How to Break Access Control in a Controlled Manner

CC
CBMS
2006
19th IEEE Symposium on Computer-Based Medical Systems (CBMS'06)
Abstract - How to Break Access Control in a Controlled Manner

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by A Ferreira Articles by R Cruz-Correia Articles by L Antunes Articles by P Farinha Articles by E Oliveira-Palhares Articles by D W Chadwick Articles by A Costa-Pereira

19th IEEE Symposium on Computer-Based Medical Systems (CBMS'06)

Salt Lake City, Utah

June 22-June 23

ISBN: 0-7695-2517-1

	ASCII Text	x
	A Ferreira, R Cruz-Correia, L Antunes, P Farinha, E Oliveira-Palhares, D W Chadwick, A Costa-Pereira, "How to Break Access Control in a Controlled Manner," Computer-Based Medical Systems, IEEE Symposium on, pp. 847-854, 19th IEEE Symposium on Computer-Based Medical Systems (CBMS'06), 2006.

	BibTex	x
	@article{ 10.1109/CBMS.2006.95, author = {A Ferreira and R Cruz-Correia and L Antunes and P Farinha and E Oliveira-Palhares and D W Chadwick and A Costa-Pereira}, title = {How to Break Access Control in a Controlled Manner}, journal ={Computer-Based Medical Systems, IEEE Symposium on}, volume = {0}, year = {2006}, issn = {1063-7125}, pages = {847-854}, doi = {http://doi.ieeecomputersociety.org/10.1109/CBMS.2006.95}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer-Based Medical Systems, IEEE Symposium on TI - How to Break Access Control in a Controlled Manner SN - 1063-7125 SP847 EP854 A1 - A Ferreira, A1 - R Cruz-Correia, A1 - L Antunes, A1 - P Farinha, A1 - E Oliveira-Palhares, A1 - D W Chadwick, A1 - A Costa-Pereira, PY - 2006 KW - null VL - 0 JA - Computer-Based Medical Systems, IEEE Symposium on ER -

A Ferreira, University of Porto, Portugal

R Cruz-Correia, University of Porto, Portugal

L Antunes, University of Porto, Portugal

P Farinha, University of Porto, Portugal

E Oliveira-Palhares, University of Porto, Portugal

D W Chadwick, University of Kent, England

A Costa-Pereira, University of Porto, Portugal

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CBMS.2006.95

The Electronic Medical Record (EMR) integrates heterogeneous information within a Healthcare Institution stressing the need for security and access control. The Biostatistics and Medical Informatics Department from Porto Faculty of Medicine has recently implemented a Virtual EMR (VEMR) in order to integrate patient information and clinical reports within a university hospital. With more than 500 medical doctors using the system on a daily basis, an access control policy and model were implemented. However, the healthcare environment has unanticipated situations (i.e. emergency situations) where access to information is essential. Most traditional policies do not allow for overriding. A policy that allows for "Break-The-Glass (BTG)" was implemented in order to override access control whilst providing for non-repudiation mechanisms for its usage. The policy was easily integrated within the model confirming its modularity and the fact that user intervention in defining security procedures is crucial to its successful implementation and use.

Citation:

A Ferreira, R Cruz-Correia, L Antunes, P Farinha, E Oliveira-Palhares, D W Chadwick, A Costa-Pereira, "How to Break Access Control in a Controlled Manner," cbms, pp.847-854, 19th IEEE Symposium on Computer-Based Medical Systems (CBMS'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.