Abstract
Access control is a central problem in confidentiality management, in particular in the healthcare domain, where many stakeholders require access to patients' health records. Situation-Based Access Control (SitBAC) is a conceptual model that allows for modeling healthcare scenarios of data-access requests; thus it can be used to formulate data-access policies, where health organizations can specify their regulations involving access to patients' data according to the context of the request. The model's central concept is the Situation, a formal representation of a patient's data-access scenario. In this paper, we present the SitBAC knowledge framework, a formal healthcare-oriented, context-based access-control framework that makes it possible to represent and implement SitBAC as a knowledge model along with an associated inference method, using OWL and SWRL. Within the SitBAC knowledge framework, scenarios of data access are represented as formal Web Ontology language (OWL)-based Situation classes, formulating data-access rule classes. A set of data-access rule classes makes up the organization's data-access policy. An incoming data-access request, represented as an individual of an OWL-based Situation class, is evaluated by the inference method against the data-access policy to produce an 'approved/denied' response. The method uses a Description Logics (DL)-reasoner and a Semantic Web Rule Language (SWRL) engine during the inference process. The DL reasoner is used for knowledge classification and for real-time realization of the incoming data-access request as a member of an existing Situation class to infer the appropriate response. The SWRL engine is used to infer new knowledge regarding the incoming data-access requests, which are required for the realization process. We evaluated the ability of the SitBAC knowledge framework to provide correct responses by representing and reasoning with real-life healthcare scenarios.
Original language | English |
---|---|
Pages (from-to) | 596-615 |
Number of pages | 20 |
Journal | Data and Knowledge Engineering |
Volume | 70 |
Issue number | 6 |
DOIs | |
State | Published - Jun 2011 |
Keywords
- Access control
- Conceptual model
- Knowledge framework
- Knowledge model
- OWL
- SWRL
ASJC Scopus subject areas
- Information Systems and Management