Healthcare Data Access Control Using XACML for Handheld Devices

Arunkumar, Saritha; Rajarajan, Muttukrishnan

doi:10.1109/dese.2010.13

Cited by 5 publications

(7 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…So by making use of the Access Points, the location proofs are provided by the APs in the form of a proof to ensure that the mobile device requesting a service is at a particular location at a particular point in time. This has been very well implemented and researched by various researchers including Saroiu et al [5], Zhu et al [22] and through VeriPlace in [4].…”

Section: System Modelmentioning

confidence: 99%

“…[10] proposes a combination of policies that map users to their mobile agents and make access control decisions for mobile agents by evaluating complex policy sets. [4] deals with the use of P3P policy by extending it for data access control and use of XACML policy [5] in the mobile device for data access control.…”

Section: Introductionmentioning

confidence: 99%

“…Xuebing et al [21] detailed in their paper how XACML can be used to solve some of the issues with mobile environment. Arunkumar and Rajarajan introduced XACML in the mobile environment and hence proposed a new architecture for data access control [5].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Location attestation and access control for mobile devices using GeoXACML

Arunkumar

Berker

Şensoy

et al. 2017

Journal of Network and Computer Applications

Self Cite

View full text Add to dashboard Cite

This is the accepted version of the paper.This version of the publication may differ from the final published version. Abstract-Access control has been applied in various scenarios in the past for negotiating the best policy. Solutions with XACML for access control has been very well explored by research and have resulted in significant contributions to various sectors including healthcare. In controlling access to the sensitive data such as medical records, it is important to guarantee that the data is accessed by the right person for the right reason. Location of access requestor can be a good indication for his/her eligibility and reasons for accessing the data. To reason with geospatial information for access control, Geospatial XACML (eXtensible Access Control Markup Language) is proposed as a standard. However, there is no available implementation and architecture for reasoning with Geospatial XACML policies. This paper proposes to extend XACML with geohashing to implement geospatial policies. It also proposes an architecture for checking reliability of the geospatial information provided by clients. With a case study, we demonstrate how our framework can be used to control the privacy and data access of health service data in handheld devices. Permanent repository link

show abstract

Section: System Modelmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Location attestation and access control for mobile devices using GeoXACML

Arunkumar

Berker

Şensoy

et al. 2017

Journal of Network and Computer Applications

Self Cite

View full text Add to dashboard Cite

show abstract

“…Based on some computations performed using XACML policy and some cryptographic algorithms, the real time key that is used to encrypt the patients information can be obtained. The real time key will be used in the doctors handheld device to decrypt the information and get access to the actual information [8]. XACML was used not only for defining access control policies.…”

Section: Dep Of Information Science and Technologymentioning

confidence: 99%

Access control for healthcare data using extended XACML-SRBAC model

El-Aziz

Kannan

2012

2012 International Conference on Computer Communication and Informatics

View full text Add to dashboard Cite

In the modern health service, data are accessed by doctors and nurses using mobile, Personal Digital Assistants, and other electronic handheld devices. An individual's health related information is normally stored in a central health repository and it can be accessed only by authorized doctors. However, this Data is prone to be exposed to a number of mobile attacks while being accessed. This paper proposes a framework of using XACML and XML security to support secure, embedded and fine-grained access control policy to control the privacy and data access of health service data accessed through handheld devices. Also we consider one of the models, namely Spatial Role-based access control (SRBAC) and model it using XACML.

show abstract

“…The privacy concerns have been raised to suggest that privacy may be the greatest barrier to the long-term success of ubiquitous computing [3]. The privacy preserving in ubiquitous computing becomes a hot topic recently [25], [30].…”

Section: Introductionmentioning

confidence: 99%

Privacy preserving in ubiquitous computing: Classification & hierarchy

Shen

Wang

et al. 2011

COMSIS J

View full text Add to dashboard Cite

In this paper, we adopt the classification of personal information and hierarchy of services to build a privacy system, in which one communicates with each other via pipes with different security levels. In each level, one has the corresponding rights to access each other. The requesters are not able to be infringed based on the personal information that service obtains from service providers. Privacy system can decrease the interaction, while in other circumstance the system strengthens and enhances the privacy preserving. Thus we strike a balance between two goals of Ubiquitous Computing: interaction and privacy preserving.

show abstract

Healthcare Data Access Control Using XACML for Handheld Devices

Cited by 5 publications

References 25 publications

Location attestation and access control for mobile devices using GeoXACML

Location attestation and access control for mobile devices using GeoXACML

Access control for healthcare data using extended XACML-SRBAC model

Privacy preserving in ubiquitous computing: Classification & hierarchy

Contact Info

Product

Resources

About