Artículos (Ingeniería de Sistemas y Automática)

URI permanente para esta colecciónhttps://hdl.handle.net/11441/11342

Examinar

Examinando Artículos (Ingeniería de Sistemas y Automática) por Materia "Access control"

Seleccione resultados tecleando las primeras letras
Mostrando 1 - 2 de 2
  • Miniatura
    Acceso AbiertoArtículo
    Easing the development of healthcare architectures following RM-ODP principles and healthcare standards
    (Elsevier, 2013-03) Calvillo Arbizu, Jorge; Román Martínez, Isabel; Rivas Rivas, Sergio; Roa Romero, Laura María; Universidad de Sevilla. Departamento de Ingeniería de Sistemas y Automática; Universidad de Sevilla. Departamento de Ingeniería Telemática; CIBER-BBN; Instituto de Salud Carlos III; European Commission (EC). Fondo Europeo de Desarrollo Regional (FEDER); Universidad de Sevilla. TIC203: Ingeniería Biomédica
    RM-ODP has been widely accepted and used in the field of system and software model engineering and of enterprise computing within different environments. One of these specific domains is healthcare, in which the international standard Health Information Services Architecture (HISA) is applied under the directives of RM-ODP. HISA presents a flexible architecture identifying common use cases, actors, information, and services and easing its extension with specific services, systems and information. The HISA standard follows system specification through the RM-ODP viewpoints but it does not consider other features of the reference model, such as the Enterprise language or the UML4ODP specification. In this paper, we introduce the rationale and specification of the three technology-independent viewpoints of an HISA-based architecture conforming to RM-ODP and UML4ODP. Moreover, we evaluate how easy it is to extend this architecture to introduce specific services and elements. As proof of concept we explore security and privacy issues (i.e., requirements, actors, information objects, etc.) and enrich the architecture with suitable objects and services, mainly from access control standardization efforts. In addition, a detailed discussion about the divergences between RM-ODP and HISA is presented. The main contribution of our work is to develop (guided by RM-ODP, HISA, and other standards) a methodology and tools allowing healthcare service developers and designers to build solutions conforming to standards and leveraging the benefits of distribution and interoperability. These tools consist of the specification of three technology-independent viewpoints according to the guidelines of HISA, RM-ODP and UML4ODP for the healthcare domain, and they will be freely available. In parallel, these viewpoints are extended with access control issues, and the adequacy of the HISA extension mechanism is evaluated.
  • Miniatura
    Acceso AbiertoArtículo
    Privilege Management Infrastructure for Virtual Organizations in Healthcare Grids
    (Institute of Electrical and Electronics Engineers Inc., 2011-03) Calvillo Arbizu, Jorge; Román Martínez, Isabel; Rivas Rivas, Sergio; Roa Romero, Laura María; Universidad de Sevilla. Departamento de Ingeniería de Sistemas y Automática; Universidad de Sevilla. Departamento de Ingeniería Telemática; CIBER-BBN; Instituto de Salud Carlos III; Universidad de Sevilla. TIC203: Ingeniería Biomédica
    This paper is focused on the management of virtual organizations (VO) inside healthcare environments where grid technology is used as middleware for a healthcare services-oriented architecture (HSOA). Some of the main tasks considered for the provision of an efficient VOmanagement aremanagement of users, assignation of roles to users, assignation of privileges to roles, and definition of resources access policies. These tasks are extremely close to privilege management infrastructures (PMI), so we face VOmanagement services as part of the PMI supporting access control to healthcare resources inside the HSOA. In order to achieve a completely open and interoperable PMI, we review and apply standards of security and architectural design. Moreover, semantic technologies are introduced in decision points for access control allowing the management of a high degree of descriptors by means of ontologies and infer the decision making through rules and reasoners.