Trust based access control model for securing electronic healthcare system

Abstract

An important issue in the Cloud-Based Electronic Healthcare System (CBEHS) is to protect the sensitive data and resources from the untrusted user. Enforcing the protection in the CBEHS, the access control model plays an important role. Access control is a security mechanism that checks every request of the data to identify the legitimate user. The access request will be granted or denied with the help of preconfigured access control policies. Although, in the previous years, many access control methods, techniques, and models have been proposed, but due to changing user’s behavior and security requirements in the CBEHS, the models suffer from several attacks and threats like Sybil attacks, collusion attack, insider attack, service hijacking, misuse of health data, and impersonation attack, etc. Due to this type of attack, the healthcare data and resources become more vulnerable. In this paper, we have proposed an access control model which is based on the trustworthiness of the requested user. This Trust-Based Access Control Model for Healthcare System (TBACMHS) framework composed of the trust mechanism, trust model, and access control policies which enhance the accuracy and efficiency of the system. This access control framework will ensure the only trusted and authorized user can access the data and resources. The detail design and presentation of the model show that the accuracy and efficiency of the CBEHS are more as compared to other trust models.