- 期刊
適用無所不在運算環境之情境與屬性存取控制模型之研究-以醫療環境爲例
Research on Context and Attribute-based Access Control Model for Ubiquitous Computing Environment-A Case of Hospital Environment
摘要
近年資訊科技及網際網路迅速發展,產生許多無所不在運算環境新科技及應用,提供即時運算及資訊的服務,使人們手持行動設備在任何時間、任何地點進行資源存取,產生極大的便利性,但也帶來許多資訊安全的問題,如資源未經授權人員竊取、篡改、僞造等。本研究提出以情境與屬性爲基礎的存取控制模型,以使用者屬性、角色屬性及情境屬性結合情境資訊,授予使用者適當的權限,及提供適用於無所不在運算環境權限指派演算法,本研究所提出之情境與屬性爲基礎存取控制模型,可確保在無所不在運算環境中,經授權使用者能適當的存取所需的資源,並防止未經授權的使用者不適當的存取資源。最後以醫院環境爲例,把醫療活動行爲加入條件限制,使每位醫護人員都會依據不同的情境進行動態的授權指派關係,防止沒有操作權利的人員操作醫療設備,以降低權限濫用的情形。
並列摘要
The development of Information technology and Internet is rapid in recent years. Many ubiquitous technology and applications are proposed to provide real-time computing and information service. People can use mobile devices to access resource at anytime and anywhere. It not only provides the convenience but also causes security problems such as theft, tampering, forgery by unauthorized personnel and so on. This research proposed the context and attribute based access control model for ubiquitous computing environment. The model combined the user, role, context attributes and context information to authorize the appropriate permissions to users. The study proposed a permission assignment algorithm for authorization management and to prevent unauthorized users. Finally, the research takes the hospital environment as an example. The constraint rules are defined for several medical treatment activities. Every medical personnel are assigned to appropriate roles and permissions according the context in order to prevent unauthorized permissions and reduce the privileges misuse.