TY - GEN
T1 - A capability-based, role-centric access control mechanism for IOMT-enhanced, cloud-based P H R S
AU - Malamateniou, Flora
AU - Themistocleous, Marinos
AU - Prentza, Andriana
AU - Vassilacopoulos, George
N1 - Publisher Copyright:
© Proceedings of the 13th European, Mediterranean and Middle Eastern Conference on Information Systems, EMCIS 2016. All rights reserved.
PY - 2016
Y1 - 2016
N2 - The Internet of Medical Things (IoMT) can be described as connecting everyday devices and wearables to the Internet in order to intelligently link them together, thus enabling new forms of communication between things (medical devices) and people (patients) and between things themselves. Thus, IoMT technology in conjunction with cloud computing can support a new generation of personal health record (PHR) platforms that enable compiling and maintaining on the cloud patient data from multiple sources, including Internet connected medical devices and sensors from the patient living space. However, PHRs require security policies and mechanisms to ensure that patient data are protected and that patient privacy is adhered to. This paper describes a pervasive context-based access control mechanism that has been developed on the premises of the role-based and attribute-based access control (RABAC) and the capability-based access control models to enable patients and healthcare providers specify authorization and access control policies with regard to PHR data disclosure. A prototype of the mechanism is intended to be incorporated into a cloud-based PHR, namely PINCLOUD, that enables collecting, tracking and sharing patient data from various sources.
AB - The Internet of Medical Things (IoMT) can be described as connecting everyday devices and wearables to the Internet in order to intelligently link them together, thus enabling new forms of communication between things (medical devices) and people (patients) and between things themselves. Thus, IoMT technology in conjunction with cloud computing can support a new generation of personal health record (PHR) platforms that enable compiling and maintaining on the cloud patient data from multiple sources, including Internet connected medical devices and sensors from the patient living space. However, PHRs require security policies and mechanisms to ensure that patient data are protected and that patient privacy is adhered to. This paper describes a pervasive context-based access control mechanism that has been developed on the premises of the role-based and attribute-based access control (RABAC) and the capability-based access control models to enable patients and healthcare providers specify authorization and access control policies with regard to PHR data disclosure. A prototype of the mechanism is intended to be incorporated into a cloud-based PHR, namely PINCLOUD, that enables collecting, tracking and sharing patient data from various sources.
KW - Access control
KW - Capabilities-based model
KW - IoMT
KW - Patient privacy
KW - Personal health records
KW - Role-centric model
UR - https://www.scopus.com/pages/publications/85075049249
M3 - Conference contribution
AN - SCOPUS:85075049249
T3 - Proceedings of the 13th European, Mediterranean and Middle Eastern Conference on Information Systems, EMCIS 2016
SP - 264
EP - 279
BT - Proceedings of the 13th European, Mediterranean and Middle Eastern Conference on Information Systems, EMCIS 2016
A2 - Themistocleous, Marinos
A2 - Morabito, Vincenzo
A2 - Ghoneim, Ahmad
PB - University of Piraeus, International Strategic Management Association
T2 - 13th European, Mediterranean and Middle Eastern Conference on Information Systems, EMCIS 2016
Y2 - 23 June 2016 through 24 June 2016
ER -