Context-aware access control for clinical information systems

Clinical records constitute one of the most sensitive and private information of any individual. With the widespread digitalization of such records - coupled with omnipresence of networks and abundant availability of advanced information communication technologies - personal security and privacy related to clinical data is facing a huge challenge. Security in clinical information systems can be addressed at different levels: securing data collection by medical sensors, controlling access to clinical information, designing legislative frameworks for regulating secure usage of clinical information, and so on. In this paper, we focus on the access control issues in healthcare, with the goals of designing and developing access control mechanisms contingent upon various environmental and application-dependent contexts with provision for secure delegation of access-control rights. In particular, we propose a context-aware approach to access control, building on conventional discretionary access control (DAC) and role-based access control (RBAC) models. Taking a holistic view on access control, we effectively address its all four constituent steps of identification, authentication, authorization, and access decision. The eTRON (Entity and Economy TRON) architecture - which advocates use of tamper-resistant chips equipped with functions for mutual authentication and encrypted communication - is used for authentication and implementing the DAC-based delegation of access-control rights. For realizing the authorization and access decision steps, we used the RBAC model and implemented context verification on top of it. Our approach closely follows regulatory and technical standards of the healthcare domain. Evaluation of the proposed system in terms of various security and performance issues showed promising results.