Chandramouli, R.
(2001),
A Framework for Multiple Authorization Types in a Healthcare Application System, Computer Security Applications Conference
(Accessed April 19, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
A Framework for Multiple Authorization Types in a Healthcare Application System
Published
Author(s)
Abstract
In most of the current authorization frameworks in application systems, the authorization for a user operation is determined using a static database like ACL entries or system tables. These frameworks provide cannot provide the foundation for supporting multiple types of authorizations like Emergency Authorizations, Context-based Authorizations etc, which are required in many vertical market systems like healthcare application systems. In this paper we describe a dynamic authorization framework which supports multiple authorization types. We use the acronym DAFMAT (Dynamic Authorization Framework for Multiple Authorization Types) to refer to this framework. The DAFMAT framework uses a combination of Role-based Access Control (RBAC) and Dynamic Type Enforcement (DTE) augmented with a logic-driven authorization engine. The application of DAFMAT for evaluating and determining various types of authorization requests for the Admissions, Discharge and Transfer System (ADT) in a healthcare enterprise is described.Citation
Computer Security Applications Conference
Pub Type
Journals
Keywords
authorization engine, domain type enforcement, hybrid access control model, role-based access control
Citation
Created January 1, 2001, Updated February 17, 2017