In the healthcare domain, protecting the electronic
health record (EHR) is crucial for preserving the privacy of the patient. To
help protect the sensitive data, access control mechanisms can be utilized to
restrict access to only legitimate users. However, an issue arises when the
authorized users abuse their access privileges and violate privacy preferences
of the patients. While traditional access control schemes fall short of
defending against the misbehavior of authorized users, risk-aware access
control models can provide adaptable access to the system resources based on
assessing the risk of an access request. When an access request is deemed
risky, but within acceptable thresholds, risk mitigation strategies can be
exploited to minimize the risk calculated. This paper proposes a risk-aware,
privacy-preserving risk mitigation approach that can be utilized in the
healthcare domain. The risk mitigation approach controls the patient’s medical
data that can be exposed to healthcare professionals, according to their trust
level as well as the risk incurred of such data exposure, by developing a novel
Risk Measure formula. The developed Risk Measure is proven to manage the risk
effectively. Furthermore, Risk Mitigation Data Disclosure algorithms, RIMIDI0 and RIMIDI1, which utilize the
developed risk measures, are proposed. Experimental results show the
feasibility and effectiveness of the proposed method in preserving the privacy
preferences of the patient. Since the proposed approach exposes the patient’s
data that are relevant to the undergoing medical procedure while preserving the
privacy preferences, positive outcomes can be realized, which will ultimately
bring forth quality healthcare services.
References
[1]
Ambinder, E.P. (2005) Electronic Health Records. Journal of Oncology Practice, 1, 57. https://doi.org/10.1200/jop.2005.1.2.57
[2]
Rindfleisch, T.C. (1997) Privacy, Information Technology, and Health Care. Communications of the ACM, 40, 92-100. https://doi.org/10.1145/257874.257896
[3]
(1996) Health Insurance Portability and Accountability Act of 1996. 104-191.
[4]
Yang, J.-J., Li, J.-Q. and Niu, Y. (2015) A Hybrid Solution for Privacy Preserving Medical Data Sharing in the Cloud Environment. Future Generation Computer Systems, 43, 74-86. https://doi.org/10.1016/j.future.2014.06.004
[5]
Sweeney, L. (2002) k-Anonymity: A Model for Protecting Privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10, 557-570.
https://doi.org/10.1142/S0218488502001648
[6]
Stallings, W. and Brown, L. (2014) Computer Security: Principles and Practice. Pearson Education, The United State of America.
[7]
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R. and Chandramouli, R. (2001) Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security (TISSEC), 4, 224-274.
https://doi.org/10.1145/501978.501980
Sandhu, R., Ferraiolo, D. and Kuhn, R. (2000) The NIST Model for Role-Based Access Control: Towards a Unified Standard. In ACM Workshop on Role-Based Access Control, 47-63.
[10]
Hu, V.C., Ferraiolo, D., Kuhn, R., Friedman, A.R., Lang, A.J., Cogdell, M.M., Schnitzer, A., Sandlin, K., Miller, R. and Scarfone, K. (2013) Guide to Attribute Based Access Control (ABAC) Definition and Considerations (Draft). NIST Special Publication, 800, 162.
[11]
Wang, Q. and Jin, H. (2011) Quantified Risk-Adaptive Access Control for Patient Privacy Protection in Health Information Systems. Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, Hong Kong, 22-24 March 2011, 406-410. https://doi.org/10.1145/1966913.1966969
[12]
Josang, A., Ismail, R. and Boyd, C. (2007) A Survey of Trust and Reputation Systems for Online Service Provision. Decision Support Systems, 43, 618-644.
https://doi.org/10.1016/j.dss.2005.05.019
[13]
Kandala, S., Sandhu, R. and Bhamidipati, V. (2011) An Attribute Based Framework for Risk-Adaptive Access Control Models, Sixth International Conference on Availability, Reliability and Security (ARES), Vienna, 22-26 August 2011, 236-241.
https://doi.org/10.1109/ARES.2011.41
[14]
Stoneburner, G., Goguen, A.Y. and Feringa, A. (2002) Sp 800-30. Risk Management Guide for Information Technology Systems.
[15]
Chen, L. and Crampton, J. (2011) Risk-Aware Role-Based Access Control. In: Meadows, C. and Fernandez-Gago, C., Eds., Security and Trust Management, STM 2011. Lecture Notes in Computer Science, Vol. 7170, Springer, Berlin, Heidelberg, 140-156.
[16]
Dorri Nogoorani, S. and Jalili, R. (2016) TIRIAC. Future Generation Computer Systems, 55, 238-254. https://doi.org/10.1016/j.future.2015.03.003
[17]
Cheng, P.C., Rohatgi, P., Keser, C., Karger, P.A., Wagner, G.M. and Reninger, A.S. (2007) Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control. IEEE Symposium on Security and Privacy, Berkeley, CA, 20-23 May 2007, 222-230. https://doi.org/10.1109/SP.2007.21
[18]
Dimmock, N., Belokosztolszki, A., Eyers, D., Bacon, J. and Moody, K. (2004) Using Trust and Risk in Role-Based Access Control Policies. Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies, Yorktown Heights, New York, 2-4 June 2004, 156-162. https://doi.org/10.1145/990036.990062
[19]
Ni, Q., Bertino, E. and Lobo, J. (2010) Risk-Based Access Control Systems Built on Fuzzy Inferences. Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, Beijing, 13-16 April 2010, 250-260.
[20]
Shaikh, R.A., Adi, K. and Logrippo, L. (2012) Dynamic Risk-Based Decision Methods for Access Control Systems. Computers & Security, 31, 447-464.
[21]
Burnett, C., Chen, L., Edwards, P. and Norman, T.J. (2014) TRAAC: Trust and Risk Aware Access Control. Twelfth Annual International Conference on Privacy, Security and Trust (PST), Toronto, 23-24 July 2014, 371-378.
https://doi.org/10.1109/PST.2014.6890962
[22]
Pontual, M., Chowdhury, O., Winsborough, W.H., Yu, T. and Irwin, K. (2011) On the Management of User Obligations. Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, Innsbruck, 15-17 June 2011, 175-184.
https://doi.org/10.1145/1998441.1998473
[23]
Díaz-López, D., Dólera-Tormo, G., Gómez-Mármol, F. and Martínez-Pérez, G. (2016) Dynamic Counter-Measures for Risk-Based Access Control Systems: An Evolutive Approach. Future Generation Computer Systems, 55, 321-335.
https://doi.org/10.1016/j.future.2014.10.012
[24]
Taneja, H. and Singh, A.K. (2015) Preserving Privacy of Patients Based on Re-Identification Risk. Procedia Computer Science, 70, 448-454.
https://doi.org/10.1016/j.procs.2015.10.073
[25]
Armando, A., Bezzi, M., Metoui, N. and Sabetta, A. (2015) Risk-Aware Information Disclosure. In: Garcia-Alfaro, J., et al., Eds., Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance, Lecture Notes in Computer Science, Vol. 8872, Springer, Berlin, Heidelberg, 266-276.
[26]
WHO. (2017) International Classification of Diseases.
http://www.who.int/classifications/icd/en/
[27]
Stine, K.M., Kissel, R., Barker, W.C., Lee, A., Fahlsing, J. and Gulick, J. (2008) SP 800-60 Rev. 1. Volume I: Guide for Mapping Types of Information and Information Systems to Security Categories; Volume II: Appendices to Guide for Mapping Types of Information and Information Systems to Security Categories.
[28]
Hypertension and Cardiovascular Disease.
http://www.world-heart-federation.org/cardiovascular-health/cardiovascular-disease-risk- factors/hypertension/
[29]
Wang, Q. and Jin, H. (2012) An Analytical Solution for Consent Management in Patient Privacy Preservation. Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium, Miami, FL, 28-30 January 2012, 573-582.
https://doi.org/10.1145/2110363.2110427
[30]
Smari, W.W., Clemente, P. and Lalande, J.-F. (2014) An Extended Attribute Based Access Control Model with Trust and Privacy: Application to a Collaborative Crisis Management System. Future Generation Computer Systems, 31, 147-168.
https://doi.org/10.1016/j.future.2013.05.010
[31]
J. P. Office. (2004) Horizontal Integration: Broader Access Models for Realizing Information Dominance. MITRE Corporation Technical Report JSR-04-132.
[32]
McGraw, R. (2009) Risk-Adaptable Access Control (radac). Privilege (Access) Management Workshop. NIST, National Institute of Standards and Technology, Information Technology Laboratory.
[33]
Zhang, L., Brodsky, A. and Jajodia, S. (2006) Toward Information Sharing: Benefit and Risk Access Control (BARAC). Seventh IEEE International Workshop on Policies for Distributed Systems and Networks, London, 5-7 June 2006, 9-53.
https://doi.org/10.1109/POLICY.2006.36
[34]
Molloy, I., Cheng, P.-C. and Rohatgi, P. (2009) Trading in Risk: Using Markets to Improve Access Control. Proceedings of the 2008 Workshop on New Security Paradigms, Lake Tahoe, CA, 22-25 September 2008, 107-125.
[35]
Crossley, M.L. (2000) The Desk Reference of Statistical Quality Methods. ASQ Quality Press, Milwaukee, Wisconsin.
[36]
Zhou, L., Varadharajan, V. and Hitchens, M. (2015) Trust Enhanced Cryptographic Role-Based Access Control for Secure Cloud Data Storage. IEEE Transactions on Information Forensics and Security, 10, 2381-2395.
https://doi.org/10.1109/TIFS.2015.2455952
[37]
Kamwan, C. and Senivongse, T. (2016) Risk of Privacy Loss Assessment of Cloud Storage Services. 18th International Conference on Advanced Communication Technology (ICACT), Pyeong Chang, 31 January-3 February 2016, 105-111.
[38]
Khambhammettu, H., Boulares, S., Adi, K. and Logrippo, L. (2013) A Framework for Risk Assessment in Access Control Systems. Computers & Security, 39, 86-103.
[39]
Crampton, J. and Morisset, C. (2010) An Auto-Delegation Mechanism for Access Control Systems. In: Cuellar, J., Lopez, J., Barthe, G. and Pretschner, A., Eds., Security and Trust Management, STM 2010. Lecture Notes in Computer Science, Vol. 6710, Springer, Berlin, Heidelberg, 1-16.
[40]
Krautsevich, L., Martinelli, F., Morisset, C. and Yautsiukhin, A. (2012) Risk-Based Auto-Delegation for Probabilistic Availability. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N. and de Capitani di Vimercati, S., Eds., Data Privacy Management and Autonomous Spontaneous Security, Lecture Notes in Computer Science, Vol. 7122, Springer, Berlin, Heidelberg, 206-220.
[41]
Ardagna, C.A., De Capitani di Vimercati, S., Foresti, S., Paraboschi, S. and Samarati, P. (2012) Minimising Disclosure of Client Information in Credential-Based Interactions. International Journal of Information Privacy, Security and Integrity, 1, 205-233.
[42]
Anciaux, N., Nguyen, B. and Vazirgiannis, M. (2011) Miminum Exposure in Classification Scenarios. INRIA Research Report, 2012.
http://www-smis.inria.fr/~anciaux/MinExp/
[43]
Ferson, S., Kreinovich, V., Hajagos, J., Oberkampf, W. and Ginzburg, L. (2007) Experimental Uncertainty Estimation and Statistics for Data Having Interval Uncertainty. Sandia National Laboratories, Report SAND2007-0939, 162.
[44]
Hogg, R., Craig, A. and McKean, J. (2005) Introduction to Mathematical Statistics. Prentice Hall, Upper Saddle River, New Jersey.
[45]
Artzner, P., Delbaen, F., Eber, J.M. and Heath, D. (1999) Coherent Measures of Risk. Mathematical Finance, 9, 203-228. https://doi.org/10.1111/1467-9965.00068
[46]
Cormen, T.H. (1993) Introduction to Algorithms. MIT Press, MIT Press, Cambridge, MA.
