Security and Authorization Issues in HL7 Electronic Health Records: A Semantic Web Services Based Approach
نویسندگان
چکیده
As Semantic Web services begin to emerge as the next evolution of the Service Oriented Architecture, it is become clear that authorization is going to be one of its biggest challenges. Not only are there the typical obstacles which most areas of Semantic Web services have had to overcome, i.e. what parts of a Web services need semantic information, how best to use the semantics, and agreeing on standards, but there are the fine grained security implications as well. For instance, how much authorization information is necessary to aid in Semantic Discovery of Web services? Is the authorization information opening any new security holes? It is the goal of this article to address these issues by providing a framework for expressing the proper authorization information in order to aid in the Semantic Discovery of Web services in which the requesting service most likely has the authority to invoke.
منابع مشابه
WebCIS: large scale deployment of a Web-based clinical information system
WebCIS is a Web-based clinical information system. It sits atop the existing Columbia University clinical information system architecture, which includes a clinical repository, the Medical Entities Dictionary, an HL7 interface engine, and an Arden Syntax based clinical event monitor. WebCIS security features include authentication with secure tokens, authorization maintained in an LDAP server, ...
متن کاملAn Extended Role-based Access Control Model for Enterprise Systems and Web Services
This thesis intends to develop application-level access control models to address several major security issues in enterprise environments. The first goal is to provide simple and efficient authorization specifications to reduce the complexity of security management. The second goal is to provide dynamic access control for Web service applications. The third goal is to provide an access control...
متن کاملA security architecture for interconnecting health information systems
Several hereditary and other chronic diseases necessitate continuous and complicated health care procedures, typically offered in different, often distant, health care units. Inevitably, the medical records of patients suffering from such diseases become complex, grow in size very fast and are scattered all over the units involved in the care process, hindering communication of information betw...
متن کاملEHR4CR: A Semantic Web Based Interoperability Approach for Reusing Electronic Healthcare Records in Protocol Feasibility Studies
A major barrier to repurposing routinely collected data for clinical research is the heterogeneity of healthcare information systems. Electronic Health Record for Clinical Research (EHR4CR) is a European project designed to improve the efficiency of conducting clinical trials. We propose an initial architecture of the EHR4CR Semantic Interoperability Framework using Semantic Web technologies. W...
متن کاملA procedure for Web Service Selection Using WS-Policy Semantic Matching
In general, Policy-based approaches play an important role in the management of web services, for instance, in the choice of semantic web service and quality of services (QoS) in particular. The present research work illustrates a procedure for the web service selection among functionality similar web services based on WS-Policy semantic matching. In this study, the procedure of WS-Policy publi...
متن کامل