GET THE APP

XACML-BASED SECURITY DESIGN PATTERNS FOR CLINICAL RESEARCH
..

Journal of Health & Medical Informatics

ISSN: 2157-7420

Open Access

XACML-BASED SECURITY DESIGN PATTERNS FOR CLINICAL RESEARCH


4th International Conference on Medical Informatics & Telehealth

October 6-7, 2016 | London, UK

Tracy McLean and Richard Sinnott

University of Birmingham, UK
University of Melbourne, Australia

Posters & Accepted Abstracts: J Health Med Informat

Abstract :

As web-based applications and services grow in size and complexity, traditional access control solutions based on the preliminary identification of users become inadequate for enforcing access control. This is the case in a clinical research environment where web service applications are often distributed and contain sensitive information. The increasing challenges to achieve specific information security goal such as fine-grained authorisation, confidentiality, integrity and non-repudiation may result in security vulnerabilities if not addressed. However, by applying best practice solutions, we demonstrate the use of security design patterns to describe reusable solutions to recurring security issues in clinical research. In this paper, we focus on the composition of clinical access control policies to enhance the authorisation flow of the AndroPhenome project at the University of Birmingham. The work exploits the extensible Access Control Markup Language (XACML) syntax to define the clinical security policies. To eliminate or mitigate the consequences of security vulnerabilities associated with access control, the constructs of the XACML policy elements including combining algorithms and obligations are used to deliver specific security features through a policy enforcement point (PEP) and policy decision point (PDP).

Biography :

Email: tam146@bham.ac.uk

Google Scholar citation report
Citations: 2700

Journal of Health & Medical Informatics received 2700 citations as per Google Scholar report

Journal of Health & Medical Informatics peer review process verified at publons

Indexed In

 
arrow_upward arrow_upward