- 學位論文
電子醫療資料中基於決策的授權與存取系統
Authorization and Access Control In Policy-Based System for Electronic Medical Records
摘要
良好的授權以及存取控制設計,是電子化病歷系統要應用在大型醫療機構中所不可或缺的一環。因此,系統需要自動化的代理人,依照系統狀態的演進來做動態的分散式安全性管理。基於決策(policy)的系統是分散式管理的最新發展之一。藉由配置決策來管理權限,我們便可以動態地規範系統行為,而不須將行為規範寫入代理人程式中。我們提出了一個制定可實作的決策的方法。制訂在組織層級的決策會被轉化為可實作的行動。授權決策指定了一個角色被允許或禁止在哪些目標上執行哪些行動,而義務決策指定了一個角色必須或不必執行哪些行動。此模型規範了使用者在病歷系統中的存取權,並支援正或負的授權,以及動態或靜態的義務。權利與義務的決定是基於存取時的環境背景資訊-例如醫師與病人的關係,並考慮了角色之間的衝突。這使我們可以制定精確而具彈性的決策,來依照使用者的權利和職務需求作授權。我們也討論了在決策間有衝突時,如何用優先順序關係來化解。
並列摘要
The design of proper models for authorization and access control for electronic medical record (EMR) is essential to a wide scale use of EMR in large health organizations. There is a need for distributed, automated management agents whose behaviors also have to dynamically change to reflect the evolution of the system being managed. Policy-based management is one of the latest developments in network and distributed systems management. The use of policy-based management in areas such as security is particularly attractive. Security management involves specification and deployment of access control policies. Policies are a means of specifying and influencing management behavior within a system, without coding the behaviors into the manager agents. Our approach is aimed at specifying implementable policies, although policies may be initially specified at the organizational level, and then refined to implementable actions. Authorization policies specify what activities a role is permitted or forbidden to do to a set of target objects and are similar to security access control policies. Obligation policies specify what activities a role must or must not do to a set of target objects and essentially define the duties of the role. This model regulates user’s access to EMR based on organizational roles. It supports positive and negative authorizations; static and dynamic separation of duties based on weak and strong role conflicts. Authorization with context use environmental information available at access time, like user/patient relationship, in order to decide whether a user is allowed to access an EMR resource. This enables the specification of a more flexible and precise authorization policy, where permission is granted or denied according to the right and the need of the user to carry out a particular job function. We also discuss various precedence relationships that can be established between policies in order to allow inconsistent policies to co-exist with the system and review policy conflicts, focusing on the problems of conflict detection and resolution.
參考文獻
被引用紀錄
延伸閱讀
- 林正昌、林清山、金樹人(2004)。決策過程中決策策略的權變運用:電腦模擬。教育心理學報,36(2),127-144。https://doi.org/10.6251/BEP.20040903
- Yen, C. (2004). 個人資料授權協商模型之設計與實作 [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2004.02188
- 蔡佳吟(2006)。醫療院所醫療儀器採購決策支援系統之建構與評估〔碩士論文,長榮大學〕。華藝線上圖書館。https://doi.org/10.6833/CJCU.2006.00066
- 徐嫦娥、簡郁沛(2010)。Development of Electronic Medical Records, Regulations and Policies。病歷資訊管理,9(2),1-18。https://doi.org/10.29741/JMHIM.201006.0001
- 李卓蓉(2011)。Design and Implementation of Electronic Medical Record Sharing System with Privacy Protection〔碩士論文,大同大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0081-3001201315111298