Modeling and Recognizing Policy Conflicts with Resource Access Requests on Protected Health Information

Raik Kuhlisch

Abstract


This article discusses potential clashes between different types of security policies that regulate resource access requests on clinical patient data in hospitals by employees. Attribute-based Access Control (ABAC) is proposed as a proper means for such regulation. A proper representation of ABAC policies must include a handling of policy attributes among different policy types. In this article, we propose a semantic policy model with predefined policy conflict categories. A conformance verification function detects erroneous, clashing or mutually susceptible rules early during the policy planning phase. The model and conflicts are used in a conceptual application environment and evaluated in a technical experiment during an interoperability test event.

Keywords:

Hospital intra-enterprise policy conflict; policy compliance verification; information security; knowledge representation.

Full Text:

PDF


DOI: 10.7250/csimq.2017-11.01

Refbacks

  • There are currently no refbacks.