A Conceptual Framework for an Extension Access Control Models in Saudi Arabia Healthcare Systems

2020 ◽  
pp. 182-193
Author(s):  
Amin A. Shaqrah ◽  
Talal Noor
Keyword(s):  
Health Care ◽  
Saudi Arabia ◽  
Access Control ◽  
Conceptual Framework ◽  
Healthcare System ◽  
Saudi Arabian ◽  
Healthcare Systems ◽  
Control Model ◽  
Access Control Models ◽  
Control Models

This article aims to develop an extension access control models framework in Saudi Arabian healthcare systems. The conceptual framework acts as an ascendency structure to organize and support the efforts of several health care standards which reflect on the coherent of confidentiality; integrity; and availability triads in order to achieve the strategic business objectives of Saudi Arabian healthcare institutions. It is considered to be three common access control models developed by ACM institute and extended to other criteria identified by the National Institute of Standards and Technology. While literature explains that an easy-to-use access control model can lead to success healthcare system, understanding the extension of access control systems is vital for Saudi Arabian healthcare institutions to protect resources against unauthorized use. This article has taken a step in this direction.

A Conceptual Framework for an Extension Access Control Models in Saudi Arabia Healthcare Systems

2018 ◽  
Vol 8 (2) ◽  
pp. 42-52
Author(s):  
Amin Shaqrah ◽  
Talal Noor
Keyword(s):  
Health Care ◽  
Saudi Arabia ◽  
Access Control ◽  
Conceptual Framework ◽  
Control Systems ◽  
Saudi Arabian ◽  
Healthcare Systems ◽  
Control Model ◽  
Access Control Models ◽  
Control Models

This article aims to develop an extension access control models framework in Saudi Arabian healthcare systems. The conceptual framework acts as an ascendency structure to organize and support the efforts of several health care standards which reflect on the coherent of confidentiality; integrity; and availability triads in order to achieve the strategic business objectives of Saudi Arabian healthcare institutions. It is considered to be three common access control models developed by ACM institute and extended to other criteria identified by the National Institute of Standards and Technology. While literature explains that an easy-to-use access control model can lead to success healthcare system, understanding the extension of access control systems is vital for Saudi Arabian healthcare institutions to protect resources against unauthorized use. This article has taken a step in this direction.

Challenges of Meta Access Control Model Enforcement to an Increased Interoperability

2018 ◽  
pp. 651-661 ◽  
Author(s):  
Sérgio Luís Guerreiro
Keyword(s):  
Access Control ◽  
Control Model ◽  
Control Mechanisms ◽  
Access Control Model ◽  
Extra Effort ◽  
Access Control Models ◽  
Control Models ◽  
Ontological Approach ◽  
Core Issues ◽  
Access Data

When organizations are collaborating, their access control models need to interoperate. However, nowadays in the industry, there are too many access control models variants and, most of times; the interoperability enforcement consumes an extra effort. In this context, this paper identifies the challenges towards how to design and enforce a meta-access control model to facilitate the interoperability between the different access control mechanisms available. The problem is posed using an ontological approach. Then, the challenges are explained using a descriptive explanation of the meta access control enforcement. The core issues addressed are: access models interoperability, standardization of storage for access data and provisioning of access models.

scholarly journals A New Scalable and Expandable Access Control Model for Distributed Database Systems in Data Security

2020 ◽  
Vol 2020 ◽  
pp. 1-10
Author(s):  
Mehmet Guclu ◽  
Cigdem Bakir ◽  
Veli Hakkoymaz
Keyword(s):  
Access Control ◽  
Database Systems ◽  
Distributed Database ◽  
Control Model ◽  
Access Control Model ◽  
Distributed Database Systems ◽  
Access Control Models ◽  
Control Models ◽  
Proposed Model ◽  
Private Network

Access control models are an important tool developed for securing today’s data systems. Institutions use the access control models specifically to define who their employees are, what they can do, which resources they can reach, and which processes they can perform and use them to manage the whole process. This is a very hard and costly process for institutions with distributed database systems. However, access control models cannot be implemented in a qualified way due to the fact that the conditions for defining users’ demands to reach resources distributed on different servers, one of which is consequentially bound to the other, the verification and authorization of those user demands, and being able to monitor the actions of the users cannot be configured in an efficient way all the time. With our model suggested in this study, the aim is to automatically calculate the permissions and access levels of all users defined in the distributed database systems for the objects, and, in this way, we will reach a more efficient decision as to which objects the users can access while preventing their access to the information they do not need. Our proposed model in this study has been applied to real life data clusters from organizations providing health and education services and a public service. With the proposed model, all models have been run on servers sharing resources in a private network. The performance of the proposed model has been compared to that of traditional access models. It was confirmed that the proposed model presented an access control model providing more accurate access level results as well as being scalable to many distributed database systems.

scholarly journals Evolution of access control models for protection of patient details: a survey

2018 ◽  
Vol 7 (2.8) ◽  
pp. 554
Author(s):  
Geetanjali Sinha ◽  
Prabhu Shankar K.C ◽  
Shaurya Jain
Keyword(s):  
Access Control ◽  
Control Model ◽  
Role Based Access Control ◽  
Patient Privacy ◽  
Access Control Model ◽  
Access Control Models ◽  
Control Models ◽  
Role Hierarchy ◽  
Role Based ◽  
Electronic Hospital

Hospitals across the world are adapting to Electronic Hospital Information Systems and are moving away from the manual paper systems to provide patients efficient services. Numerous Access ControlModels have been deployed for securing patient privacy one of them being Role Based Access Control Model (RBAC). The current models merely allow access on the basis of roles and role hierarchy without actually understanding the real intention of the person accessing the system. This could lead to a compromise of patient privacy and thus new methods have been evolving. In this survey we will see an evolution of the access control models which lead to the discovery of KC-RBAC (Knowledge Constrained Role Based Access Control) Model which takes into consideration the knowledge related to the medical domain along with the role to provide authorization.

Research of Access Control Models in Personal Networks

2014 ◽  
Vol 989-994 ◽  
pp. 4751-4754
Author(s):  
Yu Lan Zhao ◽  
Chun Feng Jiang
Keyword(s):  
Access Control ◽  
Control Model ◽  
Personal Networks ◽  
Role Based Access Control ◽  
Access Control Model ◽  
Access Control Models ◽  
Control Models ◽  
System Resources ◽  
Role Based

How to prevent illegal users from sharing system resources was one of the main purposes for MAGNET Security Group. This paper introduced some major access control models such as traditional access control models, role-based access control model (RBAC), task-based access control model (TBAC) and role-task-based access control model (T-RBAC). In the end, a feasible scheme PN_T-RBAC was proposed at the base of the T-RBAC model in existence, which was suitable for the coalition environment of personal networks.

scholarly journals A Modularity and Extensibility Analysis on Authorization Frameworks

2016 ◽  
Vol 2 (1) ◽  
pp. 36
Author(s):  
Eduardo Martins Guerra ◽  
Jefferson O. Silva ◽  
Clovis Torres Fernandes
Keyword(s):  
Comparative Analysis ◽  
Access Control ◽  
Multiple Access ◽  
Control Model ◽  
Security Policies ◽  
Basic Form ◽  
Access Control Models ◽  
Adequate Response ◽  
Control Models ◽  
Simple Question

<p>Authorization in its most basic form can be<br />reduced to a simple question: “May a subject X access an object<br />Y?” The attempt to implement an adequate response to this<br />authorization question has produced many access control models<br />and mechanisms. The development of the authorization<br />mechanisms usually employs frameworks, which usually<br />implements one access control model, as a way of reusing larger<br />portions of software. However, some authorization requirements,<br />present on recent applications, have demanded for software<br />systems to be able to handle security policies of multiple access<br />control models. Industry has resolved this problem in a<br />pragmatic way, by using the framework to solve part of the<br />problem, and mingling business and the remaining authorization<br />concerns into the code. The main goal of this paper is to present a<br />comparative analysis between the existing frameworks developed<br />either within the academic and industry environments. This<br />analysis uses a motivating example to present the main industry<br />frameworks and consider the fulfillment of modularity,<br />extensibility and granularity requirements facing its suitability<br />for the existing access control models. This analysis included the<br />Esfinge Guardian framework, which is an open source<br />framework developed by the authors that provides mechanisms<br />that allows its extension to implement and combine different<br />authorization models.</p>

scholarly journals Service-Based Hybrid Access Control Technology with Priority Level for the Internet of Vehicles under the Cloud Architecture

2021 ◽  
Vol 2021 ◽  
pp. 1-18
Author(s):  
Pengshou Xie ◽  
Haoxuan Yang ◽  
Liangxuan Wang ◽  
Shuai Wang ◽  
Tao Feng ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Hierarchical Structure ◽  
Control Model ◽  
Communication Process ◽  
Access Control Model ◽  
Cloud Architecture ◽  
Access Control Models ◽  
Control Models ◽  
Attribute Based Access Control

The communication process of devices in IoV under cloud architecture needs to be protected by access control models. However, existing access control models have difficulty establishing the appropriate granularity of permissions in the face of large amounts of data in IoV. Moreover, the access control model may need to temporarily change user privileges to accommodate the dynamic nature of IoV scenarios, a requirement that is difficult to implement for traditional access control models. The unstable connection status of devices in IoV also creates problems for access control. The service (composed of role and attribute) based access control model (in IoV) S-RABAC (V), under the Cloud computing architecture, introduces a formal theoretical model. The model uses attribute grouping and prioritization mechanisms to form a hierarchical structure. The permission combination pattern in the hierarchical structure can avoid duplicate permissions and reduce the number of permissions while ensuring fine-grained permissions. Different layers in the model have different priorities, and when a user’s permission requires temporary changes, it can be adjusted to the corresponding layers according to the user’s priority. In addition, users are allowed to keep their assigned privileges for a period to avoid frequent access control because of unstable connections. We have implemented the proposed access control model in Alibaba Cloud Computing and given six example demonstrations. The experiment shows that this is an access control model that can protect IoV security more effectively. Various unique mechanisms in the model enable S-RABAC(V) to improve the overall access control efficiency. The model adds some extra features compared to ABAC and RBAC and can generate more access control decisions using the priority mechanism.

scholarly journals On the representation of role-based access control models by object-oriented HRU model: taxonomic leaf-based hierarchy case

2020 ◽  
pp. 126-135
Author(s):  
S. V. Usov
Keyword(s):  
Access Control ◽  
Object Oriented ◽  
Control Policy ◽  
Control Model ◽  
Role Based Access Control ◽  
Access Control Model ◽  
Access Control Models ◽  
Control Models ◽  
Security Models ◽  
Role Based

In this paper the possibility of representing of some types of role-based access control models by object-oriented discretionary access control model is considered. The role-based security models with taxonomic hierarchy are considered. The permissions of the role-based access control model are represented as a set of pairs of object and access right. A hierarchy of classes of the object-oriented HRU model, based on the role-based access control policy, is constructed. Commands of the object-oriented HRU model, corresponding to the reassignment of roles in the original role-based model, are described.

Usage Control Model Based on Regular Grammar

2012 ◽  
Vol 433-440 ◽  
pp. 4590-4596
Author(s):  
Hai Ying Wu
Keyword(s):  
Information System ◽  
Access Control ◽  
Control Model ◽  
Usage Control ◽  
Access Control Models ◽  
Access Control List ◽  
Control Models ◽  
Regular Grammar ◽  
On Line ◽  
Modern Information

Traditional access control models through search Access Control List(ACL) to authorize [1-3]. Traditional access control models fail to satisfy the modern information system, thus Usage Control( UCON ) models were produced and fundamentally enhanced the traditional access control. The UCON models are considered as the next generation access control models. This paper is organized as follow. Section 1 introduces the Usage Control models. Section 2 introduces Regular Grammar ( RG ). Section 3 gives the RG of the 16 core ABC UCON models. Section 4 gives the RG of on-line antivirus procedure. Finally, section 5 summarizes this paper.

Access Control Models

2011 ◽  
pp. 318-326
Author(s):  
Romuald Thion
Keyword(s):  
Access Control ◽  
Computer Systems ◽  
Control Model ◽  
Role Based Access Control ◽  
Security Mechanism ◽  
Access Control Model ◽  
Access Control Models ◽  
Control Models ◽  
Role Based

Access control, or authorization, is arguably the most fundamental and most pervasive security mechanism in use today in computer systems. In computer systems, to grant authorization is to determine whether a subject can access resources. Informally speaking it is to decide “who can do what.” Access control is critical to enforce confidentiality (only authorized users can read information) and integrity (only authorized users can alter information) in computer systems, preventing hackers and cyber-terrorists from reading and modifying sensitive files. Several access control models have been proposed since 1960 up today: from simple access matrix to task based access control through military models. Each one providing a different way to organize and express users’ privileges. For example, the role based access control model aggregate privileges thanks to the concept of role: all users receive permissions only through the roles to which they are assigned. We first introduce the purpose of access control, then we describe models in use today, their specificities and the mechanisms which they rely on. The end of the this chapter is dedicated to current issues on access control.

Sign in / Sign up

Export Citation Format

Share Document