SecFHIR: A Security Specification Model for Fast Healthcare Interoperability Resources
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2016, Vol 7, Issue 6
Abstract
Patients taking medical treatment in distinct healthcare institutions have their information deeply fragmented between very different locations. All this information --- probably with different formats --- may be used or exchanged to deliver professional healthcare services. As the exchange of information/ interoperability is a key requirement for the success of healthcare process, various predefined e-health standards have been developed. Such standards are designed to facilitate information interoperability in common formats. Fast Healthcare Interoperability Resources (FHIR) is a newly open healthcare data standard that aims to providing electronic healthcare interoperability. FHIR was coined in 2014 to address limitations caused by the ad-hoc implementation and the distributed nature of modern medical care information systems. Patient’s data or resources are structured and standard in FHIR through a highly readable format such as XML or JSON. However, despite the unique features of FHIR, it is not a security protocol, nor does it provide any security-related functionality. In this paper, we propose a security specification model (SecFHIR) to support the development of intuitive policy schemes that are mapping directly to the healthcare environment. The formal semantics for SecFHIR are based on the well-established typing and the independent platform properties of XML. Specifically, patients’ data are modeled in FHIR using XML documents. In our model, we assume that these XML resources are defined by a set of schemes. Since XML Schema is a well-formed XML document, the permission specification can be easily integrated to the schema itself, then the specified permissions are applied to instance objects without any change. In other words, our security model (SecFHIR) defines permissions on XML schemes level, which implicitly specify the permissions on XML resources. Using these schemes, SecFHIR can combine them to support complex constraints over XML resources. This will result in reusable permissions, which efficiently simplify the security administration and achieve fine-grained access control. We also discuss the core elements of the proposed model, as well as the integration with the FHIR framework.
Authors and Affiliations
Ahmad Altamimi
Keywords
Related Articles
- EP ID EP138767
- DOI 10.14569/IJACSA.2016.070645
- Views 95
- Downloads 0
Analysis of Security Requirements Engineering: Towards a Comprehensive Approach
Software’s security depends greatly on how a system was designed, so it’s very important to capture security requirements at the requirements engineering phase. Previous research proposes different approaches, but each i...
Self Adaptable Deployment for Heterogeneous Wireless Sensor Network
Wireless Sensor Networks (WSN) is becoming a crucial component of most of the fields of engineering. Heterogeneous WSN (HWSN) is characterized by wireless sensor nodes having link (communication), computation or energy h...
ICT for Education
This paper presents the modeling, design and implementation of a learning platform in Cameroon. This platform contains structured knowledge acquisition modules as well as teaching, learning and assessment modules t...
Missing Data Imputation using Genetic Algorithm for Supervised Learning
Data is an important asset for any organization to successfully run its business. When we collect data, it contains data with low qualities such as noise, incomplete, missing values etc. If the quality of data is low the...
Reconfigurable Efficient Design of Viterbi Decoder for Wireless Communication Systems
Viterbi Decoders are employed in digital wireless communication systems to decode the convolution codes which are the forward correction codes. These decoders are quite complex and dissipate large amount of power. With t...