UML/OCL-based modeling of work-based access control policies for collaborative healthcare systems

A work-based access control (WBAC) model is proposed by introducing the team role concept and modifying the user-role assignment model from a previous work. The main goals of WBAC are flexibility, easy manageability, security, as well as suitability to support cooperative work of dynamic teams in healthcare environments. One of the major challenges of WBAC regards authorization constraints in terms of organizational policies. In this article, we show how Unified Modeling Language (UML) and Object Constraints Language (OCL) are utilized to design and analyze the authorization constraints of WBAC in cooperative engagements with complex scenarios in the collaborative healthcare domain. We also…