An Optimized Role-Based Access Control Using Trust Mechanism in E-Health Cloud Environment

Butt, Ateeq Ur Rehman; Mahmood, Tariq; Saba, Tanzila; Bahaj, Saeed Ali Omer; Alamri, Faten S.; Iqbal, Muhammad Waseem; Khan, Amjad R.

doi:10.1109/access.2023.3335984

Cited by 4 publications

(5 citation statements)

References 52 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The negative impact of implementation challenges on RBAC's effectiveness (H2) underscores the nuanced barriers organizations face, especially the administrative and technical hurdles that can diminish the system's efficacy. This complexity resonates with the challenges highlighted by existing studies on RBAC implementation [59] [26] [33].…”

Section: Discussionmentioning

confidence: 83%

“…Although scholars laud RBAC for its effectiveness in mitigating insider threats [26][32] [33], it is not devoid of challenges, as studies argue that the complexity of defining and managing roles can be a significant barrier, especially in large and dynamic organizations. There is also an ongoing debate about the potential for RBAC to become too restrictive, hindering operational efficiency.…”

Section: Rbac's Role In Mitigating Insider Threatsmentioning

confidence: 99%

“…While Role-Based Access Control (RBAC) is acclaimed for its strategic approach to minimizing insider threats, its implementation and operationalization present challenges and limitations [32]. These obstacles affect the efficiency and effectiveness of RBAC systems and highlight the nuanced complexity of mitigating insider threats within diverse organizational landscapes [33]. For instance, a significantly pressing challenge in implementing RBAC is the phenomenon of role explosion, where the granularity of roles becomes so detailed that managing them becomes impractical [39].…”

Section: Challenges and Limitations Of Rbac In Insider Threat Mitigationmentioning

confidence: 99%

See 2 more Smart Citations

From Theory to Practice: Implementing Effective Role-Based Access Control Strategies to Mitigate Insider Risks in Diverse Organizational Contexts

Marquis

2024

JERR

View full text Add to dashboard Cite

This study investigates the effectiveness of Role-Based Access Control (RBAC) systems in mitigating insider threats to database security within various organizational environments. Insider threats represent a significant challenge for database security, necessitating robust and adaptive security measures. By delineating access based on users' roles within an organization, RBAC emerges as a critical tool against such threats. Employing a quantitative research methodology, this work gathered data through a survey targeting professionals directly involved in the security and management of organizational databases across technology, finance, healthcare, and government industries. The study utilized Confirmatory Factor Analysis (CFA) and Structural Equation Modeling (SEM) to validate the measurement model and analyze the relationships between RBAC effectiveness, implementation challenges, RBAC enhancements, and their collective impact on insider threat reduction. Findings indicate that RBAC effectively reduces unauthorized access and data breaches, significantly mitigating insider threats. However, implementation challenges such as role definition complexity and adapting to dynamic access needs emerge as notable obstacles. Enhancements in RBAC, mainly through integrating technologies like machine learning and dynamic access controls, are identified as critical mediators that enhance RBAC's effectiveness. The study concludes that while RBAC is a vital tool for database security, its success depends on continuous improvement and customization to specific organizational contexts. It recommends developing continuous enhancement programs for RBAC systems, specialized training for administrators, and the customization of RBAC strategies to meet unique organizational and industry needs. These measures are crucial for optimizing RBAC's effectiveness against insider threats.

show abstract

Section: Discussionmentioning

confidence: 83%

Section: Rbac's Role In Mitigating Insider Threatsmentioning

confidence: 99%

Section: Challenges and Limitations Of Rbac In Insider Threat Mitigationmentioning

confidence: 99%

See 1 more Smart Citation

From Theory to Practice: Implementing Effective Role-Based Access Control Strategies to Mitigate Insider Risks in Diverse Organizational Contexts

Marquis

2024

JERR

View full text Add to dashboard Cite

show abstract

“…For instance, with a cloud-based healthcare system, the role of 'Doctor' might have scoped access corresponding to its specialization, the 'Nurse' might have access rights that suit their duties, and the 'Administrator' might have admin access for managing the healthcare system. Its architecture matches the compliance requirements because it can put up with the development of distinct requirements, which are usually dependent on information security standards such as HIPAA or GDPR [2]. RBAC categorizes permissions according to roles and, as a result, offers a practical, scalable, and safe hierarchical structure for user authorizations in the cloud.…”

Section: Role-based Access Control (Rbac) In Cloud Storagementioning

confidence: 99%

“…RBAC's identified risk mitigation method is the effective way of accessing unintended data among multiple entities storing data in the cloud [1]. An essential aspect of the RBAC model is a structure adopting an approach based on the user roles, which rotates around the permit issuing and auditing [2]. The different phenomena in the case of traits-based access control (ABAC) are more of a dynamic and sophisticated model of authorization that confers access rights upon the features of the users and the environmental attributes [3].…”

Section: Introductionmentioning

confidence: 99%

Cloud access

2024

IRJMETS

View full text Add to dashboard Cite

Cloud computing has revolutionized data management systems through Scalable, Flexible, and Cost-effective solutions. Though having cybersecurity benefits does give the platform an edge in access control, it comes with profound cybersecurity challenges. Providing efficient and assured access control systems is necessary to prevent a bulk of sensitive information from leaking while giving legitimate users access whenever required. This article delves into three prominent access control mechanisms in cloud storage: Role-based access control, attribute-based access control, and policy-based access control. Different versions of the mechanism fetch access rights in cloud computing ecosystems to provide diverse security purposes and mitigate specific operational complexities. The article aims to analyze the central mechanisms and how they play a part in ensuring cloud storage security, how they function, and their advantages and drawbacks. RBAC is based on assigning permissions based on the role of the organization. For example, ABAC uses the user's attributes for authority, and PBAC uses policies and considers contextual factors. The use of the various access control methodologies in cloud storage is no longer a question of data security but also a contributing factor to effective business operations and achieving regulatory compliance. This meticulous analysis, founded on the academic literature, offers a clear insight into the processes involved, providing decision-makers with a framework for protecting their clouds.

show abstract

Blockchain-Based Healthcare Records Management Framework: Enhancing Security, Privacy, and Interoperability

Tahir,

Rashid,

Hadi

et al. 2024

Technologies

View full text Add to dashboard Cite

This study investigated the potential of blockchain technology to transform Electronic Health Record (EHR) administration, integrity, and security. EHRs store vital health information such as medical history, diagnosis, prescriptions, and imaging findings, which may be shared with healthcare professionals to improve patient care. The existing EHR systems have a centralized framework. These centralized systems have a single point of failure, data management, integrity, and security concerns. Blockchain technology provides a solution to these problems by delivering benefits such as safety, privacy, secrecy, and decentralization. This study presents a framework for adopting blockchain technology in EHR systems, providing a comprehensive, modular, and straightforward approach. Our proposed framework addresses the constraints of existing EHR systems by providing a platform for connected and interoperable EHRs. The proposed blockchain-based patient health records management framework demonstrates the potential to address the limitations of current centralized health records systems. It offers benefits such as data privacy and security, interoperability, audibility, decentralization, and automation through the use of smart contracts. The proposed framework is implemented in Ethereum. The evaluation, i.e., cost and performance results, show that this solution is reasonable and may be used on any blockchain network, whether it is permissioned or permissionless.

show abstract

An Optimized Role-Based Access Control Using Trust Mechanism in E-Health Cloud Environment

Cited by 4 publications

References 52 publications

From Theory to Practice: Implementing Effective Role-Based Access Control Strategies to Mitigate Insider Risks in Diverse Organizational Contexts

From Theory to Practice: Implementing Effective Role-Based Access Control Strategies to Mitigate Insider Risks in Diverse Organizational Contexts

Cloud access

Blockchain-Based Healthcare Records Management Framework: Enhancing Security, Privacy, and Interoperability

Contact Info

Product

Resources

About