Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

Understanding Attribute-based Access Control for Modelling and Analysing Healthcare Professionals’ Security Practices

Author 1: Livinus Obiora Nweke
Author 2: Prosper Yeng
Author 3: Stephen D. Wolthusen
Author 4: Bian Yang

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2020.0110286

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 11 Issue 2, 2020.

Abstract: In recent years, there has been an increase in the application of attribute-based access control (ABAC) in electronic health (e-health) systems. E-health systems are used to store a patient’s electronic version of medical records. These records are usually classified according to their usage i.e., electronic health record (EHR) and personal health record (PHR). EHRs are electronic medical records held by the healthcare providers, while PHRs are electronic medical records held by the patients themselves. Both EHRs and PHRs are critical assets that require access control mechanism to regulate the manner in which they are accessed. ABAC has demonstrated to be an efficient and effective approach for providing fine grained access control to these critical assets. In this paper, we conduct a survey of the existing literature on the application of ABAC in e-health systems to understand the suitability of ABAC for e-health systems and the possibility of using ABAC access logs for observing, modelling and analysing security practices of healthcare professionals. We categorize the existing works according to the application of ABAC in PHR and EHR. We then present a discussion on the lessons learned and outline future challenges. This can serve as a basis for selecting and further advancing the use of ABAC in e-health systems

Keywords: Attribute-Based Access Control (ABAC); e-health systems; Personal Health Record (PHR); Electronic Health Record (EHR)

Livinus Obiora Nweke, Prosper Yeng, Stephen D. Wolthusen and Bian Yang, “Understanding Attribute-based Access Control for Modelling and Analysing Healthcare Professionals’ Security Practices” International Journal of Advanced Computer Science and Applications(IJACSA), 11(2), 2020. http://dx.doi.org/10.14569/IJACSA.2020.0110286

@article{Nweke2020,
title = {Understanding Attribute-based Access Control for Modelling and Analysing Healthcare Professionals’ Security Practices},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2020.0110286},
url = {http://dx.doi.org/10.14569/IJACSA.2020.0110286},
year = {2020},
publisher = {The Science and Information Organization},
volume = {11},
number = {2},
author = {Livinus Obiora Nweke and Prosper Yeng and Stephen D. Wolthusen and Bian Yang}
}

IJACSA

Upcoming Conferences

IntelliSys 2021

2-3 September 2021

Future Technologies Conference (FTC) 2021

28-29 October 2021

Future of Information and Communication Conference (FICC) 2022

3-4 March 2022

Computing Conference 2022

14-15 July 2022