An Extended Attribute-Based Access Control (ABAC) Model for Distributed Collaborative Healthcare System

摘要

The healthcare system is a real example of a distributed collaborative system, which aims to improve the patient's healthcare. The most important requirements of the healthcare system are the sensitivity of the medical data processed, large numbers of medical and para-medical interveners, as well as the medical treatment activity is a non-static process. Protecting data from unauthorized access and data sharing security in the healthcare environment is a critical process that influences system credibility. To achieve this goal and to meet the requirements of the healthcare system, the authors propose an extended Attribute-Based Access Control (ABAC) model by introducing the medical activity concept. This article defines the medical activity concept as an abstraction of collaboration in a care unit, defined by a medical activity purpose, in which the collaborators (or actors) realize their tasks in order to achieve the treatment purpose. The current access control model ABAC and these variants do not take into account the (business process) activity concept in the decision mechanism. In this paper, the authors propose a new access control model, called Medical-Activity-Attribute-Based Access Control (MA-ABAC), which can effectively enhance the security for healthcare system and produce more perfect and flexible mechanism of access control; order to strongly respond to the requirements of the distributed healthcare environment.