Cerberus, an Access Control Scheme for Enforcing Least Privilege in Patient Cohort Study Platforms A Comprehensive Access Control Scheme Applied to the GENIDA Project - Study of Genetic Forms of Intellectual Disabilities and Autism Spectrum Disorders
Abstract
Cohort Study Platforms (CSP) are emerging as a key tool for collecting patient information, providing new research data, and supporting family and patient associations. However they pose new ethics and regulatory challenges since they cross the gap between patients and medical practitioners. One of the critical issues for CSP is to enforce a strict control on access privileges whilst allowing the users to take advantage of the breadth of the available data. We propose Cerberus, a new access control scheme spanning the whole life-cycle of access right management: design, implementation, deployment and maintenance, operations. Cerberus enables switching from a dual world, where CSP data can be accessed either from the users who entered it or fully de-identified, to an access-when-required world, where patients, practitioners and researchers can access focused medical data through explicit authorisation by the data owner. Efficient access control requires application-specific access rights, as well as the ability to restrict these rights when they are not used. Cerberus is implemented and evaluated in the context of the GENIDA project, an international CSP for Genetically determined Intellectual Disabilities and Autism Spectrum Disorders. As a result of this study, the software is made available for the community, and validated specifications for CSPs are given.
Más información
Título según WOS: | ID WOS:000422690300001 Not found in local WOS DB |
Título de la Revista: | JOURNAL OF MEDICAL SYSTEMS |
Volumen: | 42 |
Número: | 1 |
Editorial: | Springer |
Fecha de publicación: | 2018 |
DOI: |
10.1007/s10916-017-0844-y |
Notas: | ISI |