An Adaptation of Context and Trust Aware Workflow Oriented Access Control for Remote Healthcare

摘要

Traditional discretionary access control (DAC) or mandatory access control (MAC) is not quite effective for remote environment. General role-based access control (RBAC) also has its limitations to control access for applications like remote healthcare due to its static nature. Design of effective access control model is indeed a big challenge for such applications. Finegrained access control logic capable of adapting changes based on run-time information needs to be considered to meet the requirements of remote healthcare scenarios. In this work, an adaptive access control model is proposed keeping in compliance with state-of-the-art scenario towards ensuring quality of context and trust relationship between owners and users. It focuses on inter-component relationship, where phases are executed either in online or in offline mode to avoid performance bottleneck. Adaptive binding is integrated with application specific workflows. Workflow net models for different scenarios of medical kiosk-based rural healthcare are analyzed to validate proposed access control logic at design time that can reduce the possibility of major faults at run time. Our proposed work supports formal analysis and verification using Workflow Petri Net Designer (WoPeD) tool. Comparative analysis shows how proposed access control model advances the state of art.