Role-Based Access Control in Kidney Dialysis Information System

摘要

Role-Based Access Control in Kidney Dialysis Information System (RBAC-KDIS) uses the role-based access control mechanism to control unauthorised access to patient medical information in KDIS. This RBAC is a flexible and policy-neutral access control technology. Its properly administered system enables users to carry out a broad range of authorised operations. For example, permissions are not assigned to users but to the roles, thus providing great flexibility in administration and cost reduction. This system was developed using Microsoft Visual InterDev and the Web server is Personal Web Server under the Windows ‘98 platform. Two major sections in RBAC-KDIS are the administrator and the patient record sections.