Activity-oriented access control to ubiquitous hospital information and services

Xuan Hung Le, Sungyoung Lee, Young Koo Lee, Heejo Lee, Murad Khalid, Ravi Sankar

    Research output: Contribution to journalArticlepeer-review

    33 Citations (Scopus)

    Abstract

    In hospital information systems, protecting the confidentiality of health information, whilst at the same time allowing authorized physicians to access it conveniently, is a crucial requirement. The need to deliver health information at the point-of-care is a primary factor to increase healthcare quality and cost efficiency. However, current systems require considerable coordination effort of hospital professionals to locate relevant documents to support a specific activity. This paper presents a flexible and dynamic access control model, Activity-Oriented Access Control (AOAC), which is based on user activity to authorize access permissions. A user is allowed to perform an activity if he/she holds a number of satisfactory attributes (i.e. roles, assignments, etc.) under a specified condition (e.g. time, location). Results of AOAC implementation in a realistic healthcare scenario have shown to meet two important requirements: protecting confidentiality of health information by denying an unauthorized access, and allowing physicians to conveniently browse medical data at the point-of-care. Furthermore, the average execution time was 0.078 s which allows AOAC to work in real-time.

    Original languageEnglish
    Pages (from-to)2979-2990
    Number of pages12
    JournalInformation Sciences
    Volume180
    Issue number16
    DOIs
    Publication statusPublished - 2010 Aug 15

    Bibliographical note

    Funding Information:
    This work was supported by a grant from the Kyung Hee University in 2009 ( KHU-20090437 ).

    Keywords

    • Access control
    • Human activity
    • Security
    • Ubiquitous hospital information system and services

    ASJC Scopus subject areas

    • Software
    • Control and Systems Engineering
    • Theoretical Computer Science
    • Computer Science Applications
    • Information Systems and Management
    • Artificial Intelligence

    Fingerprint

    Dive into the research topics of 'Activity-oriented access control to ubiquitous hospital information and services'. Together they form a unique fingerprint.

    Cite this