- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html>
- <head>
- <title>UTas ePrints - Professional Access Control</title>
- <script type="text/javascript" src="http://eprints.utas.edu.au/javascript/auto.js"><!-- padder --></script>
- <style type="text/css" media="screen">@import url(http://eprints.utas.edu.au/style/auto.css);</style>
- <style type="text/css" media="print">@import url(http://eprints.utas.edu.au/style/print.css);</style>
- <link rel="icon" href="/images/eprints/favicon.ico" type="image/x-icon" />
- <link rel="shortcut icon" href="/images/eprints/favicon.ico" type="image/x-icon" />
- <link rel="Top" href="http://eprints.utas.edu.au/" />
- <link rel="Search" href="http://eprints.utas.edu.au/cgi/search" />
- <meta content="de la Motte, Leigh" name="eprints.creators_name" />
- <meta content="Hartnett, Jacky" name="eprints.creators_name" />
- <meta content="lhdela@utas.edu.au" name="eprints.creators_id" />
- <meta content="j.hartnett@utas.edu.au" name="eprints.creators_id" />
- <meta content="conference_item" name="eprints.type" />
- <meta content="2007-02-19" name="eprints.datestamp" />
- <meta content="2008-01-08 15:30:00" name="eprints.lastmod" />
- <meta content="show" name="eprints.metadata_visibility" />
- <meta content="Professional Access Control" name="eprints.title" />
- <meta content="pub" name="eprints.ispublished" />
- <meta content="280103" name="eprints.subjects" />
- <meta content="public" name="eprints.full_text_status" />
- <meta content="paper" name="eprints.pres_type" />
- <meta content="Health Informatics, Access Control, Computer Security, Roles, Medical Records" name="eprints.keywords" />
- <meta content="Topic area and paper objectives:
- This paper investigates the hypotheses that it is possible to build a practical access control system
- for patient records within a hospital domain that ensures access to all those who are at any one time
- part of a particular patient's treating team yet at the same time provides appropriate barriers to
- access for those not currently part of this team. A caveat for this hypothesis is that at no time
- should a clinician be barred from access to a particular record, but that means should exist to ensure
- that appropriate access is accepted and inappropriate access reported upon. Central to this idea is
- that it should be possible to use standards of professional ethics and normal workflow to enable the
- model.
- Background and concise literature review:
- Traditional models of access control do not cope well with the problem of how to define access
- permissions for a team that is dynamic in nature (as is a treating team) and where the access is to
- objects (patient records) only in the loosest 'owned' by those who have a need to access such
- objects. In these models either the system administrator has to define permitted access in advance
- (mandatory access control) or the owner of the data can define the permitted accesses (discretionary
- access control) (Pfleeger 2000). Extensions to Role Based Access Control (RBAC) and Team
- Based Access Control (TMAC) have provided the most useful solutions to date but still require a
- system administrator or surrogate to define appropriate access in advance. (Ferraiolo & Kuhn 1992)
- (Ramaswamy & Sandhu 1998) (NIST 2004) (Thomas 1997) (Georgiadis et al 2001) (Georgiadis
- 2002) However, work by Thomas & Sandhu (1997) and Alotaiby & Chen (2004) has shown that it
- is possible to incorporate changes to access privileges as part of normal workflow.
- Methods:
- As a result of observing and discussing normal and unusual workflow patterns within the
- Tasmanian hospital environment a set of scenarios were developed each of which characterised a
- unique instance of change to whom should be able to access a patient record. The method used by
- current access control models to handle each scenario was then analysed. A new definition of a
- team in a hospital environment was then used to develop the Professional Access control (PAC)
- model that was implemented and tested in Oracle. Testing was carried out using each scenario in a
- simulated hospital of 3 wards, 20 staff and 20 patients.
- Results and discussions:
- Clinicians at a hospital were defined as either being Members: part of a patient's treating team,
- Colleagues: having the same role and belonging to the same unit as the patient or Associates: part of
- the hospital but not currently related to the patient. Being a team Member can be adjusted as part of
- the normal hospital admission and referral processes. Emergency access is provided subject to
- retrospective approval and auditing procedures. The model has been developed as an Oracle
- implementation for a simulated hospital environment and tested against the 24 scenarios defined.
- The Professional Access Control model allows for dynamic definition of the treating team and
- facilitates guaranteed availability to clinicians appropriate to their relationship to a patient. This is
- made possible by relying upon the professional ethics of clinicians rather than those of system
- administrators. It relieves the burden of predefining access control from system administrators
- without endowing clinicians with unnecessary system administration privileges." name="eprints.abstract" />
- <meta content="2005-08" name="eprints.date" />
- <meta content="published" name="eprints.date_type" />
- <meta content="8" name="eprints.pages" />
- <meta content="13th Health Informatics Conference HIC2005" name="eprints.event_title" />
- <meta content="Melbourne, Australia" name="eprints.event_location" />
- <meta content="31 Jul - 02 Aug 2005" name="eprints.event_dates" />
- <meta content="conference" name="eprints.event_type" />
- <meta content="UNSPECIFIED" name="eprints.thesis_type" />
- <meta content="TRUE" name="eprints.refereed" />
- <meta content="Alotaiby, F. T. and Chen, J. X. 2004, 'A Model for Team-based Access Control (TMAC 2004)', International
- Conference on Information Technology: Coding and Computing (ITCC'04), IEEE, Las Vegas, Nevada, USA
- de la Motte, L. H. and Hartnett, J. 2005, 'Trusted Access Control', submitted to Australasian Conference on
- Information Security and Privacy (ACISP'05), Brisbane, Australia
- Ferraiolo, D. and Kuhn, R. 1992, 'Role-Based Access Control', 15th National Computer Security Conference
- Georgiadis, C. K., Mavridis, I., Pangalos, G. and Thomas, R. K. 2001, 'Flexible Team-Based Access Control
- Using Contexts', SACMAT '01, ACM, Chantilly, Virginia, USA, pp. 21-27
- Georgiadis, C. K., Mavridis, I. K. and Pangalos, G. I. 2002, 'Programming a view-based active access-control
- system for healthcare environments.' Health Informatics Journal (2002): 191-198.
- Hartnett, J. 2002, Research into the Implementation of Electronic Consent for the use of Patient Identifiable
- Health Data, University of Tasmania - School of Computing.
- Kalam, A. A. E., Baida, R. E., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miege, A., Saurel, C. and
- Trouessin, G. 2003, 'Organisation based access control', 4th International IEEE Workshop on Policies for Distributed
- Systems and Networks, IEEE, Lake Como, Italy, pp. 120-131
- Kudo, M. 2002, 'PBAC: Provision-based access control model.' International Journal of Information Security
- 12: 116-130.
- NIST 2004, Role Based Access Control. viewed 6th October, 2004, <http://csrc.nist.gov/rbac/>
- Pfleeger, C. P. 2000, Security in Computing, Prentice Hall PTR, Upper Saddle River, New Jersey.
- Ramaswamy, C. and Sandhu, R. 1998, 'Role-Based Access Control Features in Commercial Database
- Management Systems', 21st National Information Systems Security Conference, Crystal City, Virginia, USA
- Schneier, B. 2000, Secrets and Lies, John Wiley & Sons, Inc., New York.
- Thomas, R. K. 1997, 'Team-based Access Control (TMAC): A Primitive for Applying Role-based Access
- Controls in Collaborative Environments', RBAC '97, ACM, Fairfax Va USA, pp. 13-19
- Thomas, R. K. and Sandhu, R. S. 1997, 'Task-based Authorisation Controls (TBAC): A Family of Models for
- Active and Enterprise-oriented Authorisation Management', IFIP WG11.3 Workshop on Database Security, Chapman
- & Hall, Lake Tahoe, California, USA
- Woodcock, D. and Gillies, I. 2003, 'Generic middleware as a new paradigm for providing a single user interface
- to multiple disparate web-based clinical applications', HIC 2003 RACGP 12CC Combined Conferences, Darling
- Harbour, Sydney Australia" name="eprints.referencetext" />
- <meta content="de la Motte, Leigh and Hartnett, Jacky (2005) Professional Access Control. In: 13th Health Informatics Conference HIC2005, 31 Jul - 02 Aug 2005, Melbourne, Australia." name="eprints.citation" />
- <meta content="http://eprints.utas.edu.au/782/1/PAC.pdf" name="eprints.document_url" />
- <link rel="schema.DC" href="http://purl.org/DC/elements/1.0/" />
- <meta content="Professional Access Control" name="DC.title" />
- <meta content="de la Motte, Leigh" name="DC.creator" />
- <meta content="Hartnett, Jacky" name="DC.creator" />
- <meta content="280103 Information Storage, Retrieval and Management" name="DC.subject" />
- <meta content="Topic area and paper objectives:
- This paper investigates the hypotheses that it is possible to build a practical access control system
- for patient records within a hospital domain that ensures access to all those who are at any one time
- part of a particular patient's treating team yet at the same time provides appropriate barriers to
- access for those not currently part of this team. A caveat for this hypothesis is that at no time
- should a clinician be barred from access to a particular record, but that means should exist to ensure
- that appropriate access is accepted and inappropriate access reported upon. Central to this idea is
- that it should be possible to use standards of professional ethics and normal workflow to enable the
- model.
- Background and concise literature review:
- Traditional models of access control do not cope well with the problem of how to define access
- permissions for a team that is dynamic in nature (as is a treating team) and where the access is to
- objects (patient records) only in the loosest 'owned' by those who have a need to access such
- objects. In these models either the system administrator has to define permitted access in advance
- (mandatory access control) or the owner of the data can define the permitted accesses (discretionary
- access control) (Pfleeger 2000). Extensions to Role Based Access Control (RBAC) and Team
- Based Access Control (TMAC) have provided the most useful solutions to date but still require a
- system administrator or surrogate to define appropriate access in advance. (Ferraiolo & Kuhn 1992)
- (Ramaswamy & Sandhu 1998) (NIST 2004) (Thomas 1997) (Georgiadis et al 2001) (Georgiadis
- 2002) However, work by Thomas & Sandhu (1997) and Alotaiby & Chen (2004) has shown that it
- is possible to incorporate changes to access privileges as part of normal workflow.
- Methods:
- As a result of observing and discussing normal and unusual workflow patterns within the
- Tasmanian hospital environment a set of scenarios were developed each of which characterised a
- unique instance of change to whom should be able to access a patient record. The method used by
- current access control models to handle each scenario was then analysed. A new definition of a
- team in a hospital environment was then used to develop the Professional Access control (PAC)
- model that was implemented and tested in Oracle. Testing was carried out using each scenario in a
- simulated hospital of 3 wards, 20 staff and 20 patients.
- Results and discussions:
- Clinicians at a hospital were defined as either being Members: part of a patient's treating team,
- Colleagues: having the same role and belonging to the same unit as the patient or Associates: part of
- the hospital but not currently related to the patient. Being a team Member can be adjusted as part of
- the normal hospital admission and referral processes. Emergency access is provided subject to
- retrospective approval and auditing procedures. The model has been developed as an Oracle
- implementation for a simulated hospital environment and tested against the 24 scenarios defined.
- The Professional Access Control model allows for dynamic definition of the treating team and
- facilitates guaranteed availability to clinicians appropriate to their relationship to a patient. This is
- made possible by relying upon the professional ethics of clinicians rather than those of system
- administrators. It relieves the burden of predefining access control from system administrators
- without endowing clinicians with unnecessary system administration privileges." name="DC.description" />
- <meta content="2005-08" name="DC.date" />
- <meta content="Conference or Workshop Item" name="DC.type" />
- <meta content="PeerReviewed" name="DC.type" />
- <meta content="application/pdf" name="DC.format" />
- <meta content="http://eprints.utas.edu.au/782/1/PAC.pdf" name="DC.identifier" />
- <meta content="de la Motte, Leigh and Hartnett, Jacky (2005) Professional Access Control. In: 13th Health Informatics Conference HIC2005, 31 Jul - 02 Aug 2005, Melbourne, Australia." name="DC.identifier" />
- <meta content="http://eprints.utas.edu.au/782/" name="DC.relation" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/BibTeX/epprod-eprint-782.bib" title="BibTeX" type="text/plain" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/ContextObject/epprod-eprint-782.xml" title="OpenURL ContextObject" type="text/xml" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/ContextObject::Dissertation/epprod-eprint-782.xml" title="OpenURL Dissertation" type="text/xml" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/ContextObject::Journal/epprod-eprint-782.xml" title="OpenURL Journal" type="text/xml" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/DC/epprod-eprint-782.txt" title="Dublin Core" type="text/plain" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/DIDL/epprod-eprint-782.xml" title="DIDL" type="text/xml" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/EndNote/epprod-eprint-782.enw" title="EndNote" type="text/plain" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/HTML/epprod-eprint-782.html" title="HTML Citation" type="text/html; charset=utf-8" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/METS/epprod-eprint-782.xml" title="METS" type="text/xml" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/MODS/epprod-eprint-782.xml" title="MODS" type="text/xml" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/RIS/epprod-eprint-782.ris" title="Reference Manager" type="text/plain" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/Refer/epprod-eprint-782.refer" title="Refer" type="text/plain" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/Simple/epprod-eprint-782text" title="Simple Metadata" type="text/plain" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/Text/epprod-eprint-782.txt" title="ASCII Citation" type="text/plain; charset=utf-8" />
- <link rel="alternate" href="http://eprints.utas.edu.au/cgi/export/782/XML/epprod-eprint-782.xml" title="EP3 XML" type="text/xml" />
-
- </head>
- <body bgcolor="#ffffff" text="#000000" onLoad="loadRoutine(); MM_preloadImages('images/eprints/ePrints_banner_r5_c5_f2.gif','images/eprints/ePrints_banner_r5_c7_f2.gif','images/eprints/ePrints_banner_r5_c8_f2.gif','images/eprints/ePrints_banner_r5_c9_f2.gif','images/eprints/ePrints_banner_r5_c10_f2.gif','images/eprints/ePrints_banner_r5_c11_f2.gif','images/eprints/ePrints_banner_r6_c4_f2.gif')">
-
- <div class="ep_noprint"><noscript><style type="text/css">@import url(http://eprints.utas.edu.au/style/nojs.css);</style></noscript></div>
-
-
-
-
- <table width="795" border="0" cellspacing="0" cellpadding="0">
- <tr>
- <td><script language="JavaScript1.2">mmLoadMenus();</script>
- <table border="0" cellpadding="0" cellspacing="0" width="795">
- <!-- fwtable fwsrc="eprints_banner_final2.png" fwbase="ePrints_banner.gif" fwstyle="Dreamweaver" fwdocid = "1249563342" fwnested="0" -->
- <tr>
- <td><img src="/images/eprints/spacer.gif" width="32" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="104" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="44" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="105" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="41" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="16" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="68" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="68" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="68" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="82" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="69" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="98" height="1" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="1" height="1" border="0" alt="" /></td>
- </tr>
- <tr>
- <td colspan="12"><img name="ePrints_banner_r1_c1" src="/images/eprints/ePrints_banner_r1_c1.gif" width="795" height="10" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="1" height="10" border="0" alt="" /></td>
- </tr>
- <tr>
- <td rowspan="6"><img name="ePrints_banner_r2_c1" src="/images/eprints/ePrints_banner_r2_c1.gif" width="32" height="118" border="0" alt="" /></td>
- <td rowspan="5"><a href="http://www.utas.edu.au/"><img name="ePrints_banner_r2_c2" src="/images/eprints/ePrints_banner_r2_c2.gif" width="104" height="103" border="0" alt="" /></a></td>
- <td colspan="10"><img name="ePrints_banner_r2_c3" src="/images/eprints/ePrints_banner_r2_c3.gif" width="659" height="41" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="1" height="41" border="0" alt="" /></td>
- </tr>
- <tr>
- <td colspan="3"><a href="http://eprints.utas.edu.au/"><img name="ePrints_banner_r3_c3" src="/images/eprints/ePrints_banner_r3_c3.gif" width="190" height="31" border="0" alt="" /></a></td>
- <td rowspan="2" colspan="7"><img name="ePrints_banner_r3_c6" src="/images/eprints/ePrints_banner_r3_c6.gif" width="469" height="37" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="1" height="31" border="0" alt="" /></td>
- </tr>
- <tr>
- <td colspan="3"><img name="ePrints_banner_r4_c3" src="/images/eprints/ePrints_banner_r4_c3.gif" width="190" height="6" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="1" height="6" border="0" alt="" /></td>
- </tr>
- <tr>
- <td colspan="2"><img name="ePrints_banner_r5_c3" src="/images/eprints/ePrints_banner_r5_c3.gif" width="149" height="1" border="0" alt="" /></td>
- <td rowspan="2" colspan="2"><a href="/information.html" onMouseOut="MM_swapImgRestore();MM_startTimeout()" onMouseOver="MM_showMenu(window.mm_menu_0821132634_0,0,25,null,'ePrints_banner_r5_c5');MM_swapImage('ePrints_banner_r5_c5','','/images/eprints/ePrints_banner_r5_c5_f2.gif',1);"><img name="ePrints_banner_r5_c5" src="/images/eprints/ePrints_banner_r5_c5.gif" width="57" height="25" border="0" alt="About" /></a></td>
- <td rowspan="2"><a href="/view/" onMouseOut="MM_swapImgRestore();MM_startTimeout()" onMouseOver="MM_showMenu(window.mm_menu_0821133021_1,0,25,null,'ePrints_banner_r5_c7');MM_swapImage('ePrints_banner_r5_c7','','/images/eprints/ePrints_banner_r5_c7_f2.gif',1);"><img name="ePrints_banner_r5_c7" src="/images/eprints/ePrints_banner_r5_c7.gif" width="68" height="25" border="0" alt="Browse" /></a></td>
- <td rowspan="2"><a href="/perl/search/simple" onMouseOut="MM_swapImgRestore();MM_startTimeout()" onMouseOver="MM_showMenu(window.mm_menu_0821133201_2,0,25,null,'ePrints_banner_r5_c8');MM_swapImage('ePrints_banner_r5_c8','','/images/eprints/ePrints_banner_r5_c8_f2.gif',1);"><img name="ePrints_banner_r5_c8" src="/images/eprints/ePrints_banner_r5_c8.gif" width="68" height="25" border="0" alt="Search" /></a></td>
- <td rowspan="2"><a href="/perl/register" onMouseOut="MM_swapImgRestore();MM_startTimeout();" onMouseOver="MM_showMenu(window.mm_menu_1018171924_3,0,25,null,'ePrints_banner_r5_c9');MM_swapImage('ePrints_banner_r5_c9','','/images/eprints/ePrints_banner_r5_c9_f2.gif',1);"><img name="ePrints_banner_r5_c9" src="/images/eprints/ePrints_banner_r5_c9.gif" width="68" height="25" border="0" alt="register" /></a></td>
- <td rowspan="2"><a href="/perl/users/home" onMouseOut="MM_swapImgRestore();MM_startTimeout()" onMouseOver="MM_showMenu(window.mm_menu_0821133422_4,0,25,null,'ePrints_banner_r5_c10');MM_swapImage('ePrints_banner_r5_c10','','/images/eprints/ePrints_banner_r5_c10_f2.gif',1);"><img name="ePrints_banner_r5_c10" src="/images/eprints/ePrints_banner_r5_c10.gif" width="82" height="25" border="0" alt="user area" /></a></td>
- <td rowspan="2"><a href="/help/" onMouseOut="MM_swapImgRestore();MM_startTimeout()" onMouseOver="MM_showMenu(window.mm_menu_0821133514_5,0,25,null,'ePrints_banner_r5_c11');MM_swapImage('ePrints_banner_r5_c11','','/images/eprints/ePrints_banner_r5_c11_f2.gif',1);"><img name="ePrints_banner_r5_c11" src="/images/eprints/ePrints_banner_r5_c11.gif" width="69" height="25" border="0" alt="Help" /></a></td>
- <td rowspan="3" colspan="4"><img name="ePrints_banner_r5_c12" src="/images/eprints/ePrints_banner_r5_c12.gif" width="98" height="40" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="1" height="1" border="0" alt="" /></td>
- </tr>
- <tr>
- <td rowspan="2"><img name="ePrints_banner_r6_c3" src="/images/eprints/ePrints_banner_r6_c3.gif" width="44" height="39" border="0" alt="ePrints home" /></td>
- <td><a href="/" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('ePrints_banner_r6_c4','','/images/eprints/ePrints_banner_r6_c4_f2.gif',1);"><img name="ePrints_banner_r6_c4" src="/images/eprints/ePrints_banner_r6_c4.gif" width="105" height="24" border="0" alt="ePrints home" /></a></td>
- <td><img src="/images/eprints/spacer.gif" width="1" height="24" border="0" alt="" /></td>
- </tr>
- <tr>
- <td><img name="ePrints_banner_r7_c2" src="/images/eprints/ePrints_banner_r7_c2.gif" width="104" height="15" border="0" alt="" /></td>
- <td colspan="8"><img name="ePrints_banner_r7_c4" src="/images/eprints/ePrints_banner_r7_c4.gif" width="517" height="15" border="0" alt="" /></td>
- <td><img src="/images/eprints/spacer.gif" width="1" height="15" border="0" alt="" /></td>
- </tr>
- </table></td>
- </tr>
- <tr><td><table width="100%" style="font-size: 90%; border: solid 1px #ccc; padding: 3px"><tr>
- <td align="left"><a href="http://eprints.utas.edu.au/cgi/users/home">Login</a> | <a href="http://eprints.utas.edu.au/cgi/register">Create Account</a></td>
- <td align="right" style="white-space: nowrap">
- <form method="get" accept-charset="utf-8" action="http://eprints.utas.edu.au/cgi/search" style="display:inline">
- <input class="ep_tm_searchbarbox" size="20" type="text" name="q" />
- <input class="ep_tm_searchbarbutton" value="Search" type="submit" name="_action_search" />
- <input type="hidden" name="_order" value="bytitle" />
- <input type="hidden" name="basic_srchtype" value="ALL" />
- <input type="hidden" name="_satisfyall" value="ALL" />
- </form>
- </td>
- </tr></table></td></tr>
- <tr>
- <td class="toplinks"><!-- InstanceBeginEditable name="content" -->
-
-
- <div align="center">
-
- <table width="720" class="ep_tm_main"><tr><td align="left">
- <h1 class="ep_tm_pagetitle">Professional Access Control</h1>
- <p style="margin-bottom: 1em" class="not_ep_block"><span class="person_name">de la Motte, Leigh</span> and <span class="person_name">Hartnett, Jacky</span> (2005) <xhtml:em>Professional Access Control.</xhtml:em> In: 13th Health Informatics Conference HIC2005, 31 Jul - 02 Aug 2005, Melbourne, Australia.</p><p style="margin-bottom: 1em" class="not_ep_block"></p><table style="margin-bottom: 1em" class="not_ep_block"><tr><td valign="top" style="text-align:center"><a onmouseover="EPJS_ShowPreview( event, 'doc_preview_790' );" href="http://eprints.utas.edu.au/782/1/PAC.pdf" onmouseout="EPJS_HidePreview( event, 'doc_preview_790' );"><img alt="[img]" src="http://eprints.utas.edu.au/style/images/fileicons/application_pdf.png" class="ep_doc_icon" border="0" /></a><div class="ep_preview" id="doc_preview_790"><table><tr><td><img alt="" src="http://eprints.utas.edu.au/782/thumbnails/1/preview.png" class="ep_preview_image" border="0" /><div class="ep_preview_title">Preview</div></td></tr></table></div></td><td valign="top"><a href="http://eprints.utas.edu.au/782/1/PAC.pdf"><span class="ep_document_citation">PDF</span></a> - Requires a PDF viewer<br />462Kb</td></tr></table><div class="not_ep_block"><h2>Abstract</h2><p style="padding-bottom: 16px; text-align: left; margin: 1em auto 0em auto">Topic area and paper objectives:
- This paper investigates the hypotheses that it is possible to build a practical access control system
- for patient records within a hospital domain that ensures access to all those who are at any one time
- part of a particular patient's treating team yet at the same time provides appropriate barriers to
- access for those not currently part of this team. A caveat for this hypothesis is that at no time
- should a clinician be barred from access to a particular record, but that means should exist to ensure
- that appropriate access is accepted and inappropriate access reported upon. Central to this idea is
- that it should be possible to use standards of professional ethics and normal workflow to enable the
- model.
- Background and concise literature review:
- Traditional models of access control do not cope well with the problem of how to define access
- permissions for a team that is dynamic in nature (as is a treating team) and where the access is to
- objects (patient records) only in the loosest 'owned' by those who have a need to access such
- objects. In these models either the system administrator has to define permitted access in advance
- (mandatory access control) or the owner of the data can define the permitted accesses (discretionary
- access control) (Pfleeger 2000). Extensions to Role Based Access Control (RBAC) and Team
- Based Access Control (TMAC) have provided the most useful solutions to date but still require a
- system administrator or surrogate to define appropriate access in advance. (Ferraiolo & Kuhn 1992)
- (Ramaswamy & Sandhu 1998) (NIST 2004) (Thomas 1997) (Georgiadis et al 2001) (Georgiadis
- 2002) However, work by Thomas & Sandhu (1997) and Alotaiby & Chen (2004) has shown that it
- is possible to incorporate changes to access privileges as part of normal workflow.
- Methods:
- As a result of observing and discussing normal and unusual workflow patterns within the
- Tasmanian hospital environment a set of scenarios were developed each of which characterised a
- unique instance of change to whom should be able to access a patient record. The method used by
- current access control models to handle each scenario was then analysed. A new definition of a
- team in a hospital environment was then used to develop the Professional Access control (PAC)
- model that was implemented and tested in Oracle. Testing was carried out using each scenario in a
- simulated hospital of 3 wards, 20 staff and 20 patients.
- Results and discussions:
- Clinicians at a hospital were defined as either being Members: part of a patient's treating team,
- Colleagues: having the same role and belonging to the same unit as the patient or Associates: part of
- the hospital but not currently related to the patient. Being a team Member can be adjusted as part of
- the normal hospital admission and referral processes. Emergency access is provided subject to
- retrospective approval and auditing procedures. The model has been developed as an Oracle
- implementation for a simulated hospital environment and tested against the 24 scenarios defined.
- The Professional Access Control model allows for dynamic definition of the treating team and
- facilitates guaranteed availability to clinicians appropriate to their relationship to a patient. This is
- made possible by relying upon the professional ethics of clinicians rather than those of system
- administrators. It relieves the burden of predefining access control from system administrators
- without endowing clinicians with unnecessary system administration privileges.</p></div><table style="margin-bottom: 1em" cellpadding="3" class="not_ep_block" border="0"><tr><th valign="top" class="ep_row">Item Type:</th><td valign="top" class="ep_row">Conference or Workshop Item (Paper)</td></tr><tr><th valign="top" class="ep_row">Keywords:</th><td valign="top" class="ep_row">Health Informatics, Access Control, Computer Security, Roles, Medical Records</td></tr><tr><th valign="top" class="ep_row">Subjects:</th><td valign="top" class="ep_row"><a href="http://eprints.utas.edu.au/view/subjects/280103.html">280000 Information, Computing and Communication Sciences > 280100 Information Systems > 280103 Information Storage, Retrieval and Management</a></td></tr><tr><th valign="top" class="ep_row">ID Code:</th><td valign="top" class="ep_row">782</td></tr><tr><th valign="top" class="ep_row">Deposited By:</th><td valign="top" class="ep_row"><span class="ep_name_citation"><span class="person_name">Mr Leigh de la Motte</span></span></td></tr><tr><th valign="top" class="ep_row">Deposited On:</th><td valign="top" class="ep_row">19 Feb 2007</td></tr><tr><th valign="top" class="ep_row">Last Modified:</th><td valign="top" class="ep_row">09 Jan 2008 02:30</td></tr><tr><th valign="top" class="ep_row">ePrint Statistics:</th><td valign="top" class="ep_row"><a target="ePrintStats" href="/es/index.php?action=show_detail_eprint;id=782;">View statistics for this ePrint</a></td></tr></table><p align="right">Repository Staff Only: <a href="http://eprints.utas.edu.au/cgi/users/home?screen=EPrint::View&eprintid=782">item control page</a></p>
- </td></tr></table>
- </div>
-
-
-
- <!-- InstanceEndEditable --></td>
- </tr>
- <tr>
- <td><!-- #BeginLibraryItem "/Library/footer_eprints.lbi" -->
- <table width="795" border="0" align="left" cellpadding="0" class="footer">
- <tr valign="top">
- <td colspan="2"><div align="center"><a href="http://www.utas.edu.au">UTAS home</a> | <a href="http://www.utas.edu.au/library/">Library home</a> | <a href="/">ePrints home</a> | <a href="/contact.html">contact</a> | <a href="/information.html">about</a> | <a href="/view/">browse</a> | <a href="/perl/search/simple">search</a> | <a href="/perl/register">register</a> | <a href="/perl/users/home">user area</a> | <a href="/help/">help</a></div><br /></td>
- </tr>
- <tr><td colspan="2"><p><img src="/images/eprints/footerline.gif" width="100%" height="4" /></p></td></tr>
- <tr valign="top">
- <td width="68%" class="footer">Authorised by the University Librarian<br />
- © University of Tasmania ABN 30 764 374 782<br />
- <a href="http://www.utas.edu.au/cricos/">CRICOS Provider Code 00586B</a> | <a href="http://www.utas.edu.au/copyright/copyright_disclaimers.html">Copyright & Disclaimers</a> | <a href="http://www.utas.edu.au/accessibility/index.html">Accessibility</a> | <a href="http://eprints.utas.edu.au/feedback/">Site Feedback</a> </td>
- <td width="32%"><div align="right">
- <p align="right" class="NoPrint"><a href="http://www.utas.edu.au/"><img src="http://www.utas.edu.au/shared/logos/unioftasstrip.gif" alt="University of Tasmania Home Page" width="260" height="16" border="0" align="right" /></a></p>
- <p align="right" class="NoPrint"><a href="http://www.utas.edu.au/"><br />
- </a></p>
- </div></td>
- </tr>
- <tr valign="top">
- <td><p> </p></td>
- <td><div align="right"><span class="NoPrint"><a href="http://www.eprints.org/software/"><img src="/images/eprintslogo.gif" alt="ePrints logo" width="77" height="29" border="0" align="bottom" /></a></span></div></td>
- </tr>
- </table>
- <!-- #EndLibraryItem -->
- <div align="center"></div></td>
- </tr>
- </table>
-
- </body>
- </html>