An Extended Attribute-Based Access Control (ABAC) Model for Distributed Collaborative Healthcare System

An Extended Attribute-Based Access Control (ABAC) Model for Distributed Collaborative Healthcare System

Rabie Barhoun (Hassan II University, Faculty of science Ben M'sik, Casablanca, Morocco), Maryam Ed-daibouni (Hassan II University, Faculty of Science Ben M'sik, Casablanca, Morocco) and Abdelwahed Namir (Hassan II University, Faculty of Science Ben M'sik, Casablanca, Morocco)
DOI: 10.4018/IJSSMET.2019100105


The healthcare system is a real example of a distributed collaborative system, which aims to improve the patient's healthcare. The most important requirements of the healthcare system are the sensitivity of the medical data processed, large numbers of medical and para-medical interveners, as well as the medical treatment activity is a non-static process. Protecting data from unauthorized access and data sharing security in the healthcare environment is a critical process that influences system credibility. To achieve this goal and to meet the requirements of the healthcare system, the authors propose an extended Attribute-Based Access Control (ABAC) model by introducing the medical activity concept. This article defines the medical activity concept as an abstraction of collaboration in a care unit, defined by a medical activity purpose, in which the collaborators (or actors) realize their tasks in order to achieve the treatment purpose. The current access control model ABAC and these variants do not take into account the (business process) activity concept in the decision mechanism. In this paper, the authors propose a new access control model, called Medical-Activity-Attribute-Based Access Control (MA-ABAC), which can effectively enhance the security for healthcare system and produce more perfect and flexible mechanism of access control; order to strongly respond to the requirements of the distributed healthcare environment.
Article Preview

1. Introduction

Distributed collaborative environments are emerging technologies for future years that will significantly change how business is conducted in different sectors such as defense, commerce/trade and healthcare (McQuay, 2004). There are several motivations for using a distributed collaborative environment, for examples better information sharing, more efficient decision-making, coordination, and enhanced business cooperation, among others. Besides it’s obvious that trends are clearly indicating that collaboration, in the future, will become a fundamental way of conducting many types of business activities. These environments provide efficient and scalable access to distributed computing capacity that also enable coherent information sharing between different distributed users. In a distributed collaborative system, subjects and shared objects of different sensitivity level are inherently large-scale distributed, and all groups of users from virtual organizations or administrative domains need to communicate and cooperate for achieving a common task (Araujo & Silva, 2013).

Distributed collaborative security is a recent area of research in security that supports different elements in order to execute a suitable security mechanism to improve the security of the entire environment. In recent years, collaborative security has been presented as an effective and sustainable approach to detecting fraud, preventing attacks, and protecting sensitive data. Collaborative security research is attracting more and more attention. Some recent studies show the importance of this subject and show that it is a hot topic in the field of security for the foreseeable future. The exactitude and efficient of security analysis are the mains success of distributed collaborative environment security. The implementation of such security must be aware of the disadvantages of different security approaches. For instance, communication inter-partners in a collaborative environment could be vulnerable to attacks, privacy may be divulged during collaboration, and furthermore the environment may be susceptible to internal attack. The security of a distributed collaborative system is often poorly treated. The different existing techniques lack an advanced and precise study. It is therefore necessary to conduct a comprehensive and in-depth study of distributed collaborative security in order to enrich this area of security more and more. This paper will address the main concern of distributed collaborative security, including the core components, mechanisms used, and critical issues related to the domain of activity when designing a collaborative security system.

Healthcare system is a real example of distributed collaborative environment in which the interveners as physicians, administrators and nurses collaborate to provide care to patients in a more efficient way (Moonian et al., 2008). However, using this system has resulted in new challenges concerning who can access, who can collaborate, who can share data, and based on which conditions. Issues, such as confidentiality, unauthorized access to medical data and collaborative process are among the main concerns that need adequate attention during all stages of system development (Araujo & Silva, 2013). In fact, the issue of security in the healthcare system is much more complicated than expected. Firstly, patient information is very sensitive and must be protected and confidential (Gajanayake et al., 2014). Secondly, different healthcare actors may need to collaborate and access patient data (Ray & Newell, 2008). A primary characteristic of healthcare system is the collaborative process between healthcare partners, that is also primordial for patients, (Araujo & Silva, 2013), who are transferred from one healthcare unit to another for specialized treatment where current situation of a patient medical activity could evolve over time, if the situation changes, the collaboration way of the actors should be changed.

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 11: 4 Issues (2020): 1 Released, 3 Forthcoming
Volume 10: 4 Issues (2019)
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing