Title: Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare

Authors: Annanda Thavymony Rath; Jean-Noël Colin

Addresses: PReCISE Research Center, Faculty of Computer Science, University of Namur, rue de Bruxelles 61, B-5000 Namur, Belgium ' PReCISE Research Center, Faculty of Computer Science, University of Namur, rue de Bruxelles 61, B-5000 Namur, Belgium

Abstract: Enforcing the purpose of data usage means to ensure that data are used as it intends for and that excessive usage cannot happen. In general, the enforcement of purpose is a complicated task. The main difficulty is to identify the purpose of an agent when it requests to perform an action. In this paper, we discuss the design issue of usage purpose enforcement model based on our proposed enforcement structure: pre-, ongoing-, and post-enforcement. We also propose an enforcement solution for usage control designed for distributed healthcare information system, particularly, the pre- and ongoing-enforcement of purpose. Furthermore, we validate our model with a prototype developed in Java.

Keywords: purpose enforcement; enforcement model; distributed healthcare; security; privacy; usage control; healthcare information systems; healthcare technology; modelling.

DOI: 10.1504/IJSN.2013.055943

International Journal of Security and Networks, 2013 Vol.8 No.2, pp.94 - 105

Published online: 18 Aug 2013 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article