Abstract
The enormous benefits that Health Information Systems (HISs) can offer in terms of quality of care and reduction in costs have led many organizations to develop such systems in their domain. Many national and international organizations have developed their HISs in according to their needs, financial availability and organizational resources (such as technology infrastructure, number of involved structures, etc.), without taking into account the possibility of communicating with other systems satisfying common security policies for distributed authorization. For this reason, the solutions are not interoperable with each other. The main cause of the lack of interoperability is the development of “no open architectures” for communication with other systems and the adoption of different technologies. This paper illustrates a technological architecture based on a set of interoperability services to enable secure communication among heterogeneous HISs. In order to protect the interoperability services, having the aim of invoking services of local HISs, an appropriate access control model is part of the proposed architecture. This Access Control Architecture described in this paper allows different HISs to interoperate each other, ensuring the protection of interoperability services among different HIS systems through the integration of the XACML architecture with the HL7 PASS services. The main architectural components needed to perform the security checks established among heterogeneous HIS are shown in detail. Finally, the use of the architecture in the Italian context is shown.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
ISO/TR 20514:2005, Health informatics -- Electronic health record -- Definition, scope and context
D. Kalra and B.G. Blobel, “Semantic interoperability of EHR systems”, Stud Health Technol Inform. 2007;127:231-45.
M.T. Chiaravalloti, M. Ciampi, E. Pasceri, M. Sicuranza, G. De Pietro, and R. Guarasci, “A model for realizing interoperable EHR systems in Italy”, 15th International HL7 Interoperability Conference (IHIC 2015), Prague, Czech Republic
M. Deng, R. Scandariato, D. de Cock; B. Preneel and W. Joosen, “Identity in federated electronic healthcare,” in Wireless Days, 2008. WD ‘08. 1st IFIP , vol., no., pp. 1-5, 24-27 Nov. 2008,doi:10.1109/WD.2008.4812919
OASIS eXtensible Access Control Markup Language (XACML), online at https://www.oasisopen.org/committees/tc_home.php?wg_abbrev=xacml (Access date: 30 January 2016)
IHE IT Infrastructure Technical Framework - Registry Stored Query Transaction for XDS Profile [ITI 18]
IHE IT Infrastructure Technical - Retrieve Document Set for XDS Profile [ITI-43].
IHE IT Infrastructure Technical - Register Document Set-b for XDS Profile [ITI-42]
M. Sicuranza, A. Esposito and M. Ciampi “A View-Based Access Control Model for EHR Systems”, Intelligent Distributed Computing VIII p. 443-452,2015 Springer International Publishing
HL7 Version 3 Standard: Privacy, Access and Security Services Security Labeling Service (SLS)
HL7 Version 3 Clinical Document Architecture (CDA) Release 2, https://www.hl7.org/implement/standards/product brief.cfm?product id = 7 (Access date: 30 August 2016)
IHE IT Infrastructure Technical - Delete Document Set [ITI-62]
V. C. Hu, D. R. Kuhn and D. F. Ferraiolo, “Attribute-Based Access Control”, in Computer, vol. 48, no. 2, pp. 85-88, Feb. 2015.
Logical Observation Identifiers Names and Codes - https://loinc.org (Access date: 30 August 2016)
The International Classification of Diseases, 9th Revision, Clinical Modification - http://www.salute.gov.it/portale/temi/p 2_6.jsp?id = 1278&area = ricoveriOspedalieri&menu = classificazione (Access date: 30 August 2016)
Integrating the Healthcare Enterprise (IHE) - https://www.ihe.net (Access date: 30 August 2016)
Flora Amato, Giuseppe De Pietro, Massimo Esposito, Nicola Mazzocca, An integrated framework for securing semi-structured health records, Knowledge-Based Systems, Volume 79, May 2015, Pages 99-117, ISSN 0950-7051.
R. Bhatia and M. Singh, “An Implementation Model for Privacy Aware Access Control in Web Services Environment”, Proceedings of International Conference on ICT for Sustainable Development: ICT4SD 2015 Volume 1, pp. 475-484, 2016
Hongjiao Li, Shan Wang, Xiuxia Tian, Weimin Wei and Chaochao Sun “A Survey of Extended Role-Based Access Control in Cloud Computing”, Proceedings of the 4th International Conference on Computer Engineering and Networks, pp 821-831, 2015
“IEEE Standard Glossary of Software Engineering Terminology”, IEEE Std 610.12-1990.
I. Macía, “Towards a semantic interoperability environment,” e-Health Networking, Applications and Services (Healthcom), 2014 IEEE 16th International Conference on, Natal, 2014, pp. 543-548.
Flora Amato and Francesco Moscato. 2015. A model driven approach to data privacy verification in EHealth systems. Trans. Data Privacy 8, 3 (December 2015), 273-296.
R. Bhatti, E. Bertino, A. Ghafoor, “A Trust-Based Context-Aware Access Control Model for Web-Services”, Distributed and Parallel Databases, pp 83-105, 2005.
L. Boursas and V. A. Danciu, “Dynamic inter-organizational cooperation setup in Circle-of-Trust environments,” NOMS 2008 - 2008 IEEE Network Operations and Management Symposium, Salvador, Bahia, 2008, pp. 113-120.
J. Classen, J. Braun, F. Volk, M. Hollick, J. Buchmann and M. Mühlhäuser, “A Distributed Reputation System for Certification Authority Trust Management,” Trustcom/BigDataSE/ISPA, 2015 IEEE, Helsinki, 2015, pp. 1349-1356.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Esposito, A., Sicuranza, M., Ciampi, M. (2017). An Access Control Architecture for Protecting Health Information Systems. In: Xhafa, F., Barolli, L., Amato, F. (eds) Advances on P2P, Parallel, Grid, Cloud and Internet Computing. 3PGCIC 2016. Lecture Notes on Data Engineering and Communications Technologies, vol 1. Springer, Cham. https://doi.org/10.1007/978-3-319-49109-7_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-49109-7_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49108-0
Online ISBN: 978-3-319-49109-7
eBook Packages: EngineeringEngineering (R0)