面向医疗大数据的风险自适应的访问控制模型

惠榛; 李昊; 张敏; 冯登国

doi:10.11959/j.issn.1000-436x.2015328

您当前的位置：

首页 >

文章列表页 >

面向医疗大数据的风险自适应的访问控制模型

数据安全 | 更新时间：2024-06-05

- 面向医疗大数据的风险自适应的访问控制模型
- Risk-adaptive access control model for big data in healthcare
- 通信学报 2015年36卷第12期页码：190-199
- 作者机构：
  
  中国科学院软件研究所，北京 100080
- 作者简介：
  
  [ "惠榛（1987-），男，青海西宁人，中国科学院软件研究所博士生，主要研究方向为大数据访问控制、数据隐私保护。" ]
  [ "李昊（1983-），男，河南固始人，中国科学院软件研究所副研究员，主要研究方向为网络与系统安全。" ]
  [ "张敏（1975-），女，安徽萧县人，中国科学院软件研究所高级工程师，主要研究方向为数据隐私保护、可信计算和云存储安全。" ]
  [ "冯登国（1965-），男，陕西靖边人，中国科学院软件研究所研究员、博士生导师，主要研究方向为信息安全和密码学。" ]
- 基金信息：
  
  国家自然科学基金资助项目(61402456)
- DOI：10.11959/j.issn.1000-436x.2015328
  中图分类号： TP309
- 网络出版日期：2015-12，
  
  纸质出版日期：2015-12-25
- 稿件说明：
移动端阅览
惠榛, 李昊, 张敏, 等. 面向医疗大数据的风险自适应的访问控制模型[J]. 通信学报, 2015,36(12):190-199.

Zhen HUI, Hao LI, Min ZHANG, et al. Risk-adaptive access control model for big data in healthcare[J]. Journal on communications, 2015, 36(12): 190-199.
惠榛, 李昊, 张敏, 等. 面向医疗大数据的风险自适应的访问控制模型[J]. 通信学报, 2015,36(12):190-199. DOI： 10.11959/j.issn.1000-436x.2015328.

Zhen HUI, Hao LI, Min ZHANG, et al. Risk-adaptive access control model for big data in healthcare[J]. Journal on communications, 2015, 36(12): 190-199. DOI： 10.11959/j.issn.1000-436x.2015328.

摘要

面对医疗大数据，策略制定者难以预测医生的访问需求，进而制定准确的访问控制策略。针对上述问题，提出一种基于风险的访问控制模型，能够适应性地调整医生的访问能力，保护患者隐私。该模型通过分析医生的访问历史，使用信息熵和EM算法量化医生侵犯隐私造成的风险。利用量化的风险，监测和控制对于医疗记录的过度访问以及特殊情况下的访问请求。实验结果表明，该模型是有效的，并且相比于其他模型能更为准确地进行访问控制。

Abstract

While dealing with the big data in healthcare

it was difficult for a policy maker to foresee what information a doctor may need

even to make an accurate access control policy.To deal with it

a risk-based access control model that regulates doctors’ access rights adaptively was proposed to protect patient privacy.This model analyzed the history of access

applies the EM algorithm and the information entropy technique to quantify the risk of privacy violation.Using the quantified risk

the model can detect and control the over-accessing and exceptional accessing of patients’ data.Experimental results show that this model is effective and more accurate than other models.

关键词

Keywords

references

http://gd.qq.com/a/20150316/021748.htm http://gd.qq.com/a/20150316/021748.htm .[EB/OL ] .

http://www.chnrailway.com/html/20150317/867407.shtml http://www.chnrailway.com/html/20150317/867407.shtml .[EB/OL ] .

http://news.ifeng.com/a/20150121/42985231_0.shtml http://news.ifeng.com/a/20150121/42985231_0.shtml .[EB/OL ] .

http://www.eweek.com/c/a/Health-Care-IT/Utah-Health-Care-DataBreach-Exposed-About-780000-Patient-Files-189084 http://www.eweek.com/c/a/Health-Care-IT/Utah-Health-Care-DataBreach-Exposed-About-780000-Patient-Files-189084 .[EB/OL ] .

SANDHU R . The future of access control:attributes,automation,and adaptation [A ] . Computational Intelligence,Cyber Security and Computational Models [C ] . 2014 . 45 - 45 .

冯登国 , 张敏 , 李昊 . 大数据安全与隐私保护 [J ] . 计算机学报 , 2014 , 37 ( 1 ): 246 - 258 .

FENG D G , ZHANG M , LI H . Big data security and privacy protection [J ] . Chinese Journal of Computers , 2014 , 37 ( 1 ): 246 - 258 .

SANDHU R , PIERANGELA S . Access control:principle and practice [J ] . Communications Magazine , 1994 , 32 ( 9 ): 40 - 48 .

GRAHAM G S , DENNING P J . Protection:principles and practice [A ] . Proceedings of the Conference [C ] . ACM , 1972 . 417 - 429 .

HARRISON M A , RUZZO W L , ULLMANJ D . Protection in operating systems [J ] . Communications of the ACM , 1976 , 19 ( 8 ): 461 - 471 .

SANDHU R , COYNE E , FEINSTEIN H , et al . Role-based access control models [J ] . Computer , 1996 , 29 ( 2 ): 38 - 47 .

JASONPROGRAMOFFICE . Horizontal Integration:Broader Access Models for Realizing Information Dominance [R ] . The MITRE Corporation 2004 .

WANG Q , JIN H . Quantified risk-adaptive access control for patient privacy protection in health information systems [A ] . Proceedings of the 6th ACM Symposium on Information,Computer and Communications Security [C ] . ACM , 2011 . 406 - 410 .

CHENG P C , ROHATGI P , KESER C , et al . Fuzzy multi-level security:an experiment on quantified risk-adaptive access control [A ] . IEEE Symposium on Security and Privacy(SP '07) [C ] . IEEE , 2007 . 222 - 230 .

NI Q , BERINNO E , LOBO J . Risk-based access control systems built on fuzzy inferences [A ] . In Proceedings of the 5th ACM Symposium on Information,Computer and Communications Security[C].ACM . 2010 . 250 - 260 .

NISSANK N , KHAYAT E J . Risk based security analysis of permissons in RBAC [A ] . Proceedings of the 2nd International Workshop on Security in Information Systems,2004 [C ] . IEEE , 2004 . 332 - 341 .

CELIKEL E , KANTARCIOGLU M , THURAISINGHAM B M , et al . A risk management approach to RBAC [J ] . Risk and Decision Analysis , 2009 , 1 ( 1 ): 21 - 33 .

CHEN L , JASON C . Risk-aware role-based access control [A ] . Security and Trust Management [C ] . Springer Berlin Heidelberg , 2012 . 140 - 156 .

BIJON K Z , KRISHNAN R , SANDHU R . A framework for risk-aware role based access control [A ] . Proceedings of the 6th Symposium on Security Analytics and Automation 2013 [C ] . IEEE , 2013 . 462 - 469 .

MCGRAW R . Risk-adaptable access control RADAC [R ] . Privilege (Access) Management Workshop , 2009 .

SANTOS D R , WESTPHALL C M , WESTPHALL C B . A dynamic risk-based access control architecture for cloud computing [A ] . IEEE Network Operations ＆ Management Symposium [C ] . IEEE , 2014 . 1 - 9 .

谢文冲 , 杨英杰 , 汪永伟 , 等 . 基于风险的访问控制操作需求计算方法研究 [J ] . 计算机工程与设计 , 2013 , 34 ( 7 ): 2281 - 2285 .

XIE W C , YANG Y J , WANG Y W , et al . Research on computing method of operational need in risk-based access control [J ] . Computer Engineering and Design , 2013 , 34 ( 7 ): 2281 - 2285 .

王超 , 陈性元 . 基于加权熵的访问控制策略安全性分析研究 [J ] . 电子学报 , 2013 , 41 ( 1 ): 47 - 51 .

WANG C , CHEN X Y . An approach for security analysis to access control policy based on entropy-weigh [J ] . Acta Electronica Sinica , 2013 , 41 ( 1 ): 47 - 51 .

DEMPSTER A P , LAIRD N M , RUBIN D B . Maximum likelihood from incomplete data via the EM algorithm [J ] . Journal of the Royal Statistical Society,Series B (Methodological) , 1977 : 1 - 38 .

浏览量

1741

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

支持差异化可协商的数据通信机制

基于信息熵与遗传算法的并行关联规则增量挖掘算法

基于Storm平台的数据迁移合并节能策略

大数据环境下差分隐私保护技术及应用

storm平台下工作节点的内存电压调控节能策略