TY - GEN
T1 - Towards Location-Based Access Control in Healthcare Emergency Response
AU - Vicente, Carmen Ruiz
AU - Kirkpatrick, Michael
AU - Ghinita, Gabriel
AU - Bertino, Elisa
AU - Jensen, Christian Søndergaard
PY - 2009
Y1 - 2009
N2 - Recent advances in positioning and tracking technologies have led to the emergence of novel location-based applications that allow participants to access information relevant to their spatio-temporal context. Traditional access control models, such as role-based access control (RBAC), are not sufficient to address the new challenges introduced by these location-based applications. Several recent research efforts have enhanced RBAC with spatio-temporal features. Nevertheless, the state-of-the-art does not deal with mobility of both subjects and objects and does not support the utilization of complex access control decisions based on spatio-temporal relationships among subjects and objects. Furthermore, such relationships change frequently in dynamic environments, requiring efficient mechanisms to monitor and re-evaluate access control decisions. In this position paper, we present a healthcare emergency response scenario which highlights the novel challenges that arise when enforcing access control in an environment with moving subjects and objects. To address a realistic application scenario, we consider movement on road networks, and we identify complex access control decisions relevant to such settings. We overview the main technical issues to be addressed, and we describe the architecture for policy decision and enforcement points.
AB - Recent advances in positioning and tracking technologies have led to the emergence of novel location-based applications that allow participants to access information relevant to their spatio-temporal context. Traditional access control models, such as role-based access control (RBAC), are not sufficient to address the new challenges introduced by these location-based applications. Several recent research efforts have enhanced RBAC with spatio-temporal features. Nevertheless, the state-of-the-art does not deal with mobility of both subjects and objects and does not support the utilization of complex access control decisions based on spatio-temporal relationships among subjects and objects. Furthermore, such relationships change frequently in dynamic environments, requiring efficient mechanisms to monitor and re-evaluate access control decisions. In this position paper, we present a healthcare emergency response scenario which highlights the novel challenges that arise when enforcing access control in an environment with moving subjects and objects. To address a realistic application scenario, we consider movement on road networks, and we identify complex access control decisions relevant to such settings. We overview the main technical issues to be addressed, and we describe the architecture for policy decision and enforcement points.
KW - security
KW - privacy
KW - medical
KW - spatial
U2 - 10.1145/1667502.1667508
DO - 10.1145/1667502.1667508
M3 - Article in proceeding
VL - 2
T3 - Geographic Information Systems
SP - 22
EP - 26
BT - Proceedings of the 2nd SIGSPATIAL ACM GIS 2009 International Workshop on Security and Privacy in GIS and LBS
A2 - Damiani, Maria Luisa
A2 - Saygin, Yucel
PB - Association for Computing Machinery
T2 - Workshop on Security and Privacy in GIS and LBS (SPRINGL 2009)
Y2 - 3 November 2009 through 3 November 2009
ER -