A conditional role-involved purpose-based access control model

This paper presents a role-involved conditional purpose-based access control (RCPBAC) model, where a purpose is defined as the intension of data accesses or usages. RCPBAC allows users using some data for certain purpose with conditions. The structure of RCPBAC model is defined and investigated. An algorithm is developed to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects) and is illustrated with role-based access control (RBAC) to support RCPBAC. According to this model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers' data. It extends traditional access control models to a further coverage of privacy preserving in data mining environment as RBAC is one of the most popular approach towards access control to achieve database security and available in database management systems. The structure helps enterprises to circulate clear privacy promise, to collect and manage user preferences and consent

Factors Associated with Patient Satisfaction of Community Mental Health Services: A Multilevel Approach

Community care is increasingly the mainstay of mental healthcare provision in many countries and patient satisfaction is an important barometer of quality of patient care. This paper explores the key factors associated with patient satisfaction with community mental health services in England and then compares providers’ performance on patient satisfaction. Our analysis is based on patient-level responses from the community mental health survey, which is run annually by the Care Quality Commission (CQC) for the years 2010 to 2013. We perform a repeated cross-section analysis, identifying factors associated with patient satisfaction via a multi-level ordered probit model, including both patient- and provider-level variables. We identify hospital-specific effects via empirical Bayes estimation. Our analysis identifies a number of novel results. First, patient characteristics such as older age, being employed, and being able to work, are associated with higher satisfaction, while being female is associated with lower satisfaction. Service contact length, time since last visit, condition severity and admission to a mental health institution, are all associated with lower satisfaction. Second, treatment type affects satisfaction, with patients receiving talking therapies or being prescribed medications being more satisfied. Third, care continuity and involvement, as proxied by having a care plan, is associated with higher satisfaction. Fourth, seeing a health professional closer to the community improves satisfaction, with patients seeing a community-psychiatric nurse, a social worker or a mental-health support worker being more satisfied. Finally, our study identifies the need for service integration, with patients experiencing financial, accommodation, or physical health needs being less satisfied. At a provider level, we find a negative association between the percentage of occupied beds and satisfaction. We further identify significant provider-specific effects after accounting for observable differences in patient and provider characteristics which suggests significant differences in provider quality of care

A Multilevel Meta‑Analysis

Insecure attachment to primary caregivers is associated with the development of depression symptoms in children and youth. This association has been shown by individual studies testing the relation between attachment and depression and by meta-analyses focusing on broad internalizing problems instead of depression or adult samples only. We therefore meta-analytically examined the associations between attachment security and depression in children and adolescents, using a multilevel approach. In total, 643 effect sizes were extracted from 123 independent samples. A significant moderate overall effect size was found (r = .31), indicating that insecure attachment to primary caregivers is associated with depression. Multivariate analysis of the significant moderators that impacted on the strength of the association between attachment security and depression showed that country of the study, study design, gender, the type of attachment, and the type of instrument to assess attachment uniquely contributed to the explanation of variance. This study suggests that insecure attachment may be a predictor of the development of depression in children and adolescents. When treating depression in children, attachment should therefore be addressed

Authorization and access control of application data in Workflow systems

Workflow Management Systems (WfMSs) are used to support the modeling and coordinated execution of business processes within an organization or across organizational boundaries. Although some research efforts have addressed requirements for authorization and access control for workflow systems, little attention has been paid to the requirements as they apply to application data accessed or managed by WfMSs. In this paper, we discuss key access control requirements for application data in workflow applications using examples from the healthcare domain, introduce a classification of application data used in workflow systems by analyzing their sources, and then propose a comprehensive data authorization and access control mechanism for WfMSs. This involves four aspects: role, task, process instance-based user group, and data content. For implementation, a predicate-based access control method is used. We believe that the proposed model is applicable to workflow applications and WfMSs with diverse access control requirements

An object-oriented approach to security policies and their access controls for database management

The constructs of the object-oriented data model seem to be good candidates for the specifications of the need-to-know and multilevel security policies and their respective access control requirements. This report demonstrates such specifications. The implication of this demonstration may be profound, since for the first time multiple security policies and their respective access controls may be realized and supported in a single object- oriented database management systemhttp://archive.org/details/objectorientedap00hsiaN

The Complete MLSK Model—incorporation of lattice operations and XML implementation

Many multilevel security relational models have been proposed and different models offer different advantages. In this paper, we adapt and refine some of the best ideas from these models and add new ones of own to extend our Multilevel Security with Key-polyinstantiation (MLSK) relational model. MLSK now supports relational algebra and user lattice manipulations while ensuring that the soundness, completeness and security that it originally guaranteed are not compromised. We also implement MLSK in a non-relational scenario, thereby demonstrating the extensibility of the model to other environments