Capability Exchange: Improving Access Control Usability in Health IT
نویسندگان
چکیده
Clinicians report usability problems in modern health IT systems in part because the strictness of computerization eliminates the layer of informality which previously enabled them to get their jobs done. In this paper, we examine a solution by considering the strictly-enforced medical order as a security capability, and then using capability exchange to authorize frustrated end-users to re-introduce the necessarily flexibility. We prototype our idea using OpenEMR and Belay, and show how this prototype can address access control usability problems reported by clinicians.
منابع مشابه
Improving Usability via Access Decomposition and Policy Refinement
Commodity operating systems fail to meet the security, resource management and integration expectations of users. We propose a unified solution based on a capability framework as it supports fine grained objects, straightforward access propagation and virtualizable interfaces and explore how to improve resource use via access decomposition and policy refinement with minimum interposition. We ar...
متن کاملImproving the Security and Usability of Cloud Services with User-centric Security Models by Saman Zarandioon
OF THE DISSERTATION Improving the security and usability of cloud services with user-centric security models by Saman Zarandioon Dissertation Director: Danfeng Yao and Vinod Ganapathy Cloud computing is a paradigm shift in the way we define software and hardware, and architect our IT solutions. The emerging cloud technologies, due to their various unique and attractive properties, are evolving ...
متن کاملSecure and auditable agent-based communication protocol for e-health system framework
Security is essential for e-health system as it provides highly sensitive distributed medical data and exchanged among the healthcare professionals, customers and providers over Internet. Internet is an open access system that allows anyone to participate and access the data. Hence, it is necessary to protect the data, service from the unauthorized visibility, use and also maintain a high degre...
متن کاملPrivacy Preserving Dynamic Access Control Model with Access Delegation for eHealth
eHealth is the concept of using the stored digital data to achieve clinical, educational, and administrative goals and meet the needs of patients, experts, and medical care providers. Expansion of the utilization of information technology and in particular, the Internet of Things (IoT) in eHealth, raises various challenges, where the most important one is security and access control. In this re...
متن کاملEmployees’ opinion in Tehran University of Medical Sciences (TUMS) on usability of in-service electronic training courses
Introduction: Usability is one of the issues that must be considered in designing effective e-learning courses. The aim of this study was evaluating employees’ opinion in Tehran University of Medical Sciences (TUMS) about usability of in-service electronic training courses. Methods: This descriptive cross sectional study was conducted on employees in Tehran University of Medical Sciences, work...
متن کامل