A conditional role-involved purpose-based access control model

This paper presents a role-involved conditional purpose-based access control (RCPBAC) model, where a purpose is defined as the intension of data accesses or usages. RCPBAC allows users using some data for certain purpose with conditions. The structure of RCPBAC model is defined and investigated. An algorithm is developed to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects) and is illustrated with role-based access control (RBAC) to support RCPBAC. According to this model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers' data. It extends traditional access control models to a further coverage of privacy preserving in data mining environment as RBAC is one of the most popular approach towards access control to achieve database security and available in database management systems. The structure helps enterprises to circulate clear privacy promise, to collect and manage user preferences and consent

A Privacy-Aware Access Control Model for Distributed Network Monitoring

International audienceIn this paper, we introduce a new access control model that aims at addressing the privacy implications surrounding network monitoring. In fact, despite its importance, network monitoring is natively leakage-prone and, moreover, this is exacerbated due to the complexity of the highly dynamic monitoring procedures and infrastructures, that may include multiple traffic observation points, distributed mitigation mechanisms and even inter-operator cooperation. Conceived on the basis of data protection legislation, the proposed approach is grounded on a rich in expressiveness information model, that captures all the underlying monitoring concepts along with their associations. The model enables the specification of contextual authorisation policies and expressive separation and binding of duty constraints. Finally, two key innovations of our work consist in the ability to define access control rules at any level of abstraction and in enabling a verification procedure, which results in inherently privacy-aware workflows, thus fostering the realisation of the Privacy by Design vision

Privacy enhanced and web based service composition

Service selection is a key issue in the Future Internet, where applications are built by composing services and content offered by different service providers. Most existing service selection schemas only focus on the functional QoS properties of services such as throughput, latency and response time, or on their trust and reputation level. By contrast, the risk of privacy breaches arising from the selection of component services whose privacy policy is not compliant with customers’ privacy preferences is largely ignored. In this paper, we propose a novel privacy-preserving Web service composition and selection approach which (i) makes it possible to verify the compliance between users’ privacy requirements and providers’ privacy policies and (ii) ranks the composite Web services with respect to the privacy level they offer. We demonstrate our approach using a travel agency Web service as an example of service composition

An Approach for Managing Access to Personal Information Using Ontology-Based Chains

The importance of electronic healthcare has caused numerous changes in both substantive and procedural aspects of healthcare processes. These changes have produced new challenges to patient privacy and information secrecy. Traditional privacy policies cannot respond to rapidly increased privacy needs of patients in electronic healthcare. Technically enforceable privacy policies are needed in order to protect patient privacy in modern healthcare with its cross organisational information sharing and decision making. This thesis proposes a personal information flow model that specifies a limited number of acts on this type of information. Ontology classified Chains of these acts can be used instead of the "intended/business purposes" used in privacy access control to seamlessly imbuing current healthcare applications and their supporting infrastructure with security and privacy functionality. In this thesis, we first introduce an integrated basic architecture, design principles, and implementation techniques for privacy-preserving data mining systems. We then discuss the key methods of privacypreserving data mining systems which include four main methods: Role based access control (RBAC), Hippocratic database, Chain method and eXtensible Access Control Markup Language (XACML). We found out that the traditional methods suffer from two main problems: complexity of privacy policy design and the lack of context flexibility that is needed while working in critical situations such as the one we find in hospitals. We present and compare strategies for realising these methods. Theoretical analysis and experimental evaluation show that our new method can generate accurate data mining models and safe data access management while protecting the privacy of the data being mined. The experiments followed comparative kind of experiments, to show the ease of the design first and then follow real scenarios to show the context flexibility in saving personal information privacy of our investigated method

Ensuring Data Security and Individual Privacy in Health Care Systems

Ph.DDOCTOR OF PHILOSOPH

RBAC seguro, dinâmico e distribuído para aplicações relacionais

Mestrado em Engenharia de Computadores e TelemáticaNowadays, database application use tools like Java Database Connectivity, Hibernate or ADO.NET to access data stored in databases. These tools are designed to bring together the relational database and object-oriented programming paradigms, forsaking applied access control policies. Hence, the application developers must master the established policies as a means to develop software that is conformant with the established access control policies. Furthermore, there are situations where these policies can evolve dynamically. In these cases it becomes hard to adjust the access control mechanisms. This challenge has led to the development of an extension to the role based access control (RBAC) model where permissions are defined as a sequence of create, read, update and delete (CRUD) expressions that can be executed and the interfaces to access them. From these permissions it's possible to generate security artefacts on the client side, i.e. in a distributed manner, which allows the clients to access the stored data while satisfying the security policies defined. On top of this model extension, a security layer has also been created in order to make the access control secure and obligatory. For the RBAC model extension this work leverages a previous work that created a dynamic access control architecture for relational applications, here referred to as DACA (Dynamic Access Control Architecture). DACA uses business logic information and the defined access control policies to build dynamically the security artefacts for the applications. In situations where the access control policies can evolve dynamically, the security artefacts are adjusted automatically. This base work, however, defines as permissions CRUD expressions, which can be executed in any order, and needs an adequate security layer to authenticate users and protect the system form intruders. Hence, this work aims to create a new architecture, called “S-DRACA” (Secure, Dynamic and Distributed Role-based Access Control Architecture), which extends the work done with DACA so that it is capable of enforcing sequences of CRUD expressions that the applications can execute if the sequences are associated with their roles and the development of a security layer to make it secure. We discuss as well the performance of this system and its applicability to other environments outside of relational databases.Atualmente, aplicações que acedem a bases de dados utilizam ferramentas como o Java Database Connectivity, Hibernate ou ADO.NET para aceder aos dados nelas armazenados. Estas ferramentas estão desenhadas para unir os paradigmas das bases de dados relacionais e da programação orientada a objetos, mas não estão preocupados com as políticas de controlo de acesso a aplicar. Portanto, os programadores de aplicações têm de dominar as políticas estabelecidas a fim de desenvolver aplicações em conformidade com as políticas de controlo de acesso estabelecidas.. Além disso, existem situações em que as políticas de controlo de acesso podem evoluir dinamicamente. Nestes casos, torna-se difícil adequar os mecanismos de controlo de acesso. Este desafio motivou o desenvolvimento de uma extensão ao modelo de controlo de acesso baseado em papeis (RBAC) que define como permissões sequências de expressões para criar, ler, atualizar e apagar (CRUD) informação e as interfaces de acesso a cada uma delas. A partir destas permissões podem ser gerados artefactos de segurança do lado dos clientes, i.e. de uma forma distribuída, que lhes permitem aceder à informação armazenada na base de dados segundo as políticas definidas. Por cima desta extenção também foi criada uma camada de segurança para tornar o controlo de acesso seguro e obrigatório. Para a extensão do modelo RBAC este trabalho baseou-se num trabalho anterior que criou uma arquitectura dinâmica de controlo de acesso para aplicações de bases de dados relacionais, aqui referida como DACA (Dynamic Access Control Architecture). DACA utiliza informação da lógica de negócio e as políticas de controlo de acesso que foram definidos para criar dinamicamente os artefactos de segurança para as aplicações. Em situações onde as políticas de controle de acesso evoluem de forma dinâmica, os artefactos de segurança são ajustados automaticamente. Este trabalho base, no entanto, define como permissões as expressões CRUD, podendo estas ser executadas em qualquer ordem, e necessita de uma camada de segurança adequada para autenticar utilizadores e proteger os dados sensíveis de intrusos. Portanto, neste trabalho, pretende-se criar uma nova arquitectura, chamada “S-DRACA” (Secure, Dynamic and Distributed Role-based Access Control Architecture), que estende o trabalho feito no âmbito do DACA para que este seja capaz de garantir que sejam cumpridas sequência de expressões CRUD que as aplicações podem executar e que estão associados aos seus papéis nas políticas RBAC e desenvolver uma camada de segurança adequada para a tornar segura. Discutimos, também, o seu desempenho e aplicabilidade em outros ambientes sem ser em bases de dados relacionais

‘Enhanced Encryption and Fine-Grained Authorization for Database Systems

The aim of this research is to enhance fine-grained authorization and encryption so that database systems are equipped with the controls necessary to help enterprises adhere to zero-trust security more effectively. For fine-grained authorization, this thesis has extended database systems with three new concepts: Row permissions, column masks and trusted contexts. Row permissions and column masks provide data-centric security so the security policy cannot be bypassed as with database views, for example. They also coexist in harmony with the rest of the database core tenets so that enterprises are not forced to compromise neither security nor database functionality. Trusted contexts provide applications in multitiered environments with a secure and controlled manner to propagate user identities to the database and therefore enable such applications to delegate the security policy to the database system where it is enforced more effectively. Trusted contexts also protect against application bypass so the application credentials cannot be abused to make database changes outside the scope of the application’s business logic. For encryption, this thesis has introduced a holistic database encryption solution to address the limitations of traditional database encryption methods. It too coexists in harmony with the rest of the database core tenets so that enterprises are not forced to choose between security and performance as with column encryption, for example. Lastly, row permissions, column masks, trusted contexts and holistic database encryption have all been implemented IBM DB2, where they are relied upon by thousands of organizations from around the world to protect critical data and adhere to zero-trust security more effectively

NURS 3301 Professional Mobility

https://scholarworks.utrgv.edu/oer/1002/thumbnail.jp

Leadership in medical education : competencies, challenges and strategies for effectiveness

The complex nature of health care and medical educational organizations, their different primary goals (clinical service versus education), different organizational structures and the necessity for ensuring efficient and harmonious relationships between these two types of organizations create a challenging environment in which to provide effective medical education leadership. The calls for reform in both medical education and health care have added to these challenges. The purpose of the study was to develop a framework of leadership for medical education and contribute to the literature on leadership in medical education, based on an analysis of the perceptions of key health education leaders in Saskatchewan medical education organizations at the national level in Canada. The main objectives were the identification of core competencies, challenges and strategies for effectiveness in medical education with a focus on unique aspects of about leadership in the medical education setting. Multiple methods of data collection (individual interviews and an “event” study with components of focus groups interviews and short surveys) with subjects of varied backgrounds and at different levels of leadership in medical education were entailed in this study. The data were collected over a period of 13 months (January, 2009 - February, 2010). The perceptions of 32 medical education leaders, stratified into first- (11), middle- (6) and senior-level (15) leadership positions, based upon the hierarchical position and the scope of the job, were obtained and analyzed. Quantitative data were analyzed through descriptive statistics. Qualitative data were analyzed for themes through content analysis. The findings provide useful information on leadership competencies, challenges and effectiveness strategies in medical education. Leadership competencies included five domains including personal and interpersonal characteristics, skills for effective leadership, skills as an efficient manager, skills in medical education delivery, skills as a teacher and skills as a researcher. All leaders considered personal and interpersonal characteristics to be at the core of leadership; while skills in medical education delivery, and skills as a medical education teacher and researcher were considered least important. The senior-level leaders spent most of their time in activities requiring leadership functions (e.g., strategic planning and creating alignment) followed by activities requiring managerial skills (e.g., operational management). This distinction in the rank ordering of leadership and managerial skills was not obvious for the first- and middle-level leaders; however, most did indicate that they spent more of their time in roles requiring more managerial skills than leadership skills. Among the key competencies, essential at all levels, were effective communication and building and managing relationships. For the most part, the leadership skills were acquired informally with only a few leaders having undergone formal leadership training. The leaders faced three types of challenges: personal and interpersonal challenges including effective time management and personal limitations; organizational challenges including those around structures and processes, organizational communication, personal and organizational relationships, creating engagement and alignment, managing culture and resistance and limited resources; and inter-organizational challenges including competing agendas and interests of stakeholders. The context (societal needs, multiple stakeholders and health care reform), content (medical education delivery and calls for reform) and culture (e.g. professionalism, apprenticeship model of medical education, and the hidden curriculum) of medical education and inherent dualities and conflict require situated leadership skills and strategies. The main leadership theories and approaches helpful in practicing contextual leadership included transactional, transformational, and servant leadership. However, other theoretical approaches, such as moral leadership and learner-centered leadership were also useful. Effective leadership was considered to include personal and interpersonal strategies, strategies for becoming an efficient manager and strategies for practicing inspiring and effective leadership. Personal and interpersonal strategies included looking after self, seeking advice, consciously developing fortitude, allotting time for priorities and thinking and personal development. Becoming an efficient manager involved diligent delegation, appropriate organizational communication and managing priorities. Practicing inspiring leadership involved developing the structure and processes to achieve vision, providing hope, developing mutually valued relationships which were considered key to engagement, alignment, leading change and managing resistance, moving from power to process, using appropriate leadership styles, developing the art of leading change and managing resistance, proactively influencing culture and accomplishing the vision. In conclusion, medical education leadership was perceived as requiring both effective leadership and efficient management. The practice of inspiring and effective leadership, however, appeared to be more an art requiring an alchemy of strategies than a simple matter of application