Abstract
Healthcare information and its secure management has become an active research topic along with an increase in the usage of XML documents and the importance of access control in maintaining patient records. In this paper, we present a methodology to describe a formal specification for an authorized view of an XML-based healthcare system having a schema-level access control by assigning well-established concurrency semantics to the system. To achieve this goal, we translate the semantics of the schema, query, access control for XML-based health records, and XPath expressions, into a CSP-like process algebra language through an illustrative example. Finally, our experimental results show the possibility to reason about security properties of an XML-based access control model with the support of automated model checking tools, because it provides the formal semantics for access control policies and XML documents with the tree structure.
Original language | English |
---|---|
Pages (from-to) | 107-117 |
Number of pages | 11 |
Journal | Journal of Research and Practice in Information Technology |
Volume | 46 |
Issue number | 2-3 |
Publication status | Published - 2014 Aug |
Bibliographical note
Publisher Copyright:Copyright © 2014, Australian Computer Society Inc.
Keywords
- Authorized view
- CSP
- Formal specification
- Health records
- Process algebra
- XPath
ASJC Scopus subject areas
- Software
- Information Systems
- Management Information Systems
- Hardware and Architecture
- Computer Networks and Communications