SecFHIR: A Security Specification Model for Fast Healthcare Interoperability Resources

Abstract

Patients taking medical treatment in distinct healthcare institutions have their information deeply fragmented between very different locations. All this information --- probably with different formats --- may be used or exchanged to deliver professional healthcare services. As the exchange of information/ interoperability is a key requirement for the success of healthcare process, various predefined e-health standards have been developed. Such standards are designed to facilitate information interoperability in common formats. Fast Healthcare Interoperability Resources (FHIR) is a newly open healthcare data standard that aims to providing electronic healthcare interoperability. FHIR was coined in 2014 to address limitations caused by the ad-hoc implementation and the distributed nature of modern medical care information systems. Patient’s data or resources are structured and standard in FHIR through a highly readable format such as XML or JSON. However, despite the unique features of FHIR, it is not a security protocol, nor does it provide any security-related functionality. In this paper, we propose a security specification model (SecFHIR) to support the development of intuitive policy schemes that are mapping directly to the healthcare environment. The formal semantics for SecFHIR are based on the well-established typing and the independent platform properties of XML. Specifically, patients’ data are modeled in FHIR using XML documents. In our model, we assume that these XML resources are defined by a set of schemes. Since XML Schema is a well-formed XML document, the permission specification can be easily integrated to the schema itself, then the specified permissions are applied to instance objects without any change. In other words, our security model (SecFHIR) defines permissions on XML schemes level, which implicitly specify the permissions on XML resources. Using these schemes, SecFHIR can combine them to support complex constraints over XML resources. This will result in reusable permissions, which efficiently simplify the security administration and achieve fine-grained access control. We also discuss the core elements of the proposed model, as well as the integration with the FHIR framework.

Authors and Affiliations

Ahmad Altamimi

Keywords

Related Articles

Methods of Isolation for Application Traces Using Virtual Machines and Shadow Copies

To improve the user's experience, almost all applications save usage data: web browsers save history and cookies, chat programs save message archives and so on. However, this data can be confidential and may compromise t...

The Solution Structure and Error Estimation for The Generalized Linear Complementarity Problem

In this paper, we consider the generalized linear complementarity problem (GLCP). Firstly, we develop some equivalent reformulations of the problem under milder conditions, and then characterize the solution of the GLCP....

Development of Rest Facility Information Exchange System by Utilizing Delay Tolerant Network

In this paper, we propose temporary rest facilities information exchange system among many people unable to get home by utilizing Delay Tolerant Network (DTN) after a disaster. When public transportation services are int...

Analytical and Numerical Study of the Onset of Electroconvection in a Dielectric Nanofluid Saturated a Rotating Darcy Porous Medium

The simultaneous effect of rotation and a vertical AC electric field on the onset of electroconvection in a horizontal dielectric nanofluid layer saturated a Darcy porous medium is investigated. The boundaries of the die...

Novel Intra-Prediction Framework for H.264 Video Compression using Decision and Prediction Mode

With the increasing usage of multimedia contents and advancement of the communication devices (along with services), there is a heavy demand of an effective multimedia compression protocol. In this regards, H.264 has bee...

Download PDF file
  • EP ID EP138767
  • DOI 10.14569/IJACSA.2016.070645
  • Views 73
  • Downloads 0

How To Cite

Ahmad Altamimi (2016). SecFHIR: A Security Specification Model for Fast Healthcare Interoperability Resources. International Journal of Advanced Computer Science & Applications, 7(6), 350-355. https://europub.co.uk/articles/-A-138767