IDEAS home Printed from https://ideas.repec.org/a/abk/jajeba/ajebasp.2011.101.111.html
   My bibliography  Save this article

Security Extensible Access Control Markup Language Policy Integration Based on Role-Based Access Control Model in Healthcare Collaborative Environments

Author

Listed:
  • Teo Poh Kuang
  • Hamidah Ibrahim
  • Nur Izura Udzir
  • Fatimah Sidi

Abstract

Recently research is focused on security policy integration and conflict reconciliation among various healthcare organizations. Problem statement: However, challenging security and privacy risk issues still arisen during sharing sensitive patient data in different large distributed organizations. Though eXtensible Access Control Markup Language (XACML) has a powerful capacity of expression, it does not support all the elements character of RBAC. Thus, it has not been built to manage security in large distributed systems in healthcare domain since each organization may join or leave at runtime. The policy redundancy and conflict resolution are important to resolve redundancy and inconsistencies before security policies can be integrated for healthcare collaboration. Existing approaches did not look at policy redundancy and conflict resolution process based on the types of redundancy and conflict for dynamic set of organizations collaboration. Besides that, a policy integration mechanism in order to generate actual security policy integration is not in well studied. Approach: In this study, we proposed an approach for integrating security XACML policies based on RBAC policy model considering both constraints and meta data information. Besides that, an approach to filter and collect only the required policies from different organizations based on user’s integration requirements is investigated. It is important for us to resolve policy redundancy and conflicts based on the types of policy redundancy and conflicts. Results: From the observation and literature analysis, it can be concluded that our work could provide the maximum confidence for pre-compile a large amount of policies and only return the most similar policies for policy integration. Besides that, our approach proved that the more restrict policy will be generated during the policy integration. Conclusion: Our work can guarantee the completeness as well as consistency of the access control policy. It is recommended that the dynamic constraints such as dynamic Separation Of Duty (SOD) should be considered because we believe this consideration can support dynamic updates and control policies in collaborative environments.

Suggested Citation

  • Teo Poh Kuang & Hamidah Ibrahim & Nur Izura Udzir & Fatimah Sidi, 2011. "Security Extensible Access Control Markup Language Policy Integration Based on Role-Based Access Control Model in Healthcare Collaborative Environments," American Journal of Economics and Business Administration, Science Publications, vol. 3(1), pages 101-111, January.
    • Handle: RePEc:abk:jajeba:ajebasp.2011.101.111
    DOI: 10.3844/ajebasp.2011.101.111
    as

    Download full text from publisher

    File URL: https://thescipub.com/pdf/ajebasp.2011.101.111.pdf
    Download Restriction: no
    File URL: https://thescipub.com/abstract/ajebasp.2011.101.111
    Download Restriction: no
    File URL: https://libkey.io/10.3844/ajebasp.2011.101.111?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Wan Hussain Wan Ishak, 2011. "A Review Note of KMICe 2010: Knowledge Management Initiatives to Improve Organization Performance," American Journal of Economics and Business Administration, Science Publications, vol. 3(1), pages 219-223, March.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:abk:jajeba:ajebasp.2011.101.111. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Jeffery Daniels (email available below). General contact details of provider: https://thescipub.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.