Adaptive solutions for access control within pervasive healthcare systems

Abstract

In the age of mobile computing and distributed systems, healthcare systems are employing service-oriented computing to provide users with transparent accessibility to reach their distributed resources at anytime, anywhere and anyhow. Meanwhile, these systems tend to strengthen their security shields to ensure the limitation of access to authorized entities. In this paper, we examine mobile querying of distributed XML databases within a pervasive healthcare system. In such contexts, policies - as XACML - are needed to enforce access control. We study the reactivity of this policy in the case of a user demanding access to unauthorized data sources showing that the policy will respond negatively to user demands. Thus, we propose to employ an adaptive mechanism that would provide users with reactive and proactive solutions. Our proposal is accomplished by using the RBAC scheme, the user profile and some predefined semantics in order to provide users with alternative and relevant solutions without affecting the system's integrity. © 2008 Springer-Verlag Berlin Heidelberg.