• Corpus ID: 2703501

Secondary use of data in EHR systems

  title={Secondary use of data in EHR systems},
  author={Fan Yang and Chris Hankin and Flemming Nielson and Hanne Riis Nielson},
We show how to use aspect-oriented programming to separate security and trust issues from the logical design of mobile, distributed systems. The main challenge is how to enforce various types of security policies, in particular predictive access control policies policies based on the future behavior of a program. A novel feature of our approach is that advice is able to analyze the future use of data. We consider a number of different security policies, concerning both primary and secondary use… 
2 Citations

Tables from this paper

Distributed security in closed distributed systems

An enforcement mechanism (EM), represented by the meta-variable em and belonging to the syntactic category EM, can be a Belnap combination of (simpler) EMs, using the binary operators ⊕,⊗,∧,∨, >, or ⇒L.



Advice from Belnap Policies

This work adapts recent work on policy composition using Belnap Logic to provide a uniform treatment of conflicts and defines a modal logic to allow reasoning about the overall security policy.

Language-based information-flow security

A structured view of research on information-flow security is given, particularly focusing on work that uses static program analysis to enforce information- flow policies, and some important open challenges are identified.

Weaving rewrite-based access control policies

This paper provides a systematic methodology to weave dynamic, formally specified policies on existing applications using aspect-oriented programming, allowing for an agile, modular, and precise way to specify and to ensure their formal properties.

Implementing a modular access control service to support application-specific policies in CaesarJ

The design and implementation of a modular access control service that improves the separation between application logic and access control and has been implemented in CaesarJ.

Using aspects to design a secure system

  • G. GeorgI. RayR. France
  • Computer Science
    Eighth IEEE International Conference on Engineering of Complex Computer Systems, 2002. Proceedings.
  • 2002
It is illustrated how an aspect-oriented approach to modeling allows developers to encapsulate design concerns so that they can be woven into a design in a systematic and consistent manner.

Security Policy Enforcement in the OSGi Framework Using Aspect-Oriented Programming

  • Phu H. PhungDavid Sands
  • Computer Science
    2008 32nd Annual IEEE International Computer Software and Applications Conference
  • 2008
This paper identifies classes of reference monitor-style policies that can be defined and enforced using AspectJ, a well-known aspect-oriented programming language and introduces and implements various levels of security states in Java to describe session level history versus global application level history.

Static Validation of Licence Conformance Policies

This work shows how to develop a Flow Logic for validating the conformance of client software with respect to a licence conformance policy, and is sufficiently flexible that it extends to fully open systems that can admit new services on the fly.

Availability enforcement by obligations and aspects identification

This paper devise a new approach to design programs that enforce availability requirements based on a formal security model called Nomad which combines deontic and temporal logics and is based on aspect programming.

Role-Based Access Control Models

Why RBAC is receiving renewed attention as a method of security administration and review is explained, a framework of four reference models developed to better understandRBAC is described, and the use of RBAC to manage itself is discussed.

A Language-Based Approach to Security

Progress and prospects for language-based security are surveyed, giving overviews of in-lined reference monitors, certifying compilers, and advances in type theory.