Trusted Interoperation of Healthcare Information
Filling a Gap in Security Practice
Protecting Collaboration
A Security Mediator for Healthcare Information
Security Mediators 1. for Healthcare Information 2. for Secure Collaboration
Overview
:
Dominant approach
Remaing Issue: Assuring Secure Collaboration
Simple View of Protection: Prohibit access .
Collaboration Needs:
The Gap: Assumption that Acess right = Retrievable data
False Assumption
Acess Patterns versus Data:
Access Rights/Needs Overlap
Expected Problems
Filling the Gap
Model: Interoperating Domains
Overall Schematic
Security Mediator
Agents and Privacy
Security Officer
Security officer screen
PPT Slide
Patient Screen
part of Patient result
Software Components
Primitives
Primitives for Content Check
Creating Wordlists
Roles
Rule system
Primitives get data for Rules
Participants in Setting Rules
Security Officer Functions
Disallowed result
Security officer reaction
Rules implement policy
Coverage of Access Paths
A mediator is not just static software
Security Mediator Benefits
TIHI Summary
Backup slides
Application of Rules
General mediation approach: isolate value-added processing
Rules for Security Mediators
Rule Processing
The Rule Language
The Rule Language - Features...
Rule Type Examples
Rules... (continued)
Security Table Definition
Security Table Definition... (continued)
Rule application - Overview
Implementation
Implementation... (continued)
System Operations
Email: gio@cs.stanford.edu
Home Page: www--db.stanford.edu/people/gio.html
Other information: for my web pages