面向医疗大数据的风险自适应的访问控制模型

doi:10.11959/j.issn.1000-436x.2015328

Abstract

Abstract:

While dealing with the big data in healthcare,it was difficult for a policy maker to foresee what information a doctor may need,even to make an accurate access control policy.To deal with it,a risk-based access control model that regulates doctors’ access rights adaptively was proposed to protect patient privacy.This model analyzed the history of access,applies the EM algorithm and the information entropy technique to quantify the risk of privacy violation.Using the quantified risk,the model can detect and control the over-accessing and exceptional accessing of patients’ data.Experimental results show that this model is effective and more accurate than other models.

Key words: risk-based access control, big data, privacy, adaptive

Zhen HUI,Hao LI,Min ZHANG,Deng-guo FENG. Risk-adaptive access control model for big data in healthcare[J]. Journal on Communications, 2015, 36(12): 190-199.

Figures/Tables 7

References 23

[1]	.[EB/OL].
[2]	.[EB/OL].
[3]	.[EB/OL].
[4]	.[EB/OL].
[5]	SANDHU R . The future of access control:attributes,automation,and adaptation[A]. Computational Intelligence,Cyber Security and Computational Models[C]. 2014. 45-45.
[6]	冯登国, 张敏, 李昊 . 大数据安全与隐私保护[J]. 计算机学报, 2014,37(1): 246-258. FENG D G , ZHANG M , LI H . Big data security and privacy protection[J]. Chinese Journal of Computers, 2014,37(1): 246-258.
[7]	SANDHU R , PIERANGELA S . Access control:principle and practice[J]. Communications Magazine, 1994,32(9): 40-48.
[8]	GRAHAM G S , DENNING P J . Protection:principles and practice[A]. Proceedings of the Conference[C]. ACM, 1972. 417-429.
[9]	HARRISON M A , RUZZO W L , ULLMANJ D . Protection in operating systems[J]. Communications of the ACM, 1976,19(8): 461-471.
[10]	SANDHU R , COYNE E , FEINSTEIN H ,et al. Role-based access control models[J]. Computer, 1996,29(2): 38-47.
[11]	JASONPROGRAMOFFICE . Horizontal Integration:Broader Access Models for Realizing Information Dominance[R]. The MITRE Corporation 2004.
[12]	WANG Q , JIN H . Quantified risk-adaptive access control for patient privacy protection in health information systems[A]. Proceedings of the 6th ACM Symposium on Information,Computer and Communications Security[C]. ACM, 2011. 406-410.
[13]	CHENG P C , ROHATGI P , KESER C ,et al. Fuzzy multi-level security:an experiment on quantified risk-adaptive access control[A]. IEEE Symposium on Security and Privacy(SP '07)[C]. IEEE, 2007. 222-230.
[14]	NI Q , BERINNO E , LOBO J . Risk-based access control systems built on fuzzy inferences[A]. In Proceedings of the 5th ACM Symposium on Information,Computer and Communications Security[C].ACM. 2010. 250-260.
[15]	NISSANK N , KHAYAT E J . Risk based security analysis of permissons in RBAC[A]. Proceedings of the 2nd International Workshop on Security in Information Systems,2004[C]. IEEE, 2004. 332-341.
[16]	CELIKEL E , KANTARCIOGLU M , THURAISINGHAM B M ,et al. A risk management approach to RBAC[J]. Risk and Decision Analysis, 2009,1(1): 21-33.
[17]	CHEN L , JASON C . Risk-aware role-based access control[A]. Security and Trust Management[C]. Springer Berlin Heidelberg, 2012. 140-156.
[18]	BIJON K Z , KRISHNAN R , SANDHU R . A framework for risk-aware role based access control[A]. Proceedings of the 6th Symposium on Security Analytics and Automation 2013[C]. IEEE, 2013. 462-469.
[19]	MCGRAW R . Risk-adaptable access control RADAC[R]. Privilege (Access) Management Workshop, 2009.
[20]	SANTOS D R , WESTPHALL C M , WESTPHALL C B . A dynamic risk-based access control architecture for cloud computing[A]. IEEE Network Operations ＆ Management Symposium[C]. IEEE, 2014. 1-9.
[21]	谢文冲, 杨英杰, 汪永伟 ,等. 基于风险的访问控制操作需求计算方法研究[J]. 计算机工程与设计, 2013,34(7): 2281-2285. XIE W C , YANG Y J , WANG Y W ,et al. Research on computing method of operational need in risk-based access control[J]. Computer Engineering and Design, 2013,34(7): 2281-2285.
[22]	王超, 陈性元 . 基于加权熵的访问控制策略安全性分析研究[J]. 电子学报, 2013,41(1): 47-51. WANG C , CHEN X Y . An approach for security analysis to access control policy based on entropy-weigh[J]. Acta Electronica Sinica, 2013,41(1): 47-51.
[23]	DEMPSTER A P , LAIRD N M , RUBIN D B . Maximum likelihood from incomplete data via the EM algorithm[J]. Journal of the Royal Statistical Society,Series B (Methodological), 1977: 1-38.

Metrics

Recommended 0

No Suggested Reading articles found!

访问数目	K		准确率@K			召回率@K			F1分数@K
访问数目	K	本文		WANG	本文		WANG	本文		WANG
	10	1.00		1.00	0.17		0.17	0.29		0.29
	20	1.00		0.95	0.33		0.32	0.50		0.47
5	30	0.97		0.88	0.33		0.32	0.64		0.59
	40	0.93		0.80	0.62		0.53	0.72		0.64
	50	0.88		0.78	0.73		0.65	0.80		0.67
	10	1.00		1.00	0.17		0.17	0.29		0.29
	20	1.00		1.00	0.33		0.33	0.50		0.50
10	30	1.00		0.97	0.50		0.48	0.67		0.64
	40	1.00		0.78	0.67		0.52	0.80		0.62
	50	0.96		0.74	0.80		0.62	0.87		0.67
	10	1.00		1.00	0.17		0.17	0.29		0.29
	20	1.00		1.00	0.33		0.33	0.50		0.50
15	30	1.00		0.97	0.50		0.48	0.67		0.64
	40	1.00		0.88	0.67		0.59	0.80		0.70
	50	0.94		0.76	0.78		0.63	0.85		0.69
	10	1.00		1.00	0.17		0.17	0.29		0.29
	20	1.00		1.00	0.33		0.33	0.50		0.50
20	30	1.00		0.93	0.50		0.47	0.67		0.62
	40	1.00		0.85	0.67		0.57	0.80		0.68
	50	0.96		0.80	0.80		0.67	0.87		0.72

比例	K	准确率@K		召回率@K		F1分数@K
比例	K	本文	WANG	本文	WANG	本文	WANG
	10	0.70	0.70	0.12	0.12	0.20	0.20
	20	0.65	0.65	0.22	0.21	0.33	0.33
2%	30	0.67	0.63	0.33	0.32	0.44	0.42
	40	0.63	0.60	0.42	0.40	0.50	0.58
	50	0.54	0.52	0.45	0.43	0.49	0.47
	10	1.00	1.00	0.17	0.17	0.29	0.29
	20	1.00	0.95	0.33	0.32	0.50	0.48
4%	30	0.97	0.87	0.48	0.44	0.64	0.58
	40	0.93	0.72	0.62	0.48	0.74	0.58
	50	0.84	0.72	0.70	0.60	0.76	0.65
	10	1.00	1.00	0.17	0.17	0.29	0.29
	20	1.00	1.00	0.33	0.33	0.50	0.50
6%	30	1.00	0.97	0.50	0.49	0.67	0.65
	40	1.00	0.92	0.67	0.61	0.80	0.74
	50	1.00	0.90	0.83	0.75	0.90	0.81
	10	1.00	1.00	0.17	0.17	0.29	0.29
	20	1.00	1.00	0.33	0.33	0.50	0.50
8%	30	1.00	1.00	0.50	0.50	0.67	0.67
	40	1.00	0.98	0.67	0.65	0.80	0.78
	50	1.00	0.92	0.83	0.77	0.90	0.84
	10	1.00	1.00	0.17	0.17	0.29	0.29
	20	1.00	1.00	0.33	0.33	0.50	0.50
10%	30	1.00	1.00	0.50	0.50	0.67	0.67
	40	1.00	0.98	0.67	0.65	0.80	0.78
	50	1.00	0.92	0.83	0.77	0.90	0.84

Risk-adaptive access control model for big data in healthcare

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 23

Related Articles 15

Metrics

Recommended 0

[1]	Xindi MA, Qinghua LI, Qi JIANG, Zhuo MA, Sheng GAO, Youliang TIAN, Jianfeng MA. Byzantine-robust federated learning over Non-IID data [J]. Journal on Communications, 2023, 44(6): 138-153.
[2]	Peijie YIN, Fenghua LI, Ben NIU, Haiyang LUO, Bin KUANG, Lingcui ZHANG. Fine-grained privacy operation control method for layout documents [J]. Journal on Communications, 2023, 44(5): 94-109.
[3]	Shengxing YU, Zekai CHEN, Zhong CHEN, Ximeng LIU. DAGUARD: distributed backdoor attack defense scheme under federated learning [J]. Journal on Communications, 2023, 44(5): 110-122.
[4]	Jiale ZHANG, Chengcheng ZHU, Xiaobing SUN, Bing CHEN. Membership inference attack and defense method in federated learning based on GAN [J]. Journal on Communications, 2023, 44(5): 193-205.
[5]	Tao FENG, Liqiu CHEN, Junli FANG, Jianming SHI. Blockchain data sharing scheme based on localized difference privacy and attribute-based searchable encryption [J]. Journal on Communications, 2023, 44(5): 224-233.
[6]	Yingjie XIA, Siyu ZHU, Xuejiao LIU. Research on efficient cross trust-domain group authentication with conditional privacy of vehicle platoon under blockchian architecture [J]. Journal on Communications, 2023, 44(4): 111-123.
[7]	Baiji HU, Xiaojuan ZHANG, Yuancheng LI, Rongxin LAI. Multi-function supported privacy protection data aggregation scheme for V2G network [J]. Journal on Communications, 2023, 44(4): 187-200.
[8]	Ming XU, Baojun ZHANG, Yiming WU, Chenduo YING, Ning ZHENG. Cyber attacks and privacy protection distributed consensus algorithm for multi-agent systems [J]. Journal on Communications, 2023, 44(3): 117-127.
[9]	Wei CUI, Ying YU, Haixia YU, Chao CHEN, Yunpeng LI. Sparse channel fast reconstruction algorithm for OFDM system based on IOC-CSMP [J]. Journal on Communications, 2023, 44(2): 52-58.
[10]	Shufen ZHANG, Yanling DONG, Jingcheng XU, Haoshi WANG. AdaBoost algorithm based on target perturbation [J]. Journal on Communications, 2023, 44(2): 198-209.
[11]	Xiaoyun WANG, Xiaozhou ZHANG, Liang MA, Yajuan WANG, Mengting LOU, Tao JIANG, Jing JIN, Qixing WANG, Guangyi LIU. Research and optimization on the sensing algorithm for 6G integrated sensing and communication network [J]. Journal on Communications, 2023, 44(2): 219-230.
[12]	Shengxing YU, Zhong CHEN. Efficient secure federated learning aggregation framework based on homomorphic encryption [J]. Journal on Communications, 2023, 44(1): 14-28.
[13]	Lingtao TANG, Di WANG, Shengyun LIU. Data augmentation scheme for federated learning with non-IID data [J]. Journal on Communications, 2023, 44(1): 164-176.
[14]	Zheng YANG, Yun ZHENG, Yuehao YU, Yi WU, Zhicheng DONG, Song XING. Performance analysis for cooperative NOMA networks based SWIPT with adaptive power splitting [J]. Journal on Communications, 2023, 44(1): 177-188.
[15]	Wei JIN, Fenghua LI, Mingjie YU, Yunchuan GUO, Ziyan ZHOU, Liang FANG. HDFS-oriented cryptographic key resource control mechanism [J]. Journal on Communications, 2022, 43(9): 27-41.