1 / 10

A Policy-Based Security Mechanism for Distributed Health Networks

A Policy-Based Security Mechanism for Distributed Health Networks. A. Onabajo, C. Obry and J. H. Jahnke netlab Research Group 1 Dept of Computer Science University of Victoria, Victoria, BC, Canada. Outline. Motivation Background Policy-Based Security Mechanism A Scenario Future work.

kareem
Download Presentation

A Policy-Based Security Mechanism for Distributed Health Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Policy-Based Security Mechanism for Distributed Health Networks A. Onabajo, C. Obry and J. H. Jahnke netlab Research Group1 Dept of Computer Science University of Victoria, Victoria, BC, Canada

  2. Outline • Motivation • Background • Policy-Based Security Mechanism • A Scenario • Future work

  3. Motivation • Knowledge valuable asset of organizations • Trend towards Distributed/Integrated Health Information • Sensitive patient information has to be protected • Facilitate secured information exchange • Flexible and adaptable approach • Regulations and individual consents • Patient care should still be paramount

  4. Background • Research into middleware solution for integrated medical information systems • Based on domain and technological standards • HL7 Standards e.g. RIM and CDA • Policy-Based Systems • Offer adaptability and easier system modification • Encryption • Public Key Infrastructure (PKI)

  5. Policy-Based Security Mechanism • Policies • Provide the rules for information handling and exchange • Types • Patient • Organizational • Document Type • Encoding • eXtensible Access Control Markup Language (XACML)2 • OASIS standard • Provides languages for defining policies and requests

  6. Policy-Based Mechanism (cont’d) • Policy Evaluation Approach • Match policies to document • Evaluate the rule(s) of policies • Apply effects (deny or permit) of rules • Rule combination • Conflict resolution • Precedence by specificity3

  7. Policy-Based Mechanism (cont’d) • Encryption • Applied after policy evaluation and before transmission • Non-authorized sections are not transmitted • Document will be encrypted with a symmetric key • Encrypted document and symmetric key will be encrypted with recipients public key

  8. A Scenario

  9. Future Work • Currently at initial stage of development • Integration of a Role-based access mechanism • Further refinement of conflict resolution of policies

  10. Resources • www.netlab.uvic.ca • OASIS eXtensible Access Control Markup Language. Available online at http://www.oasisopen.org/committees/tc_home.php?wg_abbrev=xacml • Lupu E.C.and Sloman M., Conflicts in Policy-Based Distributed Systems Management IEEE Transactions on Software Engineering, 1999;25(6) 852-869. • C. Obry, J.H. Jahnke, A. Onabajo and W Schafer “Enabling Privacy in Cross-Organisational Information Mediation – An Application in Health Care”. Proceedings 2003 Software Technology and Engineering Practice, Workshop on e-health, software, systems and networks. Amsterdam, The Netherlands. Sept. 19-21, 2003

More Related