Skip to main content

How to break access control in a controlled manner

Ferreira, Ana and Cruz-Correia, Ricardo and Antunes, Luis and Farinha, P and Oliveira-Palhares, E. and Chadwick, David W. and Costa-Pereira, A. (2006) How to break access control in a controlled manner. In: 19th IEEE Symposium on Computer-Based Medical Systems (CBMS'06). Symposium on Computer-Based Medical Systems . IEEE, pp. 847-851. ISBN 978-0-7695-2517-4. (doi:10.1109/CBMS.2006.95) (KAR id:14476)

PDF
Language: English
Click to download this file (77kB)
[thumbnail of How_to_break_access_control_in_a_controlled_manner.pdf]
This file may not be suitable for users of assistive technology.
Request an accessible format
Official URL:
http://dx.doi.org/10.1109/CBMS.2006.95

Abstract

The Electronic Medical Record (EMR) integrates heterogeneous information within a Healthcare Institution stressing the need for security and access control. The Biostatistics and Medical Informatics Department from Porto Faculty of Medicine has recently implemented a Virtual EMR (VEMR) in order to integrate patient information and clinical reports within a university hospital. With more than 500 medical doctors using the system on a daily basis, an access control policy and model were implemented. However, the healthcare environment has unanticipated situations (i.e. emergency situations) where access to information is essential. Most traditional policies do not allow for overriding. A policy that allows for Break-The-Glass (BTG) was implemented in order to override access control whilst providing for non-repudiation mechanisms for its usage. The policy was easily integrated within the model confirming its modularity and the fact that user intervention in defining security procedures is crucial to its successful implementation and use.

Item Type: Book section
DOI/Identification number: 10.1109/CBMS.2006.95
Uncontrolled keywords: access control; medical services; information security; biomedical informatics; hospitals; medical control systems; scattering; permissions; glass; information systems
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Mark Wheadon
Date Deposited: 24 Nov 2008 18:04 UTC
Last Modified: 16 Nov 2021 09:52 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/14476 (The current URI for this page, for reference purposes)
Chadwick, David W.: https://orcid.org/0000-0003-3145-055X
  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.