Security Middleware Infrastructure for DICOM Images in Health Information Systems |
| |
| Authors: | Vijay N. V. Kallepalli Sylvanus A. Ehikioya Sergio Camorlinga Jose A. Rueda |
| |
| Affiliation: | (1) Department of Computer Science, University of Manitoba, 561 Machray Hall, Winnipeg, Manitoba, R3T 2N2, Canada;(2) Department of Radiology, St. Boniface General Hospital Research Centre and University of Manitoba, 351 Tache avenue, Room 2019-5, Winnipeg, Manitoba, R2H 2A6, Canada;(3) TRLabs, 100-135, Innovation Drive, Winnipeg, Manitoba, R3T 6A8, Canada;(4) St. Boniface General Hospital Research Centre, 351 Tache Avenue, Room 2019-5, Winnipeg, Manitoba, R2H 2A6, Canada |
| |
| Abstract: | In health care, it is mandatory to maintain the privacy and confidentiality of medical data. To achieve this, a fine-grained access control and an access log for accessing medical images are two important aspects that need to be considered in health care systems. Fine-grained access control provides access to medical data only to authorized persons based on priority, location, and content. A log captures each attempt to access medical data. This article describes an overall middleware infrastructure required for secure access to Digital Imaging and Communication in Medicine (DICOM) images, with an emphasis on access control and log maintenance. We introduce a hybrid access control model that combines the properties of two existing models. A trust relationship between hospitals is used to make the hybrid access control model scalable across hospitals. We also discuss events that have to be logged and where the log has to be maintained. A prototype of security middleware infrastructure is implemented. |
| |
| Keywords: | DICOM security infrastructure access control policy management log maintenance health care middleware privacy confidentiality PHIA |
| 本文献已被 SpringerLink 等数据库收录! |
|
