Abstract
This paper describes an application of authorization and access control based on the Role Based Access Control (RBAC) method and integrated in a comprehensive trust infrastructure of a health care application. The method is applied to a health care business process that involves multiple actors accessing data and resources needed for performing clinical and logistics tasks in the application. The notion of trust constituency is introduced as a concept for describing the context of authorisation. In addition, the applied RBAC covers time constraints, hierarchies and multi-level authorization rules for coping with the multi-actor nature and the complexity of the application domain. The DRIVE RBAC model clearly distinguishes between static role assignment to users and dynamic allocation of roles at session time. The paper, while focusing on the authorization and access control approach, also describes how the RBAC functions have been integrated in a trust infrastructure including smart cards.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
