6533b82dfe1ef96bd1290864

RESEARCH PRODUCT

UML/OCL-based modeling of work-based access control policies for collaborative healthcare systems

Mehdi Ben LazragMohamed Abomhara

subject

Flexibility (engineering)021110 strategic defence & security studies021103 operations researchKnowledge managementComputer sciencebusiness.industry0211 other engineering and technologiesAccess control02 engineering and technologyObject (computer science)Domain (software engineering)Work (electrical)Unified Modeling LanguagebusinessSoftware engineeringcomputerObject Constraint Languagecomputer.programming_languageEclipse

description

A work-based access control (WBAC) model is proposed by introducing the team role concept and modifying the user-role assignment model from a previous work. The main goals of WBAC are flexibility, easy manageability, security, as well as suitability to support cooperative work of dynamic teams in healthcare environments. One of the major challenges of WBAC regards authorization constraints in terms of organizational policies. In this article, we show how Unified Modeling Language (UML) and Object Constraints Language (OCL) are utilized to design and analyze the authorization constraints of WBAC in cooperative engagements with complex scenarios in the collaborative healthcare domain. We also demonstrate how the authorization constraints expressed in OCL can be implemented, tested and validated using the Eclipse Modeling Framework (EMF) tool. Using EMF, the modeling and validation of OCL constraints were smooth and straightforward tasks which can help the policy designers in many organizations during designing or/and analyzing of access control policies.

yearjournalcountryeditionlanguage
2016-09-012016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom)
https://doi.org/10.1109/healthcom.2016.7749461