A purpose based usage access control model for e-healthcare services

Abstract

Information privacy becomes a major concern for customers to provide their private data that can promote future business service, especially in E-healthcare services. E-healthcare is the use of web-based systems to share and deliver information across the Internet that is easy to disclose private data provided by customers. The private data has to be protected through proper authorization and access control models for e-Health systems in a large health organization. Usage access control is considered as the next generation access control model with distinguishing properties of decision continuity. It has been proven efficient to improve security administration with flexible authorization management. Usage control enables finer-grained control over usage of digital objects that offers a better access control to private information in E-healthcare systems. In this paper, we design a comprehensive usage access control approach with purpose extension to tackle such private data protection in E-healthcare services.