Secondary use of data in EHR systems
@article{Yang2012SecondaryUO,
title={Secondary use of data in EHR systems},
author={Fan Yang and Chris Hankin and Flemming Nielson and Hanne Riis Nielson},
journal={ArXiv},
year={2012},
volume={abs/1201.4262}
}We show how to use aspect-oriented programming to separate security and trust issues from the logical design of mobile, distributed systems. The main challenge is how to enforce various types of security policies, in particular predictive access control policies policies based on the future behavior of a program. A novel feature of our approach is that advice is able to analyze the future use of data. We consider a number of different security policies, concerning both primary and secondary use…
2 Citations
Distributed security in closed distributed systems
- Computer Science
- 2012
An enforcement mechanism (EM), represented by the meta-variable em and belonging to the syntactic category EM, can be a Belnap combination of (simpler) EMs, using the binary operators ⊕,⊗,∧,∨, >, or ⇒L.
References
SHOWING 1-10 OF 88 REFERENCES
Advice from Belnap Policies
- Computer Science2009 22nd IEEE Computer Security Foundations Symposium
- 2009
This work adapts recent work on policy composition using Belnap Logic to provide a uniform treatment of conflicts and defines a modal logic to allow reasoning about the overall security policy.
Language-based information-flow security
- Computer ScienceIEEE J. Sel. Areas Commun.
- 2003
A structured view of research on information-flow security is given, particularly focusing on work that uses static program analysis to enforce information- flow policies, and some important open challenges are identified.
Weaving rewrite-based access control policies
- Computer ScienceFMSE '07
- 2007
This paper provides a systematic methodology to weave dynamic, formally specified policies on existing applications using aspect-oriented programming, allowing for an agile, modular, and precise way to specify and to ensure their formal properties.
Implementing a modular access control service to support application-specific policies in CaesarJ
- Computer ScienceAOMD '05
- 2005
The design and implementation of a modular access control service that improves the separation between application logic and access control and has been implemented in CaesarJ.
Using aspects to design a secure system
- Computer ScienceEighth IEEE International Conference on Engineering of Complex Computer Systems, 2002. Proceedings.
- 2002
It is illustrated how an aspect-oriented approach to modeling allows developers to encapsulate design concerns so that they can be woven into a design in a systematic and consistent manner.
Security Policy Enforcement in the OSGi Framework Using Aspect-Oriented Programming
- Computer Science2008 32nd Annual IEEE International Computer Software and Applications Conference
- 2008
This paper identifies classes of reference monitor-style policies that can be defined and enforced using AspectJ, a well-known aspect-oriented programming language and introduces and implements various levels of security states in Java to describe session level history versus global application level history.
Static Validation of Licence Conformance Policies
- Computer Science2008 Third International Conference on Availability, Reliability and Security
- 2008
This work shows how to develop a Flow Logic for validating the conformance of client software with respect to a licence conformance policy, and is sufficiently flexible that it extends to fully open systems that can admit new services on the fly.
Availability enforcement by obligations and aspects identification
- Computer ScienceFirst International Conference on Availability, Reliability and Security (ARES'06)
- 2006
This paper devise a new approach to design programs that enforce availability requirements based on a formal security model called Nomad which combines deontic and temporal logics and is based on aspect programming.
Role-Based Access Control Models
- Computer ScienceComputer
- 1996
Why RBAC is receiving renewed attention as a method of security administration and review is explained, a framework of four reference models developed to better understandRBAC is described, and the use of RBAC to manage itself is discussed.
A Language-Based Approach to Security
- Computer ScienceInformatics
- 2001
Progress and prospects for language-based security are surveyed, giving overviews of in-lined reference monitors, certifying compilers, and advances in type theory.