Apaporn Boonyarattaphan, Yan Bai, S. Chung, R. Poovendran
{"title":"Spatial-Temporal Access Control for E-health Services","authors":"Apaporn Boonyarattaphan, Yan Bai, S. Chung, R. Poovendran","doi":"10.1109/NAS.2010.38","DOIUrl":null,"url":null,"abstract":"The transformation of healthcare from human-based to online services can expose e-health to the security threats as other online applications. The identities of legitimate e-health users need to be verified cautiously before the access privileges are granted. Since each treatment service of a patient occurs within a time interval and specific location, we propose to make use of time as well as the location as additional parameters in verifying that legitimate users are involved in services. In particular, we develop and implement a prototype of the Spatial-Temporal Access Control to authenticate and authorize users of e-health services, termed STAC-eHS. STAC-eHS is beneficial for e-health services since it allows system users to define the spatial and/or temporal constraints for e-health authentication and authorization decisions, thus, improving e-health system security and protection of patient’s privacy. We also perform experiments to evaluate STAC-eHS. The results show that STAC-eHS increases the accuracy of the detection of illegitimate users in an e-health system by about 3-12%, as compared to traditional RBAC, with a small delay of less than two seconds.","PeriodicalId":284549,"journal":{"name":"2010 IEEE Fifth International Conference on Networking, Architecture, and Storage","volume":"70 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 IEEE Fifth International Conference on Networking, Architecture, and Storage","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NAS.2010.38","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8
Abstract
The transformation of healthcare from human-based to online services can expose e-health to the security threats as other online applications. The identities of legitimate e-health users need to be verified cautiously before the access privileges are granted. Since each treatment service of a patient occurs within a time interval and specific location, we propose to make use of time as well as the location as additional parameters in verifying that legitimate users are involved in services. In particular, we develop and implement a prototype of the Spatial-Temporal Access Control to authenticate and authorize users of e-health services, termed STAC-eHS. STAC-eHS is beneficial for e-health services since it allows system users to define the spatial and/or temporal constraints for e-health authentication and authorization decisions, thus, improving e-health system security and protection of patient’s privacy. We also perform experiments to evaluate STAC-eHS. The results show that STAC-eHS increases the accuracy of the detection of illegitimate users in an e-health system by about 3-12%, as compared to traditional RBAC, with a small delay of less than two seconds.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
