Policy Based Electronic Transmission of Prescriptions

Chadwick, David W. and Mundy, Darren (2003) Policy Based Electronic Transmission of Prescriptions. In: 4th IEEE International Workshop on Policies for Distributed Systems and Networks, JUN 04-06, 2003, LAKE COMO, ITALY. (The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided)

The full text of this publication is not available from this repository. (Contact us about this Publication)
Official URL


This paper describes the PERMIS PMI role based authorisation policy, and shows how it has been applied to the electronic transfer of prescriptions (ETP). The assignment of roles is distributed to the appropriate authorities in the health care and government sectors. This includes the assignment of both professional roles such as doctor and dentist, as well as patient roles that entitle patients to free prescriptions. All roles are stored as X.509 attribute certificates (ACs) in LDAP directories, which are managed by the assigning authorities. The PERMIS policy based decision engine subsequently retrieves these role ACs in order to make Granted or Denied access control decisions required by the ETP applications. The Source of Authority for setting the ETP policy is assumed to be the Secretary of State for Health. The ETP policy says what roles are recognised, who is authorised to assign the roles, what privileges are granted to each role and what conditions are attached to these privileges. The ETP policy is then formatted in XML, embedded in an X.509 attribute certificate, digitally signed by the Secretary of State for Health, and then stored in an LDAP directory. From here it can be accessed by all the ETP applications in the UK National Health Service that contain embedded policy based PERMIS decision engines.

Item Type: Conference or workshop item (Paper)
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Science Technology and Medical Studies > School of Computing > Security Group
Depositing User: Mark Wheadon
Date Deposited: 24 Nov 2008 18:01
Last Modified: 15 Jul 2014 13:29
Resource URI: https://kar.kent.ac.uk/id/eprint/13957 (The current URI for this page, for reference purposes)
  • Depositors only (login required):


Downloads per month over past year