Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 2 of 2
Full-Text Articles in Engineering
Identity Management To Support Access Control In E-Health Systems, Xu Chen, Damon Berry, William Grimson
Identity Management To Support Access Control In E-Health Systems, Xu Chen, Damon Berry, William Grimson
Conference Papers
The related and often challenging topics of identity management and access control form an essential foundation for e-health infrastructure. Several approaches and supporting specifications for electronic healthcare record system (EHR-S) communication have been proposed by research projects and standards development organizations in recent years. For instance, part four of the CEN TC251 EN13606 EHRcom standard and the HL7 Role Based Access Control Draft Standard for Trial Use have helped to specify the nature of access control behaviour in relation to EHR communication within and between healthcare organisations. Access control services are a core component not only of the integrated care …
Escudo: A Fine-Grained Protection Model For Web Browsers, Karthick Jayaraman, Wenliang Du, Balamurugan Rajagopalan, Steve J. Chapin
Escudo: A Fine-Grained Protection Model For Web Browsers, Karthick Jayaraman, Wenliang Du, Balamurugan Rajagopalan, Steve J. Chapin
Electrical Engineering and Computer Science - All Scholarship
Web applications are no longer simple hyperlinked documents. They have progressively evolved to become highly complex---web pages combine content from several sources (with varying levels of trustworthiness), and incorporate significant portions of client-side code. However, the prevailing web protection model, the same-origin policy, has not adequately evolved to manage the security consequences of this additional complexity. As a result, web applications have become attractive targets of exploitation. We argue that this disconnection between the protection needs of modern web applications and the protection models used by web browsers that manage those applications amounts to a failure of access control. In …