Skip to main content
SpringerLink
Log in
Book cover

International Conference on P2P, Parallel, Grid, Cloud and Internet Computing

3PGCIC 2016: Advances on P2P, Parallel, Grid, Cloud and Internet Computing pp 35–47Cite as

An Access Control Architecture for Protecting Health Information Systems

  • Conference paper
  • First Online:

  • 1682 Accesses

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 1))

Abstract

The enormous benefits that Health Information Systems (HISs) can offer in terms of quality of care and reduction in costs have led many organizations to develop such systems in their domain. Many national and international organizations have developed their HISs in according to their needs, financial availability and organizational resources (such as technology infrastructure, number of involved structures, etc.), without taking into account the possibility of communicating with other systems satisfying common security policies for distributed authorization. For this reason, the solutions are not interoperable with each other. The main cause of the lack of interoperability is the development of “no open architectures” for communication with other systems and the adoption of different technologies. This paper illustrates a technological architecture based on a set of interoperability services to enable secure communication among heterogeneous HISs. In order to protect the interoperability services, having the aim of invoking services of local HISs, an appropriate access control model is part of the proposed architecture. This Access Control Architecture described in this paper allows different HISs to interoperate each other, ensuring the protection of interoperability services among different HIS systems through the integration of the XACML architecture with the HL7 PASS services. The main architectural components needed to perform the security checks established among heterogeneous HIS are shown in detail. Finally, the use of the architecture in the Italian context is shown.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ISO/TR 20514:2005, Health informatics -- Electronic health record -- Definition, scope and context

    Google Scholar 

  2. D. Kalra and B.G. Blobel, “Semantic interoperability of EHR systems”, Stud Health Technol Inform. 2007;127:231-45.

    Google Scholar 

  3. M.T. Chiaravalloti, M. Ciampi, E. Pasceri, M. Sicuranza, G. De Pietro, and R. Guarasci, “A model for realizing interoperable EHR systems in Italy”, 15th International HL7 Interoperability Conference (IHIC 2015), Prague, Czech Republic

    Google Scholar 

  4. M. Deng, R. Scandariato, D. de Cock; B. Preneel and W. Joosen, “Identity in federated electronic healthcare,” in Wireless Days, 2008. WD ‘08. 1st IFIP , vol., no., pp. 1-5, 24-27 Nov. 2008,doi:10.1109/WD.2008.4812919

  5. OASIS eXtensible Access Control Markup Language (XACML), online at https://www.oasisopen.org/committees/tc_home.php?wg_abbrev=xacml (Access date: 30 January 2016)

  6. IHE IT Infrastructure Technical Framework - Registry Stored Query Transaction for XDS Profile [ITI 18]

    Google Scholar 

  7. IHE IT Infrastructure Technical - Retrieve Document Set for XDS Profile [ITI-43].

    Google Scholar 

  8. IHE IT Infrastructure Technical - Register Document Set-b for XDS Profile [ITI-42]

    Google Scholar 

  9. M. Sicuranza, A. Esposito and M. Ciampi “A View-Based Access Control Model for EHR Systems”, Intelligent Distributed Computing VIII p. 443-452,2015 Springer International Publishing

    Google Scholar 

  10. HL7 Version 3 Standard: Privacy, Access and Security Services Security Labeling Service (SLS)

    Google Scholar 

  11. HL7 Version 3 Clinical Document Architecture (CDA) Release 2, https://www.hl7.org/implement/standards/product brief.cfm?product id = 7 (Access date: 30 August 2016)

  12. IHE IT Infrastructure Technical - Delete Document Set [ITI-62]

    Google Scholar 

  13. V. C. Hu, D. R. Kuhn and D. F. Ferraiolo, “Attribute-Based Access Control”, in Computer, vol. 48, no. 2, pp. 85-88, Feb. 2015.

    Google Scholar 

  14. Logical Observation Identifiers Names and Codes - https://loinc.org (Access date: 30 August 2016)

  15. The International Classification of Diseases, 9th Revision, Clinical Modification - http://www.salute.gov.it/portale/temi/p 2_6.jsp?id = 1278&area = ricoveriOspedalieri&menu = classificazione (Access date: 30 August 2016)

  16. Integrating the Healthcare Enterprise (IHE) - https://www.ihe.net (Access date: 30 August 2016)

  17. Flora Amato, Giuseppe De Pietro, Massimo Esposito, Nicola Mazzocca, An integrated framework for securing semi-structured health records, Knowledge-Based Systems, Volume 79, May 2015, Pages 99-117, ISSN 0950-7051.

    Google Scholar 

  18. R. Bhatia and M. Singh, “An Implementation Model for Privacy Aware Access Control in Web Services Environment”, Proceedings of International Conference on ICT for Sustainable Development: ICT4SD 2015 Volume 1, pp. 475-484, 2016

    Google Scholar 

  19. Hongjiao Li, Shan Wang, Xiuxia Tian, Weimin Wei and Chaochao Sun “A Survey of Extended Role-Based Access Control in Cloud Computing”, Proceedings of the 4th International Conference on Computer Engineering and Networks, pp 821-831, 2015

    Google Scholar 

  20. “IEEE Standard Glossary of Software Engineering Terminology”, IEEE Std 610.12-1990.

    Google Scholar 

  21. I. Macía, “Towards a semantic interoperability environment,” e-Health Networking, Applications and Services (Healthcom), 2014 IEEE 16th International Conference on, Natal, 2014, pp. 543-548.

    Google Scholar 

  22. Flora Amato and Francesco Moscato. 2015. A model driven approach to data privacy verification in EHealth systems. Trans. Data Privacy 8, 3 (December 2015), 273-296.

    Google Scholar 

  23. R. Bhatti, E. Bertino, A. Ghafoor, “A Trust-Based Context-Aware Access Control Model for Web-Services”, Distributed and Parallel Databases, pp 83-105, 2005.

    Google Scholar 

  24. L. Boursas and V. A. Danciu, “Dynamic inter-organizational cooperation setup in Circle-of-Trust environments,” NOMS 2008 - 2008 IEEE Network Operations and Management Symposium, Salvador, Bahia, 2008, pp. 113-120.

    Google Scholar 

  25. J. Classen, J. Braun, F. Volk, M. Hollick, J. Buchmann and M. Mühlhäuser, “A Distributed Reputation System for Certification Authority Trust Management,” Trustcom/BigDataSE/ISPA, 2015 IEEE, Helsinki, 2015, pp. 1349-1356.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for High Performance Computing and Networking, Italian National Research Council, Naples, Italy

    Angelo Esposito, Mario Sicuranza & Mario Ciampi

  2. Department of Engineering, University of Naples “Parthenope”, Naples, Italy

    Angelo Esposito

Authors
  1. Angelo Esposito
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mario Sicuranza
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mario Ciampi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Angelo Esposito .

Editor information

Editors and Affiliations

  1. Campus Nord,Ed. Omega (Room 109), Technical University of Catalonia Campus Nord,Ed. Omega (Room 109), Barcelona, Spain

    Fatos Xhafa

  2. Fukuoka Institute of Technology , Fukuoka, Japan

    Leonard Barolli

  3. Federico II, Università degli Studi di Napoli Federico II, Napoli, Italy

    Flora Amato

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Esposito, A., Sicuranza, M., Ciampi, M. (2017). An Access Control Architecture for Protecting Health Information Systems. In: Xhafa, F., Barolli, L., Amato, F. (eds) Advances on P2P, Parallel, Grid, Cloud and Internet Computing. 3PGCIC 2016. Lecture Notes on Data Engineering and Communications Technologies, vol 1. Springer, Cham. https://doi.org/10.1007/978-3-319-49109-7_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49109-7_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49108-0

  • Online ISBN: 978-3-319-49109-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation