Privacy-Aware Granular Data Access Control For Cross-Domain Data Sharing
نویسندگان
چکیده
In an e-health environment, medical data is shared electronically between different parties. Improper access to such a data can have the possibility of adversely affecting some participants as this data often represents private and sensitive information that should only be accessed by authorised organizations and individuals. Most existing solutions either focus on user access control or objectbased granular data access control rather than both. On the other hand, data sharing, such as medical data, in cross-domain environments is widely used, while the issue of improper access in such a 'roaming' environment has not received enough attention. In this paper, a novel access control mechanism has been proposed to address these issues. After the implementation, an example is given to explain use of the proposed approach to manage and share data in collaborative and cross-domain environments.
منابع مشابه
Secure policy execution using reusable garbled circuit in the cloud
While cloud computing is fairly mature, there are underpinning data privacy and confidentiality issues that have yet to be resolved by existing security solutions such as cross domain access control policies. The latter necessitates the sharing of attributes with a Trusted Third Party (TTP), which in turn raises data privacy concerns. In this paper, we present a Privacy Aware Cross Tenant Acces...
متن کاملA Comparison of Collaborative Access Control Models
Collaborative environments need access control to data and resources to increase working cooperation efficiently yet effectively. Several approaches are proposed and multiple access control models are recommended in this domain. In this paper, four Role-Based Access Control (RBAC) based collaborative models are selected for analysis and comparison. The standard RBAC model, Team-based Access Con...
متن کاملPair-Wise Privilege Control for Cross-Domain Private Data Sharing
Enterprise-scale organizations have large numbers of internal and external users, with different privilege requirements spanning across many resources. The dynamic nature of modern organizations demands that they efficiently and securely provision and deactivate data privileges to reflect rapidly changing user responsibilities. Previous approaches to consolidated user provisioning have focused ...
متن کاملRisk-Based Privacy-Aware Information Disclosure
Risk-aware access control systems grant or deny access to resources based on the notion of risk. It has many advantages compared to classical approaches, allowing for more flexibility, and ultimately supporting for a better exploitation of data. We propose and demonstrate a risk-aware access control framework for information disclosure, which supports run-time risk assessment. In our framework ...
متن کاملPatients want granular privacy control over health information in electronic medical records
OBJECTIVE To assess patients' desire for granular level privacy control over which personal health information should be shared, with whom, and for what purpose; and whether these preferences vary based on sensitivity of health information. MATERIALS AND METHODS A card task for matching health information with providers, questionnaire, and interview with 30 patients whose health information i...
متن کامل