Writing Open Source SunXACML Access Control in Electronic Health Record with Acceptable Performances

Snezana Sucurovic, Dejan Simic

Abstract

OASIS is a non–for-profit consortium that drives the development convergence and adoption of open standards for the global information society. It involves more than 600 organizations and individuals as well as IT leaders Sun, Microsoft, IBM and Oracle. One of it’s standard is XACML which appears a few years ago and now there are about 150 000 hits on Google. XACML (eXtensible Access Control Markup Language) is not technology related. Sun published in 2004 open source Sun XACML which is in compliance with XACML 1.0. specification and now worked to be in compliance with XACML 2.0. The heart of XACML are attributes values of defined type and name that is to be attached to a subject, a resource, an action and an environment in which subject request action on resource. On that way XACML is to replace Role Based Access Control which dominated for years. The paper examines performances in CEN 13 606 and ISO 22 600 based healthcare system which use XACML for access control.

References

  1. Bussiness Wire, accessed May 2008, http://www.allbusiness.com/technology/softwareservices-applications-information/8943546-1.html
  2. CEN ENV 13 606 Extended Architecture, URL: http://www.centc251.org/WGI/Ndocuments/WGI-N04-24-prEN_13606-1_(E)preENQ.pdf, accessed June 2007.
  3. ISO 22 600 “Access Control in Healthcare Information Systems”
  4. Anderson A., A comparasion of Two Privacy Policy Languages: EPAL and XACML, http://research.sun.com/techrep/2005/smli_tr2005-147.pdf
  5. Sun's XACML Implementation, http://sunxacml.sourceforge.net/
  6. Artemis Project, http://www.srdc.metu.edu.tr/webpage/projects/
  7. National Library of Medicine, Unified Medical Language System, Semantic Network, http://www.nlm.nih.gov/research/umls/meta3.html
  8. National Library of Medicine, Unified Medical Language System, Metathesaurus, http://www.nlm.nih.gov/research/umls/meta2.html
  9. S. Sucurovic, “Implementing security in a distributed web based EHCR”, International Journal of Medical Informatics, May 2007, pp. 491-496, Elsevier
  10. S. Sucurovic, Z. Jovanovic, Java Cryptography & Attribute Certificate Management, Dr. Dobb's Journal, Octobar 2006
Download


Paper Citation


in Harvard Style

Sucurovic S. and Simic D. (2009). Writing Open Source SunXACML Access Control in Electronic Health Record with Acceptable Performances . In Proceedings of the 1st International Workshop on Open Source in European Health Care: The Time is Ripe - Volume 1: Workshop OSEHC, (BIOSTEC 2009) ISBN 978-989-8111-79-1, pages 59-68. DOI: 10.5220/0001813400590068


in Bibtex Style

@conference{workshop osehc09,
author={Snezana Sucurovic and Dejan Simic},
title={Writing Open Source SunXACML Access Control in Electronic Health Record with Acceptable Performances },
booktitle={Proceedings of the 1st International Workshop on Open Source in European Health Care: The Time is Ripe - Volume 1: Workshop OSEHC, (BIOSTEC 2009)},
year={2009},
pages={59-68},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001813400590068},
isbn={978-989-8111-79-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 1st International Workshop on Open Source in European Health Care: The Time is Ripe - Volume 1: Workshop OSEHC, (BIOSTEC 2009)
TI - Writing Open Source SunXACML Access Control in Electronic Health Record with Acceptable Performances
SN - 978-989-8111-79-1
AU - Sucurovic S.
AU - Simic D.
PY - 2009
SP - 59
EP - 68
DO - 10.5220/0001813400590068