  • 學位論文


Research of Using Dynamic Separation of Duty To Resolve the Multi-tenancy In Cloud Computing Allocation of Medical Resources Conflict

指導教授 : 柯志坤


現今科技日新月益發展,各個醫療院所擁有專屬資訊系統,診斷療程所記錄下的資訊化病歷,存放於醫療資訊系統內。但醫療資源僅存放於各個醫療院所的醫療資訊系統內,若病患需要申請醫療資源記錄時,需經過繁瑣的程序與往返醫療院所的時間。當發生使用者同時搶用資源如病床設備、檢測儀器時所產生的衝突。台灣日前發生大型特殊事件,產生相當多的急重症患者,卻無法有效的配置急重症病床,使病患錯過黃金救援時間或花費很多等待病床的時間。隨著雲端運算技術發展逐漸被重視,如何有效的配置與管理醫療資源,滿足使用者(病患、醫療院所人員)需求並保有安全性,成為一個值得探討的研究議題。 本研究探討醫療資訊系統透過雲端運算配置與共享醫療資源。應用多租戶(Multi-tenancy)的環境下提供使用者可以在多使用者的環境下共用相同的平台,依使用者需求擬定客製化需求租約,並且確保使用者間資源隔離性、隔離管理與客製化機制。發生使用者同時搶用資源或用戶角色發生衝突時,利用動態職責區分關係(DSOD),在同一時間一個用戶只能扮演一種角色的概念。應用以角色為基礎存取控制(RBAC),制定醫療院所中各單位內的角色所相對應的醫療資源的存取權限,藉此控制使用者所能使用的醫療資源、存取權限、使用範圍,接著角色分配給用戶角色會期與權限設定,解決使用者(病患、醫療院所人員)角色衝突。在實務運作方面,本研究將設計以醫療資源整合服務,應用於醫療資訊環境。實務運作方面,設計的醫療資源整合平台應用於Swift架構實行多租戶環境,模擬醫療院所情境中,並模擬醫療資源發生衝突時,調合醫療資源配置的實驗,與其他動態職責區分關係進行比較。對於醫療院所提供雲端運算環境下,有助於醫療院所達到整合性與一致性。在動態職責區分關係中與多租戶技術結合,利用服務級別協議(SLA),發現衝突點,設計符合醫療資源情境的動態職責區分規則與避免多租戶衝突。


The technology developing quite fast nowadays, each medical institutions have proprietary information systems, the recorded information of the diagnostic treatment stored in a medical information system. However, medical resources only deposited in each medical institutions of medical information systems, if the patient needs to apply for medical resource records, subject to cumbersome procedures and time and from medical facilities. When conflict occurs, such as the user simultaneously grab beds equipment, testing equipment occurred resources used. Taiwan's large-scale special event recently occurred, resulting in a considerable number of patients with severe acute, but not effective configuration severe acute beds, so patients miss golden rescue time or spend a lot of time waiting for beds. With cloud computing technology is gradually being taken seriously, how effective configuration and management of medical resources to meet the users (patients, medical institutions staff) needs and to maintain security, to become a research topic worth exploring. This study investigated the medical information systems allocate and share medical resources through cloud computing. By application of multi-tenant (Multi-tenancy) The environment provides users to share the same platform in a multi-user environment, according to the needs of users to develop customized lease demand, and ensure that resources between user isolation, quarantine management and Customized mechanism. Looting occurred simultaneous users or user roles by resource conflicts,by using Dynamic Separation of Duty (DSOD),the concept of a user can only play a role at the same time. Apply Role-based access control (RBAC), access rights to develop the role of medical institutions in the various units within the corresponding medical resources, thereby controlling health care resources can be used by users, access rights, use range, then the role assigned to the user roles and permissions session to address users (patients, medical institutions staff) role conflict. In practical operation, the study will be designed to integrate medical resources and services, used in medical IT environment. Practical operation, the design of medical resources integration platform architecture applied Swift implementation of multi-tenant environments, simulated situations medical institutions and medical resources simulate conflict, blending experimental allocation of medical resources, segregation of duties and other dynamic relationship comparison. For medical institutes to provide cloud computing environment to help medical institutions to achieve integration and consistency. Combine Dynamic Separation of Duty with the multi-tenancy and using service level agreements (SLA) to find out the conflict point ,design the rule of Dynamic Separation of Duty that suits medical resources situation and prevent Multi-tenancy conflict.


[2] 朱明添. (2012). 中醫雲端照護模式之建立-以糖尿病為例. 元智大學管理碩士在職專班學位論文, 1-46.
[3] 林正華. (2013). 基於角色為基礎存取控制模式之無所不在的資源安全同步分享機制 臺中科技大學資訊管理系碩士班學位論文 (pp. 1-127).
[4] 林恆慶, & 趙儷淨. (2002). 整合性健康照護系統. 臺灣公共衛生雜誌, 21(1), 1-8.
[5] 林景嘉, 黃仁竑, & 郭光明. (2006). 以 Web Services 建構臨床文件架構 (CDA) 之電子病歷交換系統之研究. 醫療資訊雜誌, 15(2), 17-28.
[8] 黃衍文, 李炯三, 陳榮駿, 吳佳真, 王雅慧, 梁雅菁, & 陳皓瑋. (2011). 醫院實施電子病歷與醫療資訊安全之近況探討. 資訊安全通訊, 17(3), 74-84.
