Developing Trustworthy Database Systems for Medical Care includes about Security and Safety of Medical Care Environment; Access Control; Using Trust and Roles for Access Control; Classification Algorithm for Access Control to Detect Malicious Users. | Developing Trustworthy Database Systems for Medical Care This research is supported by CERIAS and NSF grants from ANIR & IIS. Security and Safety of Medical Care Environment Objectives Safety of patients Safety of hospital and clinic Security of medical databases Issues Medical care environments are vulnerable to malicious behavior, hostile settings, terrorism attacks, natural disasters, tampering Reliability, security, accuracy can affect timeliness and precision of information for patient monitoring Collaboration over networks among physicians/nurses, pharmacies, emergency personnel, law enforcement agencies, government and community leaders should be secure, private, reliable, consistent, correct and anonymous Security and Safety of Medical Care Environment – cont. Measures Number of incidents per day in patient room, ward, or hospital Non-emergency calls to nurses and doctors due to malfunctions, failures, or intrusions False fire alarms, smoke detectors, pagers activation Wrong information, data values, lost or delayed messages Timeliness, accuracy, precision Access Control From Yuhui a flaw Information System Auth. Users Other Users Access Control Mechanism Authorized Users Validated credentials AND Cooperative and legitimate behavior history Other Users Lack of required credentials OR Non-cooperative or malicious behavior history Approach: trust- and role-based access control cooperates with traditional Role-Based Access Control (RBAC) authorization based on evidence, trust, and roles (user profile analysis) Using Trust and Roles for Access Control users’ behaviors credential mgmt role-assignment policies specified by system administrators assigned roles credentials provided by third parties or retrieved from the internet role assignment evidence statement evidence statement, reliability evidence evaluation issuer’s trust user/issuer information database user’s trust trust information mgmt Architecture of TERM Server Component implemented Component . | Developing Trustworthy Database Systems for Medical Care This research is supported by CERIAS and NSF grants from ANIR & IIS. Security and Safety of Medical Care Environment Objectives Safety of patients Safety of hospital and clinic Security of medical databases Issues Medical care environments are vulnerable to malicious behavior, hostile settings, terrorism attacks, natural disasters, tampering Reliability, security, accuracy can affect timeliness and precision of information for patient monitoring Collaboration over networks among physicians/nurses, pharmacies, emergency personnel, law enforcement agencies, government and community leaders should be secure, private, reliable, consistent, correct and anonymous Security and Safety of Medical Care Environment – cont. Measures Number of incidents per day in patient room, ward, or hospital Non-emergency calls to nurses and doctors due to malfunctions, failures, or intrusions False fire alarms, smoke detectors, pagers activation Wrong
