Skip to main content
Springer Nature Link
Log in

Secure Interaction Models for the HealthAgents System

  • Conference paper
Computer Safety, Reliability, and Security (SAFECOMP 2008)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 5219))

Included in the following conference series:

  • 2459 Accesses

Abstract

Distributed decision support systems designed for healthcare use can benefit from services and information available across a decentralised environment. The sophisticated nature of collaboration among involved partners who contribute services or sensitive data in this paradigm, however, demands careful attention from the beginning of designing such systems. Apart from the traditional need of secure data transmission across clinical centres, a more important issue arises from the need of consensus for access to system-wide resources by separately managed user groups from each centre. A primary concern is the determination of interactive tasks that should be made available to authorised users, and further the clinical resources that can be populated into interactions in compliance with user clinical roles and policies. To this end, explicit interaction modelling is put forward along with the contextual constraints within interactions that together enforce secure access, the interaction participation being governed by system-wide policies and local resource access being governed by node-wide policies. Clinical security requirements are comprehensively analysed, prior to the design and building of our security model. The application of the approach results in a Multi-Agent System driven by secure interaction models. This is illustrated using a prototype of the HealthAgents system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Pereira, A.L., Muppavarapu, V., Chung, S.M.: Role-based access control for grid database services using the community authorization service. In: Transactions on Dependable and Secure Computing, vol. 3(2), pp. 156–166. IEEE, Los Alamitos (2006)

    Google Scholar 

  2. M-Tech Information Technology, Inc.: Beyond Roles: A Practical Approach to Enterprise User Provisioning (2006)

    Google Scholar 

  3. Wooldridge, M., Jennings, N.R., Kinny, D.: The Gaia methodology for agent-oriented analysis and design. Journal of Autonomous Agents and Multi-Agent Systems 3(3), 285–312 (2000)

    Article  Google Scholar 

  4. Zhang, L., Ahn, G., Chu, B.: A role-based delegation framework for healthcare information systems. In: 7th ACM Symposium on Access Control Models and Technologies, pp. 125–134. ACM, New York (2002)

    Google Scholar 

  5. Joint Computer Group of the GMSC and RCGP: GMSC and RCGP guidelines for the extraction and use of data from general practitioner computer systems by organisations external to the practice. Appendix III In: Committee on Standards of Data Extraction from General Practice Guidelines (1988)

    Google Scholar 

  6. Hawker, A.: Confidentiality of personal information: a patient survey. Journal of Informatics in Primary Care, 16–19 (1995)

    Google Scholar 

  7. Anderson, R.J.: Clinical system security: interim guidelines. British Medical Journal 312, 109–111 (1996)

    Google Scholar 

  8. Pitchford, R.A., Kay, S.: GP Practice computer security survey. Journal of Informatics in Primary Care, 6–12 (1995)

    Google Scholar 

  9. Anderson, R.J.: Patient Confidentiality - At Risk from NHS Wide Networking. Proceedings of Healthcare 96 (1996)

    Google Scholar 

  10. BMA - British Medical Association, http://www.bma.org.uk/

  11. Chandramouli, R.: Business Process Driven Framework for defining an Access Control Service based on Roles and Rules. In: 23rd National Information Systems Security Conference (2000)

    Google Scholar 

  12. Robertson, D.: A lightweight coordination calculus for agent systems. In: Leite, J.A., Omicini, A., Torroni, P., Yolum, p. (eds.) DALT 2004. LNCS (LNAI), vol. 3476, pp. 183–197. Springer, Heidelberg (2005)

    Google Scholar 

  13. Robertson, D., et al.: Open Knowledge: Semantic Webs Through Peer-to-Peer Interaction. OpenKnowledge Manifesto (2006), http://www.openk.org/

  14. Crook, R., Ince, D., Nuseibeh, B.: Modelling Access Policies Using Roles in Requirements Engineering. Information and Software Technology 45(14), 979–991 (2003)

    Article  Google Scholar 

  15. Calam, D.: Information Governance - Security, Confidentiality and Patient Identifiable Information, http://etdevents.connectingforhealth.nhs.uk/eventmanager/uploads/ig.ppt

  16. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. Computer 29(2), 38–47 (1996)

    Article  Google Scholar 

  17. Blobel, B.: Authorisation and access control for electronic health record systems. International Journal of Medical Informatics 73(3), 251–257 (2004)

    Article  Google Scholar 

  18. HealthAgents, http://www.healthagents.net/

  19. Xiao, L., Lewis, P., Gibb, A.: Developing a Security Protocol for a Distributed Decision Support System in a Healthcare Environment. In: 30th International Conference on Software Engineering, pp. 673–682. ACM, New York (2008)

    Google Scholar 

  20. Hu, J., Weaver, A.C.: Dynamic, Context-Aware Access Control for Distributed Healthcare Applications. In: 1st Workshop on Pervasive Security, Privacy and Trust (2004)

    Google Scholar 

  21. Omicini, A., Ricci, A., Viroli, M.: RBAC for organisation and security in an agent coordination infrastructure. Electronic Notes in Theoretical Computer Science 128(5), 65–85 (2005)

    Article  Google Scholar 

  22. Anderson, R.: Undermining data privacy in health information. BMJ 322, 442–443 (2001)

    Article  Google Scholar 

  23. Denley, I., Smith, S.W.: Privacy in clinical information systems in secondary care. BMJ 318, 1328–1331 (1999)

    Google Scholar 

  24. Xiao, L., Greer, D.: Adaptive Agent Model: Software Adaptivity using an Agent-oriented Model Driven Architecture. Information & Software Technology. Elsevier. In: Press (2008), http://dx.doi.org/10.1016/j.infsof.2008.02.002

  25. Xiao, L., Peet, A., Lewis, P., Dashmapatra, S., Sáez, C., Croitoru, M., Vicente, J., Gonzalez-Velez, H., Lluchi Ariet, M.: An Adaptive Security Model for Multi-agent Systems and Application to a Clinical Trials Environment. In: 31st IEEE Annual International Computer Software and Applications Conference, pp. 261–266. IEEE, Los Alamitos (2007)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Southampton, UK

    Liang Xiao, Paul Lewis & Srinandan Dasmahapatra

Authors
  1. Liang Xiao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paul Lewis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Srinandan Dasmahapatra
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computing Science, Newcastle University, Claremont Tower, NE1 7RU, Newcastle upon Tyne, UK

    Michael D. Harrison

  2. Health Sciences Research Institute, University of Warwick, Coventry, CV4 7AL, UK

    Mark-Alexander Sujan

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Xiao, L., Lewis, P., Dasmahapatra, S. (2008). Secure Interaction Models for the HealthAgents System. In: Harrison, M.D., Sujan, MA. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2008. Lecture Notes in Computer Science, vol 5219. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87698-4_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-87698-4_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-87697-7

  • Online ISBN: 978-3-540-87698-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics