Cover Image

Security extensible access control markup language policy integration based on role-based access control model in healthcare collaborative environments

Recently research is focused on security policy integration and conflict reconciliation among various healthcare organizations. Problem statement: However, challenging security and privacy risk issues still arisen during sharing sensitive patient data in different large distributed organizations. Th...

Full description

Saved in:
Bibliographic Details
Main Authors: Teo, Poh Kuang, Ibrahim, Hamidah, Udzir, Nur Izura, Sidi, Fatimah
Format: Article
Language:English
Published: Science Publications 2011
Online Access:http://psasir.upm.edu.my/id/eprint/22474/1/ajebasp.2011.101.111.pdf
http://psasir.upm.edu.my/id/eprint/22474/
http://thescipub.com/html/10.3844/ajebasp.2011.101.111
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.upm.eprints.22474
record_format eprints
spelling my.upm.eprints.224742016-06-10T08:46:40Z http://psasir.upm.edu.my/id/eprint/22474/ Security extensible access control markup language policy integration based on role-based access control model in healthcare collaborative environments Teo, Poh Kuang Ibrahim, Hamidah Udzir, Nur Izura Sidi, Fatimah Recently research is focused on security policy integration and conflict reconciliation among various healthcare organizations. Problem statement: However, challenging security and privacy risk issues still arisen during sharing sensitive patient data in different large distributed organizations. Though eXtensible Access Control Markup Language (XACML) has a powerful capacity of expression, it does not support all the elements character of RBAC. Thus, it has not been built to manage security in large distributed systems in healthcare domain since each organization may join or leave at runtime. The policy redundancy and conflict resolution are important to resolve redundancy and inconsistencies before security policies can be integrated for healthcare collaboration. Existing approaches did not look at policy redundancy and conflict resolution process based on the types of redundancy and conflict for dynamic set of organizations collaboration. Besides that, a policy integration mechanism in order to generate actual security policy integration is not in well studied. Approach: In this study, we proposed an approach for integrating security XACML policies based on RBAC policy model considering both constraints and metadata information. Besides that, an approach to filter and collect only the required policies from different organizations based on user’s integration requirements is investigated. It is important for us to resolve policy redundancy and conflicts based on the types of policy redundancy and conflicts. Results: From the observation and literature analysis, it can be concluded that our work could provide the maximum confidence for pre-compile a large amount of policies and only return the most similar policies for policy integration. Besides that, our approach proved that the more restrict policy will be generated during the policy integration. Conclusion: Our work can guarantee the completeness as well as consistency of the access control policy. It is recommended that the dynamic constraints such as dynamic Separation of Duty (SOD) should be considered because we believe this consideration can support dynamic updates and control policies in collaborative environments. Science Publications 2011 Article PeerReviewed application/pdf en http://psasir.upm.edu.my/id/eprint/22474/1/ajebasp.2011.101.111.pdf Teo, Poh Kuang and Ibrahim, Hamidah and Udzir, Nur Izura and Sidi, Fatimah (2011) Security extensible access control markup language policy integration based on role-based access control model in healthcare collaborative environments. American Journal of Economics and Business Administration, 3 (1). pp. 101-111. ISSN 1945-5488; ESSN: 1945-5496 http://thescipub.com/html/10.3844/ajebasp.2011.101.111 10.3844/ajebasp.2011.101.111
institution Universiti Putra Malaysia
building UPM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Putra Malaysia
content_source UPM Institutional Repository
url_provider http://psasir.upm.edu.my/
language English
description Recently research is focused on security policy integration and conflict reconciliation among various healthcare organizations. Problem statement: However, challenging security and privacy risk issues still arisen during sharing sensitive patient data in different large distributed organizations. Though eXtensible Access Control Markup Language (XACML) has a powerful capacity of expression, it does not support all the elements character of RBAC. Thus, it has not been built to manage security in large distributed systems in healthcare domain since each organization may join or leave at runtime. The policy redundancy and conflict resolution are important to resolve redundancy and inconsistencies before security policies can be integrated for healthcare collaboration. Existing approaches did not look at policy redundancy and conflict resolution process based on the types of redundancy and conflict for dynamic set of organizations collaboration. Besides that, a policy integration mechanism in order to generate actual security policy integration is not in well studied. Approach: In this study, we proposed an approach for integrating security XACML policies based on RBAC policy model considering both constraints and metadata information. Besides that, an approach to filter and collect only the required policies from different organizations based on user’s integration requirements is investigated. It is important for us to resolve policy redundancy and conflicts based on the types of policy redundancy and conflicts. Results: From the observation and literature analysis, it can be concluded that our work could provide the maximum confidence for pre-compile a large amount of policies and only return the most similar policies for policy integration. Besides that, our approach proved that the more restrict policy will be generated during the policy integration. Conclusion: Our work can guarantee the completeness as well as consistency of the access control policy. It is recommended that the dynamic constraints such as dynamic Separation of Duty (SOD) should be considered because we believe this consideration can support dynamic updates and control policies in collaborative environments.
format Article
author Teo, Poh Kuang
Ibrahim, Hamidah
Udzir, Nur Izura
Sidi, Fatimah
spellingShingle Teo, Poh Kuang
Ibrahim, Hamidah
Udzir, Nur Izura
Sidi, Fatimah
Security extensible access control markup language policy integration based on role-based access control model in healthcare collaborative environments
author_facet Teo, Poh Kuang
Ibrahim, Hamidah
Udzir, Nur Izura
Sidi, Fatimah
author_sort Teo, Poh Kuang
title Security extensible access control markup language policy integration based on role-based access control model in healthcare collaborative environments
title_short Security extensible access control markup language policy integration based on role-based access control model in healthcare collaborative environments
title_full Security extensible access control markup language policy integration based on role-based access control model in healthcare collaborative environments
title_fullStr Security extensible access control markup language policy integration based on role-based access control model in healthcare collaborative environments
title_full_unstemmed Security extensible access control markup language policy integration based on role-based access control model in healthcare collaborative environments
title_sort security extensible access control markup language policy integration based on role-based access control model in healthcare collaborative environments
publisher Science Publications
publishDate 2011
url http://psasir.upm.edu.my/id/eprint/22474/1/ajebasp.2011.101.111.pdf
http://psasir.upm.edu.my/id/eprint/22474/
http://thescipub.com/html/10.3844/ajebasp.2011.101.111
_version_ 1643827838661427200
score 13.159267

Similar Items