Comparing and Integrating Break-the-Glass and Delegation in Role-based Access Control for Healthcare
Ana Ferreira, Gabriele Lenzini
2016
Abstract
In healthcare security, Role-based Access Control (RBAC) should be flexible and include capabilities such as Break-the-Glass and Delegation. The former is useful in emergencies to overcome otherwise a denial of access, the latter to transfer rights temporarily, for example, to substitute doctors. Current research studies these policies separately, but it is unclear whether they are different and independent capabilities. Motivated to look into this matter, we present a formal characterization of Break-the-Glass and Delegation in the RBAC model and we inquire on how these two policies relate. After giving arguments in favour of keeping them apart as different policies, we propose an RBAC model that includes them.
DownloadPaper Citation
in Harvard Style
Ferreira A. and Lenzini G. (2016). Comparing and Integrating Break-the-Glass and Delegation in Role-based Access Control for Healthcare . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 63-73. DOI: 10.5220/0005683600630073
in Bibtex Style
@conference{icissp16,
author={Ana Ferreira and Gabriele Lenzini},
title={Comparing and Integrating Break-the-Glass and Delegation in Role-based Access Control for Healthcare},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={63-73},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005683600630073},
isbn={978-989-758-167-0},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Comparing and Integrating Break-the-Glass and Delegation in Role-based Access Control for Healthcare
SN - 978-989-758-167-0
AU - Ferreira A.
AU - Lenzini G.
PY - 2016
SP - 63
EP - 73
DO - 10.5220/0005683600630073