Abstract
Most of the work on multimedia medical images security until now has focused on cryptographic approaches. While valuable, cryptography is not enough to control access to images. Therefore additional protection approaches should be applied at a higher level. Rolebased access control (RBAC) is a good candidate to provide access control in a multimedia medical image DBMS. However, in a multimedia medical image DBMS, specifications of image access rights are often based on the semantic content of the images, the attributes of the user accessing the image, the relationship between the user and the patient whose images are to be accessed and the time. Unfortunately, RBAC cannot be used to handle the above requirements. In this paper we describe an extended RBAC model by using constraints in the specific ation of the Role-Permission relationship. The proposed access control model preserves the advantages of scaleable security administration that RBAC-style models offer and yet offers the flexibility to specify very fine-grained, flexible, content, context and time-based access control policies.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
R. B. Wolfang and E. J. Delp, “Overview of image security techniques with applications in multimedia systems”, SPIE Conf. on Multimedia Networks: Security, Displays, Terminals and Gateways, Vol. 3228, November 2–5, 1997, Dallas, Texas, pp:297–3308.
E. B. Fernandez and K. R. Nair, “An Abstract Authorization System for the Internet”, in Proc. of the 9th International Workshop on Database and Expert Systems Applic., 1998.
R. K. Thomas, “Team-based access control (TMAC): A primitive for applying role-based access controls in collaborative environments”, ACM RBAC‘97, 1997.
L. Giuri and P. Iglio, “Role templates for content-based access control”, in Proc. of the Second ACM RBAC Workshop, November 1997.
E. C. Lupu and M. Sloman, “Reconciling role-based management and role-based access control”, in Proc. of the Second ACM RBAC Workshop, November 1997.
S. T. C. Wong and H. K. Huang, “Design methods and architectural issues of integrated medical image data based systems”, Computerized Medical Imaging and Graphics, Vol 20, No 4, pp. 285–299, 1996.
A. Tchounikine, “Creation and content-based retrieval in a radiological documentary record”, in Proc. of the 3rd Basque International Workshop on Information Technology, 1997.
R. Sandhu, E. J. Coynee, H. L. Feinsteinn, and C. E. Youman, “Role-based access control models”, IEEE Computer, 29(2), February, 1996.
Rational Software Corporation, Object Constraint Language Specification, Version 1.1, Available at http://www.rational.com/uml/, September 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tzelepi, S., Pangalos, G. (2001). A Flexible Access Control Model for Multimedia Medical Image Security. In: Shum, HY., Liao, M., Chang, SF. (eds) Advances in Multimedia Information Processing — PCM 2001. PCM 2001. Lecture Notes in Computer Science, vol 2195. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45453-5_139
Download citation
DOI: https://doi.org/10.1007/3-540-45453-5_139
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42680-6
Online ISBN: 978-3-540-45453-3
eBook Packages: Springer Book Archive