Wenxi Zhang
ABSTRACT
Traditional role-based access control fails to meet the privacy requirements for patient data in medical systems, as it is infeasible for policy makers to foresee what information doctors may need for diagnosis and treatment in various situations. The universal practice in hospitals is to grant doctors unlimited access, which in turn increases the risk of breaching patient privacy. In this paper, we propose a dynamic risk-adaptive access control model for health IT systems by taking into consideration the relationships between data and access behaviors. By training topic models to portray individual and group-level access behaviors, we quantify the risk for each user over a certain period of time. Malicious users are supposed to get higher risk scores than honest users due to improper requests. Thus their further access would be denied under our access control scheme. The topic model and risk scores are periodically updated to advance the self-adaptability of the system. Experimental results have shown that our solution could effectively distinguish malicious doctors even if they deliberately conceal the misconducts.
- Kim Binsted, Alison Cawsey, and Ray B. Jones. 1995. Generating Personalised Patient Information Using the Medical Record AIME '95 Proceedings of the 5th Conference on Artificial Intelligence in Medicine in Europe: Artificial Intelligence Medicine. 29--41. Google Scholar
Digital Library
- David M. Blei. 2012. Probabilistic topic models. Communications of The ACM Vol. 55, 4 (2012), 77--84. Google ScholarDigital Library
- David M. Blei, Andrew Y. Ng, and Michael I. Jordan. 2003. Latent dirichlet allocation. Journal of Machine Learning Research Vol. 3 (2003), 993--1022. Google ScholarDigital Library
- Sofiene Boulares, Kamel Adi, and Luigi Logrippo. 2016. Insider Threat Likelihood Assessment for Access Control Systems: Quantitative Approach. In International Symposium on Foundations and Practice of Security. 135--142.Google Scholar
- Pau-Chen Cheng, Pankaj Rohatgi, Claudia Keser, Paul A. Karger, Grant M. Wagner, and Angela Schuett Reninger. 2007. Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control 2007 IEEE Symposium on Security and Privacy (SP '07). 222--230. Google ScholarDigital Library
- Mayur Datar, Aristides Gionis, Piotr Indyk, and Rajeev Motwani. 2002. Maintaining Stream Statistics over Sliding Windows. SIAM J. Comput. Vol. 31, 6 (2002), 1794--1813. Google ScholarDigital Library
- Bent Fuglede and Flemming Topsøe. 2004. Jensen-Shannon divergence and Hilbert space embedding International Symposium on Information Theory, 2004. ISIT 2004. Proceedings. 31.Google Scholar
- I. Grosse, P. Bernaola-Galvan, P. Carpena, R. Roman-Roldan, J. Oliver, and H. E. Stanley. 2002. Analysis of symbolic sequences using the Jensen-Shannon divergence. Physical Review E Vol. 65, 4 (2002), 41905.Google ScholarCross Ref
- Weili Han, Qun Ni, and Hong Chen. 2009. Apply Measurable Risk to Strengthen Security of a Role-Based Delegation Supporting Workflow System. In 2009 IEEE International Symposium on Policies for Distributed Systems and Networks. 45--52. Google ScholarDigital Library
- John R. Hershey and Peder A. Olsen. 2007. Approximating the Kullback Leibler Divergence Between Gaussian Mixture Models 2007 IEEE International Conference on Acoustics, Speech and Signal Processing - ICASSP '07, Vol. Vol. 4. 317--320.Google Scholar
- Thomas Hofmann. 1999. Probabilistic latent semantic indexing. In Proceedings of the 22nd annual international ACM SIGIR conference on Research and development in information retrieval, Vol. Vol. 51. 50--57. Google ScholarDigital Library
- Robert A. Israel. 2005. International Classification of Diseases (ICD). Encyclopedia of Biostatistics (2005).Google Scholar
- Pankaj Jalote, Aveejeet Palit, Priya Kurien, and V. T. Peethamber. 2004. Timeboxing: a process model for iterative software development. Journal of Systems and Software Vol. 70 (2004), 117--127. Google ScholarDigital Library
- Kyoungyoung Jee and Gang Hoon Kim. 2013. Potentiality of big data in the medical sector: focus on how to reshape the healthcare system. Healthcare Informatics Research Vol. 19, 2 (2013), 79--85.Google ScholarCross Ref
- Solomon Kullback. 1962. Information theory and statistics. Population Vol. 17, 2 (1962), 377.Google ScholarCross Ref
- S Kullback and R A Leibler. 1951. ON INFORMATION AND SUFFICIENCY. Annals of Mathematical Statistics Vol. 22, 1 (1951), 0--0.Google ScholarCross Ref
- Office Program M.C.Jason. {n. d.}. HORIZONTAL INTEGRATION: Broader Access Models for Realizing Information Dominance. (. {n. d.}).Google Scholar
- Sartorius N, Ustün Tb, Korten A, Cooper Je, and van Drimmelen J. 1995. Progress toward achieving a common language in psychiatry. II: Results from the international field trials of the ICD-10 Diagnostic Criteria for Research for mental and behavioral disorders. American Journal of Psychiatry Vol. 152, 10 (1995), 1427--1437.Google ScholarCross Ref
- Qun Ni, Elisa Bertino, and Jorge Lobo. 2010. Risk-based access control systems built on fuzzy inferences Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security. 250--260. Google ScholarDigital Library
- Geoffrey M. Reed. 2010. Toward ICD-11: Improving the Clinical Utility of WHO's International Classification of Mental Disorders. Professional Psychology: Research and Practice Vol. 41, 6 (2010), 457--464.Google ScholarCross Ref
- Qihua Wang and Hongxia Jin. 2011. Quantified risk-adaptive access control for patient privacy protection in health information systems. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security. 406--410. Google ScholarDigital Library
- Liu Zhi-yong. 2007. Research and application of TimeBox development. Technological Development of Enterprise (2007).Google Scholar
Index Terms
- Privacy-Aware Risk-Adaptive Access Control in Health Information Systems using Topic Models
Recommendations
Quantified risk-adaptive access control for patient privacy protection in health information systems
ASIACCS '11: Proceedings of the 6th ACM Symposium on Information, Computer and Communications SecurityIn traditional access control systems, security administrators determine whether an information consumer can access a certain resource. However, in reality, it is very difficult for policy makers to foresee what information a user may need in various ...
Context-Specific Access Control: Conforming Permissions With User Expectations
SPSM '15: Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile DevicesCurrent mobile platforms take an all-or-nothing approach to assigning permissions to applications. Once a user grants an application permission to access a particular resource, the application can use that permission whenever it executes thereafter. ...
Comments