Design & implementation of role-based access control in health care sysytem
Loading...
Date
2006
Authors
Wijesinghe, C. C. B.
Journal Title
Journal ISSN
Volume Title
Publisher
Univerity of Peradeniya
Abstract
The basic concept of role-based access control (RBAC) is that permissions are associated with roles, and users are made members of appropriate roles thereby acquiring the roles’ permissions. This idea has been around since the advent of multi-user computing. Until recently, however, RBAC has received little attention from the research community.
This concept is emerging for security administration in large and decentralized computing environments. Health Care Organizations (HCO) need an efficient and secure way to control access to multiple applications and ensure that only authorized users gain access to confidential data. There are business and regulatory requirements for protecting privacy and ensuring the security of health information. My goal of the research work is to design and implement role based access control in a health care system to reduce the complexity and cost of security administration.
Role based access control model is designed by using Java due to its platform independency to run in web environment. Database has been designed with RDBMS to ease of writing Queries in structured query language (SQL). With the designed Role Based Access Control mechanism complexity of security administration has been minimized. Individual users are not considered. A concept of role is defined and privileges granted to roles. Users are assigned to relevant roles according to the level of hierarchy. The role hierarchy clearly reflects the organization structure.
Description
Keywords
Role-Based access control , Computer Science