No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Using Risk in Access Control for Cloud-Assisted eHealth
Abstract
Cloud computing is a cutting edge technology. eHealth is one promising application of this technology. In this paper, we describe a prototype implementation of an HL7-based eHealth application on the cloud. The system is secured with a risk-aware task-based access control. We demonstrate that our access control technique is more effective for preventing unauthorized access of medical information when compared to context-aware access controls, with a small access delay of approximately one second.
... Since there are no available real-world data that can be used, the values of risk factors were assumed based on the literature review [31,43]. For contextual and real-time attributes (user context), time and location features were utilized. ...
... The value of user context was assumed based on the literature review [31,43], as shown in Table 8. Three risk levels were used; low, moderate and high to represent all combinations of location and time features. ...
... The risk of action severity is assumed to be low, as most actions that are allowed remotely are basic actions such as ON, OFF, Adjust, etc. For the risk history, the same three risk levels used based on the literature (low, moderate, and high) were utilized with the same values of user context that were determined based on the literature review [31,43]. ...
The risk-based access control model is one of the dynamic models that use the security risk as a criterion to decide the access decision for each access request. This model permits or denies access requests dynamically based on the estimated risk value. The essential stage of implementing this model is the risk estimation process. This process is based on estimating the possibility of information leakage and the value of that information. Several researchers utilized different methods for risk estimation but most of these methods were based on qualitative measures, which cannot suit the access control context that needs numeric and precise risk values to decide either granting or denying access. Therefore, this paper presents a novel Adaptive Neuro-Fuzzy Inference System (ANFIS) model for risk estimation in the risk-based access control model for the Internet of Things (IoT). The proposed ANFIS model was implemented and evaluated against access control scenarios of smart homes. The results demonstrated that the proposed ANFIS model provides an efficient and accurate risk estimation technique that can adapt to the changing conditions of the IoT environment. To validate the applicability and effectiveness of the proposed ANFIS model in smart homes, ten IoT security experts were interviewed. The results of the interviews illustrated that all experts confirmed that the proposed ANFIS model provides accurate and realistic results with a 0.713 in Cronbach’s alpha coefficient which indicates that the results are consistent and reliable. Compared to existing work, the proposed ANFIS model provides an efficient processing time as it reduces the processing time from 57.385 to 10.875 Sec per 1000 access requests, which demonstrates that the proposed model provides effective and accurate risk evaluation in a timely manner.
... Other researchers have suggested mathematical functions to formulate an algorithm to measure security risks of access control operations. For example, Sharma et al. (2012) have presented a taskbased access control model that estimates the risk value based on the action to be performed. The risk value is estimated in terms of different actions and corresponding outcomes. ...
... This model depends on the idea of risk policies, which allow service providers and resource owners to define their own metrics, allowing greater flexibility to the access control system. Further, a prototype of this model is created using the risk metrics and quantification of Sharma et al. (2012). In addition, they extended the work to develop an ontology-based method to estimate the risk value according to the context and adjusting the weights of each risk metric considering the actual number of risk metrics (Dos Santos et al. , 2016). ...
... No risk prediction was used and lacked adaptive features. Sharma et al. (2012) Presented a task-based access control model that estimates the risk value based on the action to be performed. The risk value is estimated in terms of different actions and corresponding outcomes. ...
The Internet of Things (IoT) is considered as the next stage of the evolution of the Internet. It promotes the concept of anytime, anywhere connectivity for anything. The IoT has the ability to connect billions of devices to share their information and create new services that improve our quality of life. Although the IoT provides countless benefits, it creates several security issues. One of the approaches to resolve these issues is to build an effective access control model.
Due to the dynamic nature of the IoT, static access control approaches cannot provide an appropriate security solution, as they are static and context-insensitive. Therefore, this research proposes a novel adaptive risk-based access control model to determine access permissions dynamically. This model performs a security risk analysis on the access request by using IoT contextual and real-time information to make the access decision. The proposed model has four inputs: user context, resource sensitivity, action severity and risk history. These inputs are used to estimate the risk value associated with each access request to make the access decision. In addition, this research adds abnormality detection capability by using smart contracts to track and monitor user activities during the access session to detect and prevent malicious actions.
One of the main problems to implement the proposed model was to determine the appropriate risk estimation technique that ensures flexibility and scalability of the IoT system. Hence, a review of most common risk estimation techniques was carried out and the fuzzy logic system with expert judgment was selected to implement the risk estimation process. In addition, to overcome scalability and learning issues of the proposed fuzzy risk estimation technique, Adaptive Neuro-Fuzzy Inference System (ANFIS) and Neuro-Fuzzy System (NFS) were utilized to implement the risk estimation technique. The results demonstrated that it outperformed the results produced by the fuzzy logic system, increased the accuracy and can adapt to changes of various IoT applications. In addition, this research presented a solution for the cold start problem associated with risk-based models that use risk history as one of the risk factors. The results demonstrated that the proposed risk-based model can operate immediately when first used or connected without reconfiguration or adjustment. By using MATLAB Simulink, the operation of smart contracts was simulated to track and monitor user activities during the access session. The results demonstrated that it provides an effective way to detect and prevent malicious actions in a timely manner. To validate the applicability of the proposed adaptive risk-based model in real-world IoT scenarios, access control scenarios of three IoT applications including healthcare, smart home and network router were presented. The results demonstrated that the proposed risk-based model adds more advantages over existing access control models and can be applied to various and real-world IoT applications.
... Other researchers have suggested mathematical functions to formulate an algorithm to measure security risks of access operations. For example, Sharma et al. [18] suggested a task-based model to estimate the security risk using user actions by building a mathematical function. This is followed by matching the estimated risk value with system acceptable risk values to determine access. ...
... Thirdly, to formulate access control scenarios of the router, the values of the four risk factors of the proposed risk-based model need to be specified. Therefore, we will use Sharma et al. [18] formula to calculate the risk value regarding action severity and data sensitivity. The risk value is calculated in terms of various actions, risk probability, and cost regarding data Table 8 Risk values associated with action and data sensitivity [18] . ...
... Therefore, we will use Sharma et al. [18] formula to calculate the risk value regarding action severity and data sensitivity. The risk value is calculated in terms of various actions, risk probability, and cost regarding data Table 8 Risk values associated with action and data sensitivity [18] . ...
The need to increase information sharing in the Internet of Things (IoT) applications made the risk-based access control model to be the best candidate for both academic and com- mercial organizations. Risk-based access control model carries out a security risk analysis on the access request by using IoT contextual information to provide access decisions dy- namically. Unlike current static access control approaches that are based on predefined policies and give the same result in different situations, this model provides the required flexibility to access system resources and works well in unexpected conditions and situa- tions of the IoT system. One of the main issues to implement this model is to determine the appropriate risk estimation technique that is able to generate accurate and realistic risk values for each access request to determine the access decision. Therefore, this paper pro- poses a risk estimation technique which integrates the fuzzy inference system with expert judgment to assess security risks of access control operations in the IoT system. Twenty IoT security experts from inside and outside the UK were interviewed to validate the proposed risk estimation technique and build the fuzzy inference rules accurately. The proposed risk estimation approach was implemented and simulated using access control scenarios of the network router. In comparison with the existing fuzzy techniques, the proposed technique has demonstrated it produces precise and realistic values in evaluating security risks of access control operations in the IoT context.
... Currently, we introduce an instantiation of our framework using different similar models found in the literature for implementing risk-based policies with XACML from related work. Therefore, it is based on two risk-based schemes: the first taken by Sharma et al. [11] and the RAdAC model as defined in [12]. ...
... The model of Sharma et al. [11] provides a risk-based access control system for cloud. This framework is based on the impact of a demanded action considering: Availability, Integrity, and Confidentiality, in addition to a historical risk value to the present value to evaluate the user activities. ...
... The core system of the framework is implemented in Java. Therefore, we developed a practice model mixing the 27 contextual metrics presented by [11], the 3 CIA metrics and the access history metric of [12]. Thus, these 31 metrics are combined with the XACML policy language. ...
... To define the value of the action severity, Sharma et al.'s [51] formula was utilized. This formula was used to estimate the risk score of action severity in terms of various actions, risk probability, and cost regarding data availability, integrity, and confidentiality. ...
... where C, I, and A represents confidentiality, integrity, and availability, respectively, and P represents the probability. In addition, Sharma et al. [51] have suggested some actions and corresponding values of the CIA, as shown in Table 7. Therefore, values of action severity of the proposed risk-based model will be estimated using this table. ...
Providing a dynamic access control model that uses real-time features to make access decisions for IoT applications is one of the research gaps that many researchers are trying to tackle. This is because existing access control models are built using static and predefined policies that always give the same result in different situations and cannot adapt to changing and unpredicted situations. One of the dynamic models that utilize real-time and contextual features to make access decisions is the risk-based access control model. This model performs a risk analysis on each access request to permit or deny access dynamically based on the estimated risk value. However, the major issue associated with building this model is providing a dynamic, reliable, and accurate risk estimation technique, especially when there is no available dataset to describe risk likelihood and impact. Therefore, this paper proposes a Neuro-Fuzzy System (NFS) model to estimate the security risk value associated with each access request. The proposed NFS model was trained using three learning algorithms: Levenberg–Marquardt (LM), Conjugate Gradient with Fletcher–Reeves (CGF), and Scaled Conjugate Gradient (SCG). The results demonstrated that the LM algorithm is the optimal learning algorithm to implement the NFS model for risk estimation. The results also demonstrated that the proposed NFS model provides a short and efficient processing time, which can provide timeliness risk estimation technique for various IoT applications. The proposed NFS model was evaluated against access control scenarios of a children’s hospital, and the results demonstrated that the proposed model can be applied to provide dynamic and contextual-aware access decisions based on real-time features.
... Sharma et al. [40] This paper presented a task-based access control model that estimates the risk value based on the action to be performed by the requester. The risk estimation process evaluates the risk using outcomes of actions to make the access decision. ...
... The risk value is mainly evaluated based on predetermined risk policies that are created either by the system security administrator or the resource owner. Further, a prototype of this model is created using risk metrics provided in the work of Sharma et al. [40]. This work was extended in [22] to develop an ontology-based method to estimate the risk value depending on the context and adjusting values of risk metrics and using predetermined access policies to make the access decision. ...
Most current access control models are rigid, as they are designed using static policies that always give the same outcome in different circumstances. In addition, they cannot adapt to environmental changes and unpredicted situations. With dynamic systems such as the Internet of Things (IoT) with billions of things that are distributed everywhere, these access control models are obsolete. Hence, dynamic access control models are required. These models utilize not only access policies but also contextual and real-time information to determine the access decision. One of these dynamic models is the risk-based access control model. This model estimates the security risk value related to the access request dynamically to determine the access decision. Recently, the risk-based access control model has attracted the attention of several organizations and researchers to provide more flexibility in accessing system resources. Therefore, this paper provides a systematic review and examination of the state-of-the-art of the risk-based access control model to provide a detailed understanding of the topic. Based on the selected search strategy, 44 articles (of 1044 articles) were chosen for a closer examination. Out of these articles, the contributions of the selected articles were summarized. In addition, the risk factors used to build the risk-based access control model were extracted and analyzed. Besides, the risk estimation techniques used to evaluate the risks of access control operations were identified.
... Apart from the object sensitivity, the expected threat need to consider the impact of a requested action on the confidentiality, integrity, and availability (CIA) requirements of the information (object) hosted in the collaborating platform. To quantify the damage that is expected to be caused by misuse of the access modes, we customize the model proposed in [19]. We consider the objects belonging to Top secret, Secret, and Confidential classes as Sensitive, while those included in the Unclassified category are considered as Non-sensitive. ...
... For computing the risk of a request, the R2Q framework needs to quantify the damage it (request) is expected to cause (for the resource provider) in the context of misuse of the allowed access modes. The expected damage ∆ must combine the probability of occurrence of the corresponding access mode p a j from the historical data and its impact on the security requirements of the provider domain (as depicted in Table 1) [19]. Thus, it is given as: ...
Web-based collaboration provides a platform which allows users from different domains to share and access information. In such an environment, mitigating threats from insider attacks is challenging, particularly if state-of-the-art token-based access control is used to authorize (permit or deny) requests. This entails the need for an additional layer of authorization based on soft-security factors such as the reputation of the requesters, risks involved in requests, and so on to make the final decision. In this paper, we propose a novel risk quantification framework, called $R2Q$, which exploits a weighted regression approach to compute the expected threat related to a collaboration request. Our model combines the shared object's sensitivity, access mode of the request, requester's security level and reputation, and maps the expected threat to a risk score using the prospect theory (PT) inspired value functions to actualize decision making under uncertainty of economic outcomes (loss or gain). Simulation-based performance evaluation validates the efficacy of our framework and demonstrates that it can classify requesters based on their past behaviours, and also enables the collaboration platform to achieve higher rates of successful authorization.
... Out of the 24 research articles studied, maximum of 10 articles [156][157][158][159][160][161][162][163][164][165] are devoted to the secure and reliable platforms for cloud computing. References [166][167][168] present different models which suggest various improvements over the existing cloud solutions. ...
... References [166][167][168] present different models which suggest various improvements over the existing cloud solutions. In [166] the concept of reverse 3 Treatment of chronic diseases [178,179] 4 Improvements proposed over the existing cloud based system [166][167][168] 5 Security [156][157][158][159][160][161][162][163][164][165] 6 ...
The infusion of information communication technology (ICT) into health services is emerging as an active area of research. It has several advantages but perhaps the most important one is providing medical benefits to one and all irrespective of geographic boundaries in a cost effective manner, providing global expertise and holistic services, in a time bound manner. This paper provides a systematic review of technological growth in eHealth services. The present study reviews and analyzes the role of four important technologies, namely, satellite, internet, mobile, and cloud for providing health services.
... Como política de risco, Alice decide utilizar aquela que foi apresentada na seção 5.4.1, que utiliza as métricas de Confidencialidade, Integridade e Disponibilidade e a quantificação apresentada na Figura 5, conforme o trabalho de Sharma et al. (2012). ...
... Isso ocorre porque, conforme já exposto,é Tabela 6: Comparação entre os trabalhos relacionados Trabalho (1) (2) (3) (4) (FALL et al., 2011) Não Não Sim Não (ARIAS-CABARCOS et al., 2012) Não Sim Sim Sim (SHARMA et al., 2012 Não Não Sim Sim Este trabalho Sim Sim Sim Sim muito difícil definir adequadamente o contexto de um usuário, queé muito mais dinâmico que o contexto de um recurso. Algumas métricas que podem ser citadas como adequadas para um ambiente de nuvem, então, são: tipo de conexão e protocolo criptográfico utilizado; histórico e padrões de acesso ao recurso; impacto das ações em confidencialidade, integridade e disponibilidade (conforme Sharma et al. (2012)); e requisitos de privacidade e sensibilidade do recurso desejado. A principal métrica relacionada aos usuários que pode ser definidaé um histórico de violações. ...
Cloud computing is a distributed computing model that still faces problems. New ideas emerge to take advantage of its features and among the research challenges found in cloud computing, we can highlight Identity and Access Management. The main problems of the application of access control in the cloud are the necessary flexibility and scalability to support a large number of users and resources in a dynamic and heterogeneous environment, with collaboration and information sharing needs. This research work proposes the use of risk-based dynamic access control for cloud computing. The proposal is presented as an access control model based on an extension of the XACML standard with three new main components: the Risk Engine, the Risk Quantification Web Services and the Risk Policies. The risk policies present a method to describe risk metrics and their quantification, using local or remote functions. The use of risk policies allows users and cloud service providers to define how they wish to handle risk-based access control for their resources, using quantification and aggregation methods presented in related works. The model reaches the access decision based on a combination of XACML decisions and risk analysis. A specification of the risk policies using XML is presented and a case study using cloud federations is described. A prototype of the model is implemented, showing it has enough expressivity to describe the models of related works. In the experimental results, the prototype reaches access decisions using policies based on related works with a time between 2 and 6 milliseconds. A discussion on the security aspects of the model is also presented.
... In addition, a role-based access control (RBAC) model based on risk perception was proposed, which mainly evaluated the trust of users, the relationship between users and roles, and the relationship between roles and permissions. Diep et al. [31] and Sharma et al. [32] mainly conducted risk assessment on the user's access behavior, and the evaluation basis was whether the user's access behavior will cause loss of the integrity, availability, and confidentiality of the information. Ding et al. [33] proposed a privacy-preserving multiparticipant risk-adaptive access control model. ...
Edge computing is playing an increasingly important role in the field of health care. Edge computing provides high-quality personalized services to patients based on user and device data information. However, edge nodes will collect a large amount of sensitive patient information, and patients will also bear the risk of privacy disclosure while enjoying personalized services. How to reduce the risk of privacy disclosure while ensuring that patients enjoy personalized services brought by edge computing is the research content of this paper. In this paper, the work flow and management mode of Hospital Information System (HIS) are investigated on the spot, and the risk-adaptive access control model based on entropy is established. First, we use International Classification of Diseases, Tenth Revision (ICD-10) to mark the information resources accessed by users and use information entropy to measure the correlation “α” between medical information accessed by users and work tasks. Finally, we analyze the relationship between correlation “α” and risk through an example. The results show that users with high correlation α have low risk of access behavior, and users with low risk have high correlation α of access information resources and work goals. This discovery can help managers predict users’ access behavior in the Big Data environment, so as to dynamically formulate access control policies according to the actual access situation of users and then realize the privacy protection of medical big health data.
... Table 2 shows the comparison between existing risk-based access control models. Based on the risk model analysis performed by previous researchers, several limitations have been captured, such as no history factor [16][17][18] being accounted for in risk calculations, no prediction in risk calculations [19][20][21], and no contextual factors presenting the current state of environment being included in risk calculations [16,18,[22][23][24][25]. Thus, the need to propose a new contextual risk model in essential. ...
The Internet of Things (IoT) allows billions of physical objects to be connected to gather and exchange information to offer numerous applications. It has unsupported features such as low latency, location awareness, and geographic distribution that are important for a few IoT applications. Fog computing is integrated into IoT to aid these features to increase computing, storage, and networking resources to the network edge. Unfortunately, it is faced with numerous security and privacy risks, raising severe concerns among users. Therefore, this research proposes a contextual risk-based access control model for Fog-IoT technology that considers real-time data information requests for IoT devices and gives dynamic feedback. The proposed model uses Fog-IoT environment features to estimate the security risk associated with each access request using device context, resource sensitivity, action severity, and risk history as inputs for the fuzzy risk model to compute the risk factor. Then, the proposed model uses a security agent in a fog node to provide adaptive features in which the device’s behaviour is monitored to detect any abnormal actions from authorised devices. The proposed model is then evaluated against the existing model to benchmark the results. The fuzzy-based risk assessment model with enhanced MQTT authentication protocol and adaptive security agent showed an accurate risk score for seven random scenarios tested compared to the simple risk score calculations.
... In literature [26,27], according to the risk assessment principles, context, and other information, users' behaviors of viewing, modifying, and deleting medical records are evaluated from the integrity, availability, and confidentiality of medical records. Wang and Hong [28] statically calculated the doctor's access behavior risk by measuring the deviation between the resources accessed by the doctor and the objective. ...
Information leakage in the medical industry has become an urgent problem to be solved in the field of Internet security. However, due to the need for automated or semiautomated authorization management for privacy protection in the big data environment, the traditional privacy protection model cannot adapt to this complex open environment. Although some scholars have studied the risk assessment model of privacy disclosure in the medical big data environment, it is still in the initial stage of exploration. This paper analyzes the key indicators that affect medical big data security and privacy leakage, including user access behavior and trust, from the perspective of users through literature review and expert consultation. Also, based on the user’s historical access information and interaction records, the user’s access behavior and trust are quantified with the help of information entropy and probability, and a definition expression is given explicitly. Finally, the entire experimental process and specific operations are introduced in three aspects: the experimental environment, the experimental data, and the experimental process, and then, the predicted results of the model are compared with the actual output through the 10-fold cross verification with Matlab. The results prove that the model in this paper is feasible. In addition, the method in this paper is compared with the current more classical medical big data risk assessment model, and the results show that when the proportion of illegal users is less than 15%, the model in this paper is more superior in terms of accuracy and recall.
... In [50], the authors proposed a cloudbased e-health dynamic access control mechanism termed risk aware task-based control which only grants access to user based on the three basic data security requirements, that is availability, integrity and confidentiality. ...
Electronic Health Records (EHR) has emerged as a significant alternative to paper-based health records. Today, EHR is a model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. Nevertheless, there are high security and privacy concerns as data available on cloud-based EHR could be exposed by these third party cloud repositories and accessed by unauthorized parties. Many schemes and models that were based on biometrics, blockchain, watermarking, steganography, Transport Layer Security/Secure Sockets Layer (TLS/SSL), Role Based Access Control (RBAC), Discretionary Access Control (DAC), Mandatory Access Control (MAC), Cipher text policy Attribute Based Encryption (CP-ABE) and other encryption models have been proposed to secure and ensure privacy of patients "data on cloud-based EHR. Each of these security and privacy protection schemes/models has their significant advantages and attendant shortcomings. In this paper, a methodological review of literature on various schemes and models proposed for proffering solutions to security and privacy of patients "data on cloud-based EHR was carried out. A total of ninety-five research articles were reviewed with the models or schemes employed for securing and guaranteeing privacy of electronic health data highlighted. Also, their strong points and drawbacks were elucidated. The reviewed articles were trimmed down to the forty-two presented in this paper based on similarities identified in the models or schemes implemented by some authors and/or relevancy of article"s title. Remarks and recommendations were made regarding the review and future directions on security and privacy of cloud-based EHR were also suggested.
... The authors of [55] proposed a dynamic access control mechanism implemented with the e-health cloud known as risk aware task-based control which ensures that the access is granted based on the AIC (Availability, Integrity, Confidentiality) principle. Lohr et al. [19] proposed an approach provides client platform security using trusted virtual domains (TVD). ...
INTRODUCTION: The e-health (electronic health) system is one of many cloud services which uses computer or electronic systems and cloud technology as its main source of operations for storing and sharing patient’s medical data between healthcare service providers and patients. The health data records are kept in a semi-trusted third-party supplier (i.e., cloud). Therefore, its security has become the main concern as the data should not be accessible to unauthorized person.OBJECTIVES: To provide a brief knowledge on the security aspects of cloud-based e-health systems for further improvement in the field of e-health system security.METHODS: This paper presents a literature survey on secure cloud-based e-health systems including ninety-four research papers related to secure cloud-based e-health systems collected from different sources till 2019.RESULTS: The security mechanisms used to secure cloud-based e-health systems are divided into three categories (i.e., crypto, non-crypto, and biometric-based). Also some health related security laws, security mechanisms, advantages and limitations of security mechanisms for all categories are presented.CONCLUSION: This paper will be helpful to do further researches in the research area of e-health system as it consists of the analysis of security mechanisms, security laws, advantages and limitations of the security mechanisms.
... Literature [16] introduced the risk into the cloud-assisted health care system. It first checks the user's trust credentials, determines the user's access rights based on the role, and then evaluates the risk that users may pose. ...
With the rapid development of modern information technology, the health care industry is entering a critical stage of intelligence. Faced with the growing health care big data, information security issues are becoming more and more prominent in the management of smart health care, especially the problem of patient privacy leakage is the most serious. Therefore, strengthening the information management of intelligent health care in the era of big data is an important part of the long-term sustainable development of hospitals. This paper first identified the key indicators affecting the privacy disclosure of big data in health management, and then established the risk access control model based on the fuzzy theory, which was used for the management of big data in intelligent medical treatment, and solves the problem of inaccurate experimental results due to the lack of real data when dealing with actual problems. Finally, the model is compared with the results calculated by the fuzzy tool set in Matlab. The results verify that the model is effective in assessing the current safety risks and predicting the range of different risk factors, and the prediction accuracy can reach more than 90%.
... A task-based access control model has been proposed by Sharma et al. [22] to estimate the risk value associated with the access request using functions based on the actions a user wants to perform. The risk value is computed in terms of different actions and corresponding outcomes. ...
The Internet of Things (IoT) has spread into multiple dimensions that incorporate different physical and virtual things. These things are connected together using different communication technologies to provide unlimited services. These services help not only to improve the quality of our daily lives, but also to provide a communication platform for increasing object collaboration and information sharing. Like all new technologies, the IoT has many security challenges that stand as a barrier to the successful implementation of IoT applications. These challenges are more complicated due to the dynamic and heterogeneous nature of IoT systems. However, authentication and access control models can be used to address the security issue in the IoT. To increase information sharing and availability, the IoT requires a dynamic access control model that takes not only access policies but also real-time contextual information into account when making access decisions. One of the dynamic features is the security risk. This paper proposes an Adaptive Risk-Based Access Control (AdRBAC) model for the IoT and discusses its validation using expert reviews. The proposed AdRBAC model conducts a risk analysis to estimate the security risk value associated with each access request when making an access decision. This model has four inputs/risk factors: user context, resource sensitivity, action severity and risk history. These risk factors are used to estimate a risk value associated with the access request to make the access decision. To provide the adaptive features, smart contracts will be used to monitor the user behaviour during access sessions to detect any malicious actions from the granted users. To validate and refine the proposed model, twenty IoT security experts from inside and outside the UK were interviewed. The experts have suggested valuable information that will help to specify the appropriate risk factors and risk estimation technique for implantation of the AdRBAC model.
... Tong et al. [52] introduced a Cloud-based Privacy-aware Role Based Access Control model for controllability, traceability about statistics or authorized access according to healthcare resources. Sharma et al. [53] developed an advanced role-based intention known as undertaking based totally power to determine whether or not get entry to ought to stay granted according to a healthcare cloud. toughness Besides get admission to control, various protection safety techniques (Trusted Virtual domains [54], Watermarking method [55], Secure index implementation [56] yet secret-sharing schemes [57]) had been additionally added to keep the high security and privacy of healthcare clouds. ...
... A number of works on HL7 middleware and the developments of relevant mappings have been re- ported in the literature, see e.g. (Alam et al., 2011;Calamai & Giarre, 2012;Cuenca et al., 2012;Liu & Huang, 2012;Nie et al., 2013;Sharma at al., 2012). A multi-agent system to support patients in their search of healthcare services was presented by De Meo et al. (2011). ...
Future healthcare systems and organizations demand huge computational resources, and the ability for the applications to interact and communicate with each other, within and across organizational boundaries. This chapter aims to explore state-of-the-art of the healthcare landscape and presents an analysis of networked healthcare systems with a focus on networking traffic and architectures. To this end, the relevant technologies including networked healthcare architectures and performance studies, Health Level 7 (HL7), big data, and cloud computing, are reviewed. Subsequently, a study of healthcare systems, applications and traffic over local, metro, and wide area networks is presented using multi-hospital cross-continent scenarios. The network architectures for these systems are described. A detailed study to explore quality of service (QoS) performance for these healthcare systems with a range of applications, system sizes, and network sizes is presented. Conclusions are drawn regarding future healthcare systems and internet designs along with directions for future research.
... Tong et al. [44]introduced a Cloud-based Privacy-aware Role Based Access Control model for controllability, traceability of data and authorised access to healthcare resources. Sharma et al. [45]developed an advanced role-based scheme called task based control to determine whether access should be granted to a healthcare cloud. ...
Cloud computing in eHealth is an emerging area for only few years. There
needs to identify the state of the art and pinpoint challenges and possible
directions for researchers and applications developers. Based on this need, we
have conducted a systematic review of cloud computing in eHealth. We searched
ACM Digital Library, IEEE Xplore, Inspec, ISI Web of Science and Springer as
well as relevant open-access journals for relevant articles. A total of 237
studies were first searched, of which 44 papers met the Include Criteria. The
studies identified three types of studied areas about cloud computing in
eHealth, namely (1) cloud-based eHealth framework design (n=13); (2)
applications of cloud computing (n=17); and (3) security or privacy control
mechanisms of healthcare data in the cloud (n=14). Most of the studies in the
review were about designs and concept-proof. Only very few studies have
evaluated their research in the real world, which may indicate that the
application of cloud computing in eHealth is still very immature. However, our
presented review could pinpoint that a hybrid cloud platform with mixed access
control and security protection mechanisms will be a main research area for
developing citizen centred home-based healthcare applications.
... Recent publications [22][23][24] have proposed the inclusion of threat analysis which considers some conditions like the trust and risk level over which a resource is accessed in order to influence an authorization decision. A threat analysis over a resource leads generally to temporal allocation of the resource in a risk level (high, normal, low or so). ...
Risk-based access control systems are a new element in access control categories, incorporating risk analysis as part of the inputs to consider when taking an authorization decision. A risk analysis over a resource leads generally to temporal allocation of the resource in a risk level (e.g. high, medium, low). Ideally, for each risk level and kind of resource, the access control system should take an authorization decision (expressed like a permit or deny) and the system administrator should also trigger specific counter-measures to protect resources according to their risk level. In a small access control system with few resources it is possible for an administrator to follow the risk level changes and react promptly with counter-measures; but in medium/large access control systems it is almost unfeasible to react in a customized way to thousands of risk level emergencies asking for attention. In this paper we propose the adoption of dynamic counter-measures (which can be integrated within access control policies) changing along time to face variations in the risk level of every resource, bringing two main benefits, namely: (i) a suitable resource protection according to the risk level (not under or over estimated) and (ii) an access control system granting/denying access depending on the fulfillment of a set of security controls applicable in an authorization access request. To define the most appropriate set of counter-measures applicable for a specific situation we define a method based on genetic algorithms, which allows to find a solution in a reasonable time frame satisfying different required conditions. Finally, the conducted experiments show the applicability of our proposal in a real scenario.
The emergence of brings your own device (BYOD) strategy has brought considerable benefits to enterprises. However, secure access control to vital enterprise resources is one of the impedances to BYOD adoption. Thus, some researches were directed toward dynamic access control using concepts from risk evaluation, machine learning, or context-awareness. However, research efforts to harmonize the three concepts are yet to be established. Hence, this study proposed an Extended Security Risk Analysis Model (ExtSRAM) that combined the concepts to evolve a risk-based and context-aware model to mitigate access control challenges in BYOD. The proposed model comprised of three blocks, including static risk analysis, user contextual profiling, and risk computation. Furthermore, ExtSRAM utilized the Bayesian network to model user contextual profile and static enterprise risks. Again, the proposed model was formulated on six assumptions for it to be realistic for BYOD strategy. More so, a theoretical validation of ExtSRAM justified its soundness and completeness in estimating security risks for dynamic access control. Really, implementing ExtSRAM will proactively safeguard digital assets against unauthorized access. In doing so, an organization can strategically reposition its workforce for productivity while taking advantage of its investment in BYOD implementation.
Future healthcare systems and organizations demand huge computational resources, and the ability for the applications to interact and communicate with each other, within and across organizational boundaries. This chapter aims to explore state-of-the-art of the healthcare landscape and presents an analysis of networked healthcare systems with a focus on networking traffic and architectures. To this end, the relevant technologies including networked healthcare architectures and performance studies, Health Level 7 (HL7), big data, and cloud computing, are reviewed. Subsequently, a study of healthcare systems, applications and traffic over local, metro, and wide area networks is presented using multi-hospital cross-continent scenarios. The network architectures for these systems are described. A detailed study to explore quality of service (QoS) performance for these healthcare systems with a range of applications, system sizes, and network sizes is presented. Conclusions are drawn regarding future healthcare systems and internet designs along with directions for future research.
The Internet of Things (IoT) is becoming the future of the Internet with a large number of connected devices that are predicted toreach about 50 billion by 2020. With proliferation of IoT devices and need to increase information sharing in IoT applications,risk-based access control model has become the best candidate for both academic and commercial organizations to address accesscontrol issues. This model carries out a security risk analysis on the access request by using IoTcontextual information to provideaccess decisions dynamically. This model solves challenges related to flexibility and scalability of the IoT system. Therefore, wepropose an adaptive risk-based access control model for the IoT. This model uses real-time contextual information associatedwith the requesting user to calculate the security risk regarding each access request. It uses user attributes while making the accessrequest, action severity, resource sensitivity and user risk history as inputs to analyze and calculate the risk value to determine theaccess decision. To detect abnormal and malicious actions, smart contracts are used to track and monitor user activities during theaccess session to detect and prevent potential security violations. In addition, as the risk estimation process is the essential stage tobuild a risk-based model, this paper provides a discussion of common risk estimation methods and then proposes the fuzzyinference system with expert judgment as to be the optimal approach to handle risk estimation process of the proposed risk-basedmodel in the IoT system.
Cloud computing is advantageous for customers and service providers. However, it has specific security requirements that are not captured by traditional access control models, e.g., secure information sharing in dynamic and collaborative environments. Risk-based access control models try to overcome these limitations, but while there are well-known enforcement mechanisms for traditional access control, this is not the case for risk-based policies. In this paper, we motivate the use of risk-based access control in the cloud and present a framework for enforcing risk-based policies that is based on an extension of XACML. We also instantiate this framework using a new ontology-based risk assessment approach, as well as other models from related work, and present experimental results of the implementation of our work.
The increase of dynamic cloud computing environments introduces the need for new ways of access control in applications. One access control model which adapts flexibly to such systems on the Internet is the RAdAC (Risk-Adaptive Access Control). This model is based on the user confidence degree and the risk of releasing access to some information taking into account the context in which a request is performed. However, in practice, to use such model it is necessary to implement a technological support as, for example, extending the access control architecture present in the XACML (eX-tensible Access Control Markup Language). This paper extends the XACML access control architecture to support the RAdAC model providing a quantitative, concrete and dynamic risk calculus in order to improve the access control in cloud environments. A prototype was developed in Amazon EC2 cloud environment to perform dynamic access control policies using the proposed XACML extension. Some risk calculus tests are described in the paper to exemplify the RAdAC decisions.
Potential security risk lies inherently in the traditional method that uses credentials to authorize mobile nodes (MNs) access. It is proposed to carry out trust risk assessment on MNs that pass credential authentication in order to beef up reliability in MN access authorization. Because the MN trust risk is generate from aggregation of risk values throughout cellphones, and in view that such methods as the overall fuzzy evaluation and the D-S evidence theory need to be assigned with a weight, the method to use risk compensation aggregation is proposed. In the method, no weight is needed, the risk value of the risk sequential medians is used as the clustering center, and the Hamming distance is used to compensate the risk value so that the risk value aggregates toward the clustering center, and then take the mean of compensated maximum and minimum as the trust risk to avoid the trust risk going unacceptable. An example is used to demonstrate the method is pretty steady, simple in calculation and practical.
Cloud computing is a distributed computing model that still faces problems. New ideas emerge to take advantage of its features and among the research challenges found in the cloud, we can highlight security concerns. This tutorial discusses the use of risk-based dynamic access control for cloud computing, presenting an access control model based on an extension of the XACML standard with three new components: the risk engine, the risk quantification web services and the risk policies. There are numerous threats and vulnerabilities that become more and more important as the use of the cloud increases, as well as concerns with stored data and its availability, confidentiality and integrity. This situation creates the need for monitoring tools and services, which provide a way for administrators to define and evaluate security metrics for their systems. This tutorial explores service level agreements for security. We provide an overview on the subject and the difficulties faced during the security metrics definition process for cloud computing. One of the great challenges in the deployment of cloud federations is identity and access management. Federated identity management is widely adopted in the cloud to provide useful features for authentication and authorization, but maintaining user privacy in those systems is still a challenge, since federation tools do not provide good features to maintain privacy. This tutorial presents a model where the cloud consumer can perform risk analysis on providers before and after contracting the service. This model establishes the responsibilities of three actors: consumer, provider and security labs. This tutorial analyzes real-time intrusion response systems in order to mitigate attacks that compromise integrity, confidentiality and availability in cloud computing platforms. This tutorial also presents an autonomic intrusion response technique enabling self-awareness, self-optimization and self-healing properties. To achieve this goal an IRAS (Intrusion Response Autonomic System) is used, considering big data techniques for data analytics and expected utility function for decision taking.
Cloud computing is a distributed computing model that still faces problems. New ideas emerge to take advantage of its features and among the research challenges found in the cloud, we can highlight Identity and Access Management. The main problems of the application of access control in the cloud are the necessary flexibility and scalability to support a large number of users and resources in a dynamic and heterogeneous environment, with collaboration and information sharing needs. This paper proposes the use of risk-based dynamic access control for cloud computing. The proposal is presented as an access control model based on an extension of the XACML standard with three new components: the Risk Engine, the Risk Quantification Web Services and the Risk Policies. The risk policies present a method to describe risk metrics and their quantification, using local or remote functions. The risk policies allow users and cloud service providers to define how to handle risk-based access control for their resources, using different quantification and aggregation methods. The model reaches the access decision based on a combination of XACML decisions and risk analysis. A prototype of the model is implemented, showing it has enough expressivity to describe the models of related work. In the experimental results, the prototype takes between 2 and 6 milliseconds to reach access decisions using a risk policy. A discussion on the security aspects of the model is also presented.
A number of recent studies have adopted risk assessment in access control for healthcare applications, but few of the work is specifically concerned with the risk assessment in the presence of uncertainties, such as uncertain values of risk factors, and consequences of imprecision. This paper presents a fuzzy modeling-based approach that accounts for uncertainty analysis when evaluating the risk. Three inputs -- data sensitivity, action severity, and risk history -- are modeled with fuzzy set and used to calculate the level of risk associated with healthcare information access in a cloud environment. Experiments were conducted and demonstrated that the approach can generate accurate and realistic outcomes in assessing current security risk and predicting the scope and impact of different risk factors. This would lead to a great change of access control from being active to being proactive to security breach, and enhance the security level of eHealth cloud applications.
Today, Cloud Computing is rising strongly, presenting itself to the
market by its main service models, known as IaaS, PaaS and SaaS, that
offer advantages in operational investments by means of on-demand costs,
where consumers pay by resources used. In face of this growth, security
threats also rise, compromising the Confidentiality, Integrity and
Availability of the services provided. Our work is a Systematic Mapping
where we hope to present metrics about publications available in
literature that deal with some of the seven security threats in Cloud
Computing, based in the guide entitled "Top Threats to Cloud Computing"
from the Cloud Security Alliance (CSA). In our research we identified
the more explored threats, distributed the results between fifteen
Security Domains and identified the types of solutions proposed for the
threats. In face of those results, we highlight the publications that
are concerned to fulfill some standard of compliance.
Modern information technology is increasingly used in healthcare with the goal to improve and enhance medical services and to reduce costs. In this context, the outsourcing of computation and storage resources to general IT providers (cloud computing) has become very appealing. E-health clouds offer new possibilities, such as easy and ubiquitous access to medical data, and opportunities for new business models. However, they also bear new risks and raise challenges with respect to security and privacy aspects. In this paper, we point out several shortcomings of current e-health solutions and standards, particularly they do not address the client platform security, which is a crucial aspect for the overall security of e-health systems. To fill this gap, we present a security architecture for establishing privacy domains in e-health infrastructures. Our solution provides client platform security and appropriately combines this with network security concepts. Moreover, we discuss further open problems and research challenges on security, privacy and usability of e-health cloud systems.
With the widespread use of electronic health record (EHR), building a secure EHR sharing environment has attracted a lot of attention in both healthcare industry and academic community. Cloud computing paradigm is one of the popular healthIT infrastructure for facilitating EHR sharing and EHR integration. In this paper we discuss important concepts related to EHR sharing and integration in healthcare clouds and analyze the arising security and privacy issues in access and management of EHRs. We describe an EHR security reference model for managing security issues in healthcare clouds, which highlights three important core components in securing an EHR cloud. We illustrate the development of the EHR security reference model through a use-case scenario and describe the corresponding security countermeasures and state of art security techniques that can be applied as basic security guards.
Context-based access control is an emerging approach for modeling adaptive solution, making access control management more flexible and powerful. But in the ubiquitous environment, this approach is not enough for many emerging security vulnerabilities. Thus, improving current access control mechanisms is still necessary. Risk is an effective tool used for decision-making in economics. In this paper, we design a new model for risk assessment in ubiquitous environment and use risk as a key component in decision-making process in our access control model. This solution makes access control management more dynamic and precise.
This paper describes an access control model, called BARAC, that is based on balancing risks of information disclosure with benefits of information sharing. The model configuration associates risk and benefit vectors with every read and update transaction. An allowed transactions graph captures allowed transactions and flow paths that can be used to carry out the transactions. The total system is required to be profitable, in that the total system benefit must overweigh the total system risk; and the allowed transaction graph is required to be optimal, in that its profit cannot be improved by adding transactions or removing transactions. Both the system configuration and the allowed transaction graph can be dynamically modified, while preserving the required properties. The dynamic modifications are done in the scope of hierarchies of tasks and responsible parties, that control the task structure and risk budget allocation to tasks
Treatments and organizational changes supported by eHealth are beginning to play an important role in improving disease treatment outcome and providing cost-efficient care management. "Improvehealth.eu" is a novel eHealth service to support the treatment of patients with depressive disorder. It offers active patient engagement and collaborative care management by combining Web- and mobile-based information and communication technology systems and access to care managers.
Our objective was to assess the feasibility of a novel eHealth service.
The intervention--the "Improvehealth.eu" service--was explored in the course of a pilot study comparing two groups of patients receiving treatment as usual and treatment as usual with eHealth intervention. We compared patients' medication adherence and outcome measures between both groups and additionally explored usage and overall perceptions of the intervention in intervention group.
The intervention was successfully implemented in a pilot with 46 patients, of whom 40 were female. Of the 46 patients, 25 received treatment as usual, and 21 received the intervention in addition to treatment as usual. A total of 55% (12/25) of patients in the former group and 45% (10/21) in the latter group finished the 6-month pilot. Available case analysis indicated an improvement of adherence in the intervention group (odds ratio [OR] = 10.0, P = .03). Intention-to-treat analysis indicated an improvement of outcome in the intervention group (ORs ranging from 0.35 to 18; P values ranging from .003 to .20), but confidence intervals were large due to small sample sizes. Average duration of use of the intervention was 107 days. The intervention was well received by 81% (17/21) of patients who reported feeling actively engaged, in control of their disease, and that they had access to a high level of information. In all, 33% (7/21) of the patients also described drawbacks of the intervention, mostly related to usability issues.
The results of this pilot study indicate that the intervention was well accepted and helped the patients in the course of treatment. The results also suggest the potential of the intervention to improve both medication adherence and outcome measures of treatment, including reduction of depression severity and patients becoming "healthy."
Network interconnection and data sharing has become a global health information development trend. This paper mainly introduces a method and process for embedded medical data transmission platform based on an HL7/XML system. Data format transformation of between hospital and community care are achieved after data collection by the HL7/XML news of construction and analytic in monitoring and hospital, the HL7/XML messages are encoded extensible to markup language XML and are implement transmitted on the network. Then the transmissions of XML data in Wireless Local Area Network (WLAN) are realized by WiFi network driver development. The results show that this paper proposed the embedded medical data transmission platform operation simple, and has economic and practical value.
Traditional security and access control systems, such as MLS/Bell-LaPadula, RBAC are rigid and do not contain automatic mechanisms through which a system can increase or decrease users' access to classified information. Therefore, in this paper, we propose a risk-based decision method for an access control system. Firstly, we dynamically calculate the trust and risk values for each subject-object pair. Both values are adaptive, reflecting the past behavior of the users with particular objects. The past behavior is evaluated based on the history of reward and penalty points. These are assigned by the system after the completion of every transaction. Secondly, based on the trust and risk values, an access decision is made.
An important issues in cloud provisioned multi-tenant healthcare systems is the access control, which focuses on the protection of information against unauthorized access. As different tenants including hospitals, clinics, insurance companies, and pharmacies access the system, sensitive information should be provided only to authorized users and tenants. In this paper, we analyze the requirements of access control for healthcare multi-tenant cloud systems and propose to adapt Task-Role Based Access Control with constraints such as least privilege, separation of duty, delegation of tasks, and spatial and temporal access.
Cloud computing is an emerging computing paradigm in which IT resources and capacities are provided as services over the Internet. Promising as it is, this paradigm also brings forth new challenges for data security and access control when users outsource sensitive data for sharing on cloud servers, which are likely outside of the same trust domain of data owners. To maintain the confidentiality of, sensitive user data against untrusted servers, existing work usually apply cryptographic methods by disclosing data decryption keys only to authorized users. However, in doing so, these solutions inevitably introduce heavy computation overhead on the data owner for key distribution and data management when fine-grained data access control is desired, and thus do not scale well. In this paper, we present a way to implement, scalable and fine-grained access control systems based on attribute-based encryption (ABE). For the purpose of secure access control in cloud computing, the prevention of illegal key sharing among colluding users is missing from the existing access control systems based on ABE. This paper addresses this challenging open issue by defining and enforcing access policies based on data attributes and implementing user accountability by using traitor tracing. Furthermore, both the user grant and revocation are efficiently supported by using the broadcast encryption technique. Extensive analysis shows that the proposed scheme is highly efficient and provably secure under existing security models.
The article presents a simple model for the information secu- rity risk assessment. There are four main elements of the model: security threats, their business impact, security measures and their costs. The security measures - threats relationship matrix is the fundamental quan- titative tool for the model. The model bases on well known methods like ALE, ROSI and ISRAM but allows for establishing more flexible and more precise metrics supporting the security management process at different organizational levels1.
This paper describes the use of a new distributed middleware technology ‘Web Services’ in the proposed Healthcare Information System (HIS) to address the issue of system interoperability raised from existing Healthcare Information systems. With the development of HISs, hospitals and healthcare institutes have been building their own HISs for processing massive healthcare data, such as, systems built up for hospitals under the NHS (National Health Service) to manage patients’ records. Nowadays many healthcare providers are willing to integrate their systems’ functions and data for information sharing. This has raised concerns in data transmission, data security and network limitation. Among these issues, system and language interoperability are one of most obvious issues since data and application integration is not an easy task due to differences in programming languages, system platforms, Database Management Systems (DBMS) used within different systems. As a new distributed middleware technology, Web service brings an ideal solution to the issue of system and language interoperability. Web service has been approved to be very successful in many commercial applications (e.g. Amazon.com, Dell computer, etc.), however it is different to healthcare information system. As the result, Web Service-based Integrated Healthcare Information System (WSIHIS) is proposed to address the interoperability issue of existing HISs but also to introduce this new technology into the healthcare environment.
This paper presents a new model for, or rather a new way of thinking about adaptive, risk-based access control. Our basic premise is that there is always inherent uncertainty and risk in access control decisions that is best addressed in an explicit way. We illustrate this concept by showing how the rationale of the well-known, Bell-Lapadula model based, Multi-Level Security (MLS) access control model could be used to develop a risk-adaptive access control model. This new model is more like a Fuzzy Logic control system [9] than a traditional access control system and hence the name "Fuzzy MLS". The long version of this paper is published as an IBM Research Report [3].
Risk-adaptable Access Control (RADAC)," NIST - National Institute of Standards and Technology - Information Technology Laboratory Privilege (Access) Management Workshop
- R Mcgraw