Privacy preserving for patients' information: A knowledge-constrained access control model for hospital information systems
- Resource Type
- Conference
- Authors
- Zhang, Runtong; Chen, Donghua; Shang, Xiaopu
- Source
- 2016 IEEE 14th International Conference on Industrial Informatics (INDIN) Industrial Informatics (INDIN), 2016 IEEE 14th International Conference on. :921-926 Jul, 2016
- Subject
- Components, Circuits, Devices and Systems
Computing and Processing
Engineering Profession
Robotics and Control Systems
Transportation
Access control
Hospitals
Context
Information systems
Data privacy
Permission
Privacy
Knowledge
Access Control
Hospital Information Systems
- Language
- ISSN
- 2378-363X
Access control is an important technical method to protect the sensitive data in the information system. This paper mainly focuses on the issue of privacy preserving for patients' information in HIS. On the basis of providing hospital employees necessary patient information that can support the treatment, the proposed Knowledge-Constrained Role Based Access Control (KC-RBAC) model tries to reduce the scope of patients' information that can be accessed by hospital employees. Compared with the traditional RBAC model, the medical knowledge and nonmedical knowledge lying in the process of treatment are introduced into KC-RBAC, which outline the boundary of accessible data for different users in the system.