A Policy-Based Security Mechanism for Distributed Health Networks

Slides:

Advertisements

Similar presentations

September, 2005What IHE Delivers 1 Basic Patient Privacy Consents (BPPC) IHE Vendors Workshop 2006 IHE Patient Care Coordination Education

Advertisements

NRL Security Architecture: A Web Services-Based Solution

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Engineering Medical Information Systems

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.

Enforceable Specification of Privacy Peter Mork Jean Stanford CEM IR&D.

Data Segmentation Model 17 Jan 2012 John (Mike) Davis HL7 Security Co-Chair.

“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.

Open Workshop on e-Infrastructures, Helsinki October 4 – 5, 2006 Roadmap Parallel Session on last chapter of e-IRG Roadmap: Crossing the Boundaries of.

XACML 2.0 and Earlier Hal Lockhart, Oracle. What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation.

Identity Federation in Healthcare Networks Xiaohui Chen Department of Computer Science University of Virginia.

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Elisa Bertino Dept. of Computer Science University of Milano Page 1 Author-X Secure and selective access and flexible distribution mechanisms for XML documents.

Department of Computing, School of Electrical Engineering and Computer Sciences, NUST - Islamabad KTH Applied Information Security Lab Cloud based Secure.

Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.

XACML Gyanasekaran Radhakrishnan. Raviteja Kadiyam.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.

ICT 1 Towards an Integrated Approach to Access Control to Health Information Presented by: Inger Anne Tøndel SINTEF Co-authors: Per Håkon Meland SINTEF.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Research Paper Presentation Software Engineering in agent systems.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Security in Virtual Laboratory System Jan Meizner Supervisor: dr inż. Marian Bubak Consultancy: dr inż. Maciej Malawski Master of Science Thesis.

Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.

Software Architecture Framework for Ubiquitous Computing Divya ChanneGowda Athrey Joshi.

State Alliance for e-Health Conference Meeting January 26, 2007.

0 Craig Miller Vice President, Health Strategy and Innovation Health Information Exchange: Facilitating data sharing between public.

State HIE Program Chris Muir Program Manager for Western/Mid-western States.

Cross-enterprise Document Workflow (XDW) IT Infrastructure Technical Committee Editors: Luca Zalunardo, Arianna Cocchiglia, Arsenal.IT.

HIT Standards Committee Privacy and Security Workgroup: Privacy and Security Workgroup: Update Dixie Baker, SAIC Steve Findlay, Consumers Union March 24,

A security framework combining access control and trust management for mobile e-commerce applications Gregor v.Bochmann, Zhen Zhang, Carlisle Adams School.

11 Usage policies for end point access control  XACML is Oasis standard to express enterprise security policies with a common XML based policy language.

MagicNET: Security System for Protection of Mobile Agents.

1 Incorporating Data Mining Applications into Clinical Guidelines Reza Sherafat Dr. Kamran Sartipi Department of Computing and Software McMaster University,

Security Protection on Trust Delegated Medical Data in Public Mobile Networks Dasun Weerasinghe, Muttukrishnan Rajarajan and Veselin Rakocevic Mobile Networks.

HEALTH HOMES NOVEL PROTOTYPE. HEALTH HOMES ARE COOL SOLUTIONS FOR PROBLEMS THAT EXIST TODAY Patients don’t go to the right doctor What if a care coordinator.

Semantic based P2P System for local e-Government Fernando Ortiz-Rodriguez 1, Raúl Palma de León 2 and Boris Villazón-Terrazas 2 1 1Universidad Tamaulipeca.

Model Checking Grid Policies JeeHyun Hwang, Mine Altunay, Tao Xie, Vincent Hu Presenter: tanya levshina International Symposium on Grid Computing (ISGC.

Computer Science 1 Detection of Multiple-Duty-Related Security Leakage in Access Control Policies JeeHyun Hwang 1, Tao Xie 1, and Vincent Hu 2 North Carolina.

A Road Map to Research at Jefferson: HIPAA Privacy and Security Rules for Researchers Presented By: Privacy Officer/Office of Legal Counsel October 2015.

Chapter 19 Manager of Information Systems. Defining Informatics Process of using cognitive skills and computers to manage information.

11 Restricting key use with XACML* for access control * Zack’-a-mul.

Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:

Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:

Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.

Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford) Helen Nissenbaum (NYU)

Document Encryption Profile Brief Profile Proposal for 2009/10 presented to the IT Infrastructure Planning Committee Martin Rosner, Paul Koster October.

XACML Showcase RSA Conference What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation logic n.

Introduction to the PKI Issues at UW Madison Presented to ITC on Friday, 3/18/2005 Tom Jordan Systems Engineer,

CDA encryption Brief Profile Proposal for 2009/10 presented to the IT Infrastructure Planning Committee Martin Rosner, Paul Koster Sept 24, 2010.

Service Oriented Architecture (SOA) Prof. Wenwen Li School of Geographical Sciences and Urban Planning 5644 Coor Hall

eHealth Standards and Profiles in Action for Europe and Beyond

Security Requirements for ChinaGrid Applications - What the current grid security solutions cannot do Hai Jin Huazhong University of Science and Technology.

INTERCONNECTION GUIDELINES

XACML and the Cloud.

Similarities between Grid-enabled Medical and Engineering Applications

Integrating the Healthcare Enterprise

Electronic Health Record

Security in ebXML Messaging

NAAS 2.0 Features and Enhancements

HL7 Security Working Group Plenary Working Group Meeting 9-14 September 2012 Baltimore, Maryland Access Control.

Electronic Health Record Access Control 7

High Performance Computing Center – HLRS

Chinese wall model in the internet Environment

ITU Telecommunication Development Bureau (BDT)

Analysis of Final HIPAA Privacy Modification Rule

Channelization for China’s Spectrum

Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham

Presentation transcript:

A Policy-Based Security Mechanism for Distributed Health Networks A. Onabajo, C. Obry and J. H. Jahnke netlab Research Group1 Dept of Computer Science University of Victoria, Victoria, BC, Canada

Outline Motivation Background Policy-Based Security Mechanism A Scenario Future work

Motivation Knowledge valuable asset of organizations Trend towards Distributed/Integrated Health Information Sensitive patient information has to be protected Facilitate secured information exchange Flexible and adaptable approach Regulations and individual consents Patient care should still be paramount

Background Research into middleware solution for integrated medical information systems Based on domain and technological standards HL7 Standards e.g. RIM and CDA Policy-Based Systems Offer adaptability and easier system modification Encryption Public Key Infrastructure (PKI)

Policy-Based Security Mechanism Policies Provide the rules for information handling and exchange Types Patient Organizational Document Type Encoding eXtensible Access Control Markup Language (XACML)2 OASIS standard Provides languages for defining policies and requests

Policy-Based Mechanism (cont’d) Policy Evaluation Approach Match policies to document Evaluate the rule(s) of policies Apply effects (deny or permit) of rules Rule combination Conflict resolution Precedence by specificity3

Policy-Based Mechanism (cont’d) Encryption Applied after policy evaluation and before transmission Non-authorized sections are not transmitted Document will be encrypted with a symmetric key Encrypted document and symmetric key will be encrypted with recipients public key

A Scenario

Future Work Currently at initial stage of development Integration of a Role-based access mechanism Further refinement of conflict resolution of policies

Resources www.netlab.uvic.ca OASIS eXtensible Access Control Markup Language. Available online at http://www.oasisopen.org/committees/tc_home.php?wg_abbrev=xacml Lupu E.C.and Sloman M., Conflicts in Policy-Based Distributed Systems Management IEEE Transactions on Software Engineering, 1999;25(6) 852-869. C. Obry, J.H. Jahnke, A. Onabajo and W Schafer “Enabling Privacy in Cross-Organisational Information Mediation – An Application in Health Care”. Proceedings 2003 Software Technology and Engineering Practice, Workshop on e-health, software, systems and networks. Amsterdam, The Netherlands. Sept. 19-21, 2003