Modelling privilege management and access control

Objectives: For establishing trustworthiness in advanced architectures for future-proof health information systems being open, flexible, scaleable, portable, and semantically interoperabte, security and privacy services needed must be designed as an inherent part of the architecture. Such architecture has to meet the paradigms of distribution, component orientation, format modelling, separation of logical and technological aspects, etc. Methods: In model.-driven architectures components providing security and privacy services have to be specified using the same methodology of format models with meta-languages as expression means, as deployed in computational, technical, or medical domains. The resulting approach must be based on the ISO Reference Model-Open Distributed Processing. Results: Currently, standards developing organisation are defining emerging tasks and standards for semantic interoperabitity and trustworthy collaboration for advanced health information systems. Communication security issues have been specified and implemented, while application security challenges such as privilege management and access control are stilt under development. Therefore, a series of format models have been developed by the authors covering, e.g. domains, service delegation, claims control, policies, rotes, authorisations, and access control. The required models are introduced and interpreted in a generic way. The crucial concept of security policy and its relationship to the other concepts has been considered in detail. Conclusion: Based on format models, security services can be integrated into advanced systems architectures enabling semantic interoperabitity in the context of trustworthiness of communication and co-operation. (c) 2005 Elsevier Ireland Ltd. All rights reserved.