面对医疗大数据,策略制定者难以预测医生的访问需求,进而制定准确的访问控制策略。针对上述问题,提出一种基于风险的访问控制模型,能够适应性地调整医生 的访问能力,保护患者隐私。该模型通过分析医生的访问历史,使用信息熵和EM 算法量化医生侵犯隐私造成的风险。利用量化的风险,监测和控制对于医疗记录的过度访问以及特殊情况下的访问请求。实验结果表明,该模型是有效的,并且相比 于其他模型能更为准确地进行访问控制。While dealing with the big data in healthcare, it was difficult for a policy maker to foresee what information a doctor may need, even to make an accurate access control policy. To deal with it, a risk-based access control model that regulates doctors access rights adaptively was proposed to protect patient privacy. This model analyzed the history of access, applies the EM algorithm and the information entropy technique to quantify the risk of privacy violation. Using the quantified risk, the model can detect and control the over-accessing and exceptional accessing of patients data. Experimental results show that this model is effective and more accurate than other models
