Since the early days of cloud computing the security of an environment which grants access rights only to authorized users was of prime importance. Even nowadays, a lot of users seem to be reluctant to store their personal data in the cloud, and specifically the data related to bank accounts and the health care domain. Our objective is to enhance the access control mechanisms that can be used in the healthcare domain for safeguarding the security and privacy of Electronic Health Record (EHR) systems. ASCLEPIOS considers two types of access control policies for enhancing security of EHR systems: Attribute-based Access Control (ABAC) and Attribute-based Encryption (ABE).
Access Control Policies in ASCLEPIOS
Contextual attributes are used by the ASCLEPIOS authorisation policies, i.e. policies with constraints based on the use of contextual attributes which facilitate decision making on granting or denying access to protected resources or access operations.
- In the case of ABAC, resources are protected by restricting attempts/requests to access or use them based on the characteristics (i.e. attributes) of the access requests as well as the resource. The characteristics of requests, resources and access operations can be dynamically-evolving contextual attributes.
- ABE enforces the protection of resources through encryption and authorizes access to them only when certain predetermined attributes are featured. These attributes (the required values) are defined in the form of an ABE policy. In ASCLEPIOS, ABE policies are used to derive a decryption key used to decipher the encryption/decryption symmetric key of a resource.
The ABAC and ABE layers, which are both based on policies, are combined in an innovative way and enforced following the process described in Figure 1, in order to satisfy the need for advanced access control for cloud persisted health data.
Figure 1. Data Authorization Process Combining ABAC and ABE Paradigms
A Multi-level Editor for Healthcare Access Control Mechanisms
The ASCLEPIOS Models Editor enhances the access control mechanisms that can be used in the healthcare domain, resulting in raising the security and privacy of EHR systems. Thus, a multi-level Editor is being developed, that provides tools concerning the creation and maintenance of a Context-Aware Security Model, as mentioned in our previous blogpost. Additionally, it provides all necessary design-time tools concerning the access control policies of ASCLEPIOS platform, following the ABAC and ABE methods which both rely on the use of attributes. The main components of the Editor’s architecture are:
- Context-Aware Security Model Editor: Provides the means for creating and maintaining Context-Aware Security Model.
- Attribute-Based Access Control Policies Editor: Provides a graphical interface for defining and modifying ABAC policies.
- Attribute-Based Encryption Policies Editor: Provides a graphical interface for defining and modifying ABE policies.
The ASCLEPIOS policies editing and lifecycle management services will provide all these mechanisms, and contribute to a holistic approach towards securing healthcare data.
Read our ASCLEPIOS architecture blogpost to find out how the Access Control Policies and Models Editor fits in the big picture of the ASCLEPIOS framework and stick around for upcoming blogposts with more ASCLEPIOS results!