Full Content is available to subscribers

Subscribe/Learn More  >
Proceedings Article

MAAC: a software tool for user authentication and access control to the electronic patient record in an open distributed environment

[+] Author Affiliations
Gustavo H. Motta

Univ. of Sao Paulo Medical School (Brazil) and Federal Univ. of Paraiba (Brazil) and Univ. of Sao Paulo Polytechnic School (Brazil)

Sergio S. Furuie

Univ. of Sao Paulo Medical School (Brazil) and Univ. of Sao Paulo Polytechnic School (Brazil)

Proc. SPIE 5371, Medical Imaging 2004: PACS and Imaging Informatics, 360 (April 19, 2004); doi:10.1117/12.535633
Text Size: A A A
From Conference Volume 5371

  • Medical Imaging 2004: PACS and Imaging Informatics
  • Osman M. Ratib; H. K. Huang
  • San Diego, CA | February 14, 2004

abstract

Designing proper models for authorization and access control for the electronic patient record (EPR) is essential to wide scale use of the EPR in large health organizations. This work presents MAAC (Middleware for Authentication and Access Control), a tool that implements a contextual role-based access control (RBAC) authorization model. RBAC regulates user"s access to computers resources based on their organizational roles. A contextual authorization uses environmental information available at access-request time, like user/patient relationship, in order to decide whether a user has the right to access an EPR resource. The software architecture where MAAC is implemented uses Lightweight Directory Access Protocol, Java programming language and the CORBA/OMG standards CORBA Security Service and Resource Access Decision Facility. With those open and distributed standards, heterogeneous EPR components can request user authentication and access authorization services in a unified and consistent fashion across multiple platforms.

© (2004) COPYRIGHT SPIE--The International Society for Optical Engineering. Downloading of the abstract is permitted for personal use only.
Citation

Gustavo H. Motta and Sergio S. Furuie
"MAAC: a software tool for user authentication and access control to the electronic patient record in an open distributed environment", Proc. SPIE 5371, Medical Imaging 2004: PACS and Imaging Informatics, 360 (April 19, 2004); doi:10.1117/12.535633; http://dx.doi.org/10.1117/12.535633


Access This Proceeding
Sign in or Create a personal account to Buy this proceeding ($15 for members, $18 for non-members).

Figures

Tables

NOTE:
Citing articles are presented as examples only. In non-demo SCM6 implementation, integration with CrossRef’s "Cited By" API will populate this tab (http://www.crossref.org/citedby.html).

Some tools below are only available to our subscribers or users with an online account.

Related Content

Customize your page view by dragging & repositioning the boxes below.

Related Book Chapters

Topic Collections

Advertisement
  • Don't have an account?
  • Subscribe to the SPIE Digital Library
  • Create a FREE account to sign up for Digital Library content alerts and gain access to institutional subscriptions remotely.
Access This Proceeding
Sign in or Create a personal account to Buy this proceeding ($15 for members, $18 for non-members).
Access This Proceeding
Sign in or Create a personal account to Buy this article ($15 for members, $18 for non-members).
Access This Chapter

Access to SPIE eBooks is limited to subscribing institutions and is not available as part of a personal subscription. Print or electronic versions of individual SPIE books may be purchased via SPIE.org.