A Semantic Authorization Model for Pervasive Healthcare

Publication Type

Journal Article

Publication Date

2014

Abstract

In this paper, we investigate how to secure sharing of complex data objects among pervasive information systems. To address the challenges posed by heterogeneous data sources, complex objects and context dynamics, we propose an advanced authorization model that supports specifying and enforcing authorizations in flexible and efficient ways. The model employs ontology and semantic web technologies to conceptualize data and explicitly express the relationships among concepts and instances involved in information sharing. Authorizations can be specified at different levels of the predefined concept hierarchies and be propagated to lower-levels. A novel decision propagation model is proposed to enable fast evaluation and updating of concept-level access decisions. To resolve conflicts among policies, we model a policy set as a semilattice, upon which a binary operation is defined to adapt to various requirements. Moreover, enabled by ontology reasoning tools, a flexible specification approach of authorization, namely rule-based policy generation, is developed to encode context dynamics, making the authorization enforcement adaptive to contexts.

Keywords

Semantic access control, Authorization, RFID, Ontology, Pervasive healthcare

Discipline

Computer Sciences | Medicine and Health Sciences

Research Areas

Information Systems and Management

Publication

Journal of Network and Computer Applications

Volume

38

First Page

76

Last Page

87

ISSN

1084-8045

Identifier

10.1016/j.jnca.2013.06.006

Publisher

Elsevier

Additional URL

http://dx.doi.org/10.1016/j.jnca.2013.06.006

Link to Full Text

Share

COinS