In this paper, we present a framework where access rights are provided to entities on the basis of the actual task that the entities must fulfill as part of their duties. For capturing the requirements of entities' duties we use the notion of workflow. Our main aim is to provide an access control mechanism that is able to balance the competing goals of flexibility and security. As the main beneficiary of our approach we consider e-Health Applications, where flexibility and security are major requirements. We also provide an implementation of a medical case study to illustrate the framework.
A Workflow-Based Access Control Framework for e-Health Applications
Giovanni Russello;
2008-01-01
Abstract
In this paper, we present a framework where access rights are provided to entities on the basis of the actual task that the entities must fulfill as part of their duties. For capturing the requirements of entities' duties we use the notion of workflow. Our main aim is to provide an access control mechanism that is able to balance the competing goals of flexibility and security. As the main beneficiary of our approach we consider e-Health Applications, where flexibility and security are major requirements. We also provide an implementation of a medical case study to illustrate the framework.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.