Audit-Based Access Control for Electronic Health Records

M.A.C. Dekker, S. Etalle

    Research output: Book/ReportReportProfessional

    53 Downloads (Pure)

    Abstract

    Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e. before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori access control. In this paper we show how the framework can be used in a practical scenario. In particular, we work out the example of an Electronic Health Record (EHR) system, we outline the full architecture needed for audit-based access control and we discuss the requirements and limitations of this approach concerning the underlying infrastructure and its users.
    Original languageEnglish
    Place of PublicationEnschede
    PublisherCentre for Telematics and Information Technology (CTIT)
    Number of pages16
    Publication statusPublished - 1 Jul 2006

    Publication series

    NameCTIT Technical Report Series
    PublisherCentre for Telematics and Information Technology, University of Twente
    No.06-49
    ISSN (Print)1381-3625

    Keywords

    • SCS-Cybersecurity
    • Distributed access control
    • Audit
    • Accountability

    Fingerprint Dive into the research topics of 'Audit-Based Access Control for Electronic Health Records'. Together they form a unique fingerprint.

    Cite this