pp. 20–30 (1990)

    Google Scholar 

  10. Geddes, J., Lloyd, S., Simpson, A.C., Rossor, M., Fox, N., Hill, D., Hajnal, J., Lawrie, S., McIntosh, A., Johnstone, E., Wardlaw, J., Perry, D., Procter, R., Bath, P., Bullmore, E.: Neurogrid: Using grid technology to advance neuroscience. In: 18th IEEEd Symposium on Computer-Based Medical Systems, pp. 570–572 (2005)

    Google Scholar 

  11. Healthgrid white paper, http://whitepaper.healthgrid.org

  12. Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 3280 (April 2002)

    Google Scholar 

  13. Humber, M.: National Programme for Information Technology. British Medical Journal 328(7449), 1145–1146 (2004)

    Article  Google Scholar 

  14. Navarro, G., Sadhigi-Firozabadi, B., Rissanen, E., Borrell, J.: Constrained delegation in XML-based access control and digital rights management standards. In: Proceedings of Communication,Network and Information Security (December 2003)

    Google Scholar 

  15. Power, D.J., Politou, E.A., Slaymaker, M.A., Simpson, A.C.: Towards secure grid-enabled healthcare. Software: Practice and Experience 35(9), 857–871 (2005)

    Article  Google Scholar 

  16. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)

    Article  Google Scholar 

  17. Seitz, L., Rissanen, E., Sandholm, T., Firozibadi, B.S., Mulmo, O.: Policy administration control and delegation using XACML and delegent. In: 6th IEEE/ACM International Workshop on Grid Computing (November 2005)

    Google Scholar 

  18. Wang, J., Vecchio, D.D., Humphrey, M.: Extending the security assertion markup language to support delegation for web services and grid services. In: IEEE International Conference on Web Services (ICWS 2005) (July 2005)

    Google Scholar 

  19. Welch, V., Foster, I., Kesselman, C., Mulmo, O., Pearlman, L., Tuecke, S., Gawor, J., Meder, S., Siebenlist, F.: X.509 Proxy Certificates for Dynamic Delegation. In: 3rd Annual PKI R&D Workshop (2004)

    Google Scholar 

  20. Zhang, L., Ahn, G.J., Chu, B.T.: A role-based delegation framework for healthcare information systems. In: SACMAT, pp. 125–134 (2002)

    Google Scholar 

  21. Zhang, L., Ahn, G.J., Chu, B.T.: A rule-based framework for role-based delegation and revocation. ACM Transactions on Information and System Security 6(3), 404–441 (2003)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Oxford University Computing Laboratory, Wolfson Building, Parks Road, Oxford, OX1 3QD, United Kingdom

    Mila Katzarova & Andrew Simpson

Authors
  1. Mila Katzarova
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Andrew Simpson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of the Aegean, University Hill, 81100, Mytilene, Greece

    Sokratis K. Katsikas

  2. Department of Information and Communication Technologies, University of A Coruña, Spain

    Javier López

  3. MPI-SWS,  

    Michael Backes

  4. Department of Information and Communication Systems Engineering, University of the Aegean, Karlovassi, Samos, Greece

    Stefanos Gritzalis

  5. Interdisciplinary Institute for BroadBand Technology (IBBT), Belgium

    Bart Preneel

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Katzarova, M., Simpson, A. (2006). Delegation in a Distributed Healthcare Context: A Survey of Current Approaches. In: Katsikas, S.K., López, J., Backes, M., Gritzalis, S., Preneel, B. (eds) Information Security. ISC 2006. Lecture Notes in Computer Science, vol 4176. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11836810_37

Download citation

  • DOI: https://doi.org/10.1007/11836810_37

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-38341-3

  • Online ISBN: 978-3-540-38343-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation