Situation-Based Access Control: privacy management via modeling of patient data access scenarios


Mor Peleg, Dizza Beimel, Dov Dori, Yaron Denekamp

Accepted for publication in J of Biomedical Informatics


Access control is a central problem in privacy management. A common practice in controlling access to sensitive data, such as electronic health records (EHRs), is Role-Based Access Control (RBAC). RBAC is limited as it does not account for the circumstances under which access to sensitive data is requested. Following a qualitative study that elicited access scenarios, we used Object-Process Methodology to structure the scenarios and conceive a Situation-Based Access Control (SitBAC) model. SitBAC is a conceptual model, which defines scenarios where patientís data access is permitted or denied. The main concept underlying this model is the Situation Schema, which is a pattern consisting of the entities Data-Requestor, Patient, EHR, Access Task, Legal-Authorization, and Response, along with their properties and relations. The various data-access scenarios are expressed via Situation Instances. While we focus on the medical domain, the model is generic and can be adapted to other domains.

Keywords: Privacy preservation, Access control, Conceptual model, Ontology, Object-Process Methodology