Prosumer's Responsibilities?... On Stage to a Dedicated Framework for Services Sharing and Compliance in the Healthcare Domain.

This chapter addresses issues relating the clarification of responsibilities associated to business services. The definition of the constraints is part of the definition of the services. The main objective is to describe the influence of the constraints in the service elaboration mechanisms. The authors propose an approach for the specification of the constraints associated to services and for the management of access rights needed to use and exploit services. The usage of services is strongly coupled with the stakeholder’s responsibilities. Finally, the authors discuss a usage scenario implementing this approach in the context of sensitive data exchange between stakeholders from the healthcare domain. Furthermore, they describe how the constraints are defined. </jats:p

Role Mining under Role-Usage Cardinality Constraint

Part 4: Access ControlInternational audienceWith the emergence of Role Based Access Control (RBAC) as the de facto access control model, organizations can now implement and manage many high level security policies. As a means of migration from traditional access control systems to RBAC, different role mining algorithms have been proposed in recent years for finding a minimal set of roles from existing user-permission assignments. While determining such roles, it is often required that certain security objectives are satisfied. A common goal is to enforce the role-usage cardinality constraint, which limits the maximum number of roles any user can have. In this paper, we propose two alternative approaches for role mining with an upper bound on the number of roles that can be assigned to each user, and validate their performance with benchmark data sets