loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Mohamed Abomhara ; Geir M. Køien ; Vladimir A. Oleshchuk and Mohamed Hamid

Affiliation: University of Agder, Norway

Keyword(s): Access Control, Healthcare Information Sharing, Electronic Health Records, Security, Privacy, Risk Assessment, Risk Management.

Abstract: Access control models play an important role in the response to insider threats such as misuse and unauthorized disclosure of the electronic health records (EHRs). In our previous work in the area of access control, we proposed a work-based access control (WBAC) model that strikes a balance between collaboration and safeguarding sensitive patient information. In this study, we propose a framework for risk assessment that extend the WBAC model by incorporating a risk assessment process, and the trust the system has on its users. Our framework determines the risk associated with access requests (user’s trust level and requested object’s security level) and weighting such risk against the risk appetite and risk threshold of situational conditions. Specifically, an access request will be permitted if the risk threshold outweighs the risk of granting access to information, otherwise it will be denied.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.209.209.246

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Abomhara, M.; M. Køien, G.; Oleshchuk, V. and Hamid, M. (2018). Towards Risk-aware Access Control Framework for Healthcare Information Sharing. In Proceedings of the 4th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-282-0; ISSN 2184-4356, SciTePress, pages 312-321. DOI: 10.5220/0006608103120321

@conference{icissp18,
author={Mohamed Abomhara. and Geir {M. Køien}. and Vladimir A. Oleshchuk. and Mohamed Hamid.},
title={Towards Risk-aware Access Control Framework for Healthcare Information Sharing},
booktitle={Proceedings of the 4th International Conference on Information Systems Security and Privacy - ICISSP},
year={2018},
pages={312-321},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006608103120321},
isbn={978-989-758-282-0},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 4th International Conference on Information Systems Security and Privacy - ICISSP
TI - Towards Risk-aware Access Control Framework for Healthcare Information Sharing
SN - 978-989-758-282-0
IS - 2184-4356
AU - Abomhara, M.
AU - M. Køien, G.
AU - Oleshchuk, V.
AU - Hamid, M.
PY - 2018
SP - 312
EP - 321
DO - 10.5220/0006608103120321
PB - SciTePress