837 research outputs found
Modelling and verifying dynamic access control policies in workflow-based healthcare systems
Access control system is an important component to protect patientsâ information from abuse in a health care system. It is a major concern in the management, design, and development of healthcare systems. Designing access control policies for healthcare systems is complicated due to the dynamic and inherent complexity of the tasks performed by the healthcare
personnel. Permissions in access control systems are usually granted on the basis of static policies. However, static policies are not enough to cope with various situations such as emergencies. Most often, the Break-the-glass mechanism is used to bypass static policies to handle emergency situations. Since healthcare systems are critical systems, where errors can be very costly in terms of lives, quality of life, and/or dollars, it is crucial to identify discrepancies between policy
specifications and their intended function to implement correctly a flexible access control system. Formal verifications are necessary for exhaustive verification and validation of policy specifications to ensure that the policy specifications
truly encapsulate the desires of the policy authors. We present a verifiable framework to enact a dynamic access control model by integrating the ANSI/INCTIS RBAC Reference Model in a workflow and an approach for property verifications of
the access control model. Access control policies are expressed by the formal semantics of a model checker and properties are verified by the DiVinE model checker
Design Considerations for Incorporating Flexible Workflow and Multi-AgentInteractions in Agent Societies
In this paper, we present our conception of a Flexible Agent Society (FAS), an extension of the Contractual Agent Society (CAS) idea. Essentially, a FAS is a distributed information system modeling an agent society, providing agents with the ability to collaborate in order to meet certain common goals. In a FAS, unlike the CAS, the agents themselves have control over the workflow processesand multi-agent conversations that they need to execute in order to meet their common goals
- âŚ