George Pangalos

Flexible team-based access control using contexts

We discuss the integration of contextual information with team-based access control. The TMAC model was formulated by Thomas in [1] to provide access control for collaborative activity best accomplished by teams of users. In TMAC, access control revolves around teams, where a team is an abstraction that encapsulates a collection of users in specific roles and collaborating with the objective of accomplishing a specific task or goal. Users who belong to a team are given access to resources used by a team. However, the effective permissions of a user are always derived from permission types defined for roles that the user belongs to. TMAC is an example of what we call active security models. These models are aware of the context associated with an ongoing activity in providing access control and thus distinguish the passive concept of permission assignment from the active concept of context-based permission activation. The ability to integrate contextual information allows models such as TMAC to be flexible and express a variety of access policies that can provide tight and just-in-time permission activation.

A flexible content and context-based access control model for multimedia medical image database systems

In many health care information systems medical images are an important part of the multimedia medical patient record. Most of the work on multimedia medical images security until now has focused on cryptographic approaches. While valuable, cryptography is not enough to control access to medical images. Therefore additional protection approaches should be applied at a higher level. Role-based access control (RBAC) is a good candidate to provide access control in a multimedia medical image database system. Roles accurately describe which types of people need to access to certain types of objects. However, in a multimedia medical image database system, specifications of image access rights are often content and context-dependent as well as time-dependent. Unfortunately, RBAC cannot be used to handle the above requirements. In this paper we describe an extended role-based access control model by considering, in the specification of the Role-Permission relationship phase, the constraints which must be satisfied in order for the holders of the permission to use those permissions. The use of constraints allows role-based access control to be tailored to specify very fine-grained, flexible, content, context and time-based access control policies. The proposed access control model preserves the advantages of scaleable security administration that RBAC-style models offer and yet offers the flexibility to specify complex access restrictions based on the semantic content of the images, the attributes of the user accessing the image, the relationship between the user and the patient whose images are to be accessed and the time. The description of an access control algorithm and a system architecture for a secure medical image DBMS are also presented.

A Methodology for Reliability Analysis in Health Networks

A reliability model for a health care domain based on requirement analysis at the early stage of design of regional health network (RHN) is introduced. RHNs are considered as systems supporting the services provided by health units, hospitals, and the regional authority. Reliability assessment in health care domain constitutes a field-of-quality assessment for RHN. A novel approach for predicting system reliability in the early stage of designing RHN systems is presented in this paper. The uppermost scope is to identify the critical processes of an RHN system prior to its implementation. In the methodology, Unified Modeling Language activity diagrams are used to identify megaprocesses at regional level and the customer behavior model graph (CBMG) to describe the states transitions of the processes. CBMG is annotated with: 1) the reliability of each component state and 2) the transition probabilities between states within the scope of the life cycle of the process. A stochastic reliability model (Markov model) is applied to predict the reliability of the business process as well as to identify the critical states and compare them with other processes to reveal the most critical ones. The ultimate benefit of the applied methodology is the design of more reliable components in an RHN system. The innovation of the approach of reliability modeling lies with the analysis of severity classes of failures and the application of stochastic modeling using discrete-time Markov chain in RHNs.

The Importance of Corporate Forensic Readiness in the Information Security Framework

Corporate forensics is rapidly becoming an essential component of modern business. Having no a priori knowledge on whether a security related event or corporate policy violation will lead to litigation, it is argued in this paper that digital forensics principles need to be applied to all corporate investigatory, monitoring and auditing activities. Corporate forensics are also necessary in modern organizations in order to credibly investigate what and how it happened, what part of the security policy was breached, whether existing corporate security mechanisms are sufficient and responding promptly, help investigate the impact and costs of a security incident, help management take well documented actions, and so forth. Forensic practices are therefore departing fast from the niche of law enforcement and becoming a business function and infrastructural component. This migration poses new challenges to security professionals that must be resolved. Furthermore, protecting information and information assets solely through technical means and security procedures is also no longer sufficient in modern corporate environments, as accountability from management is also needed. Forensic readiness helps enhance the security strategy of an organization, reduce the impact of a security incident and provide management with the means to demonstrate that reasonable care has been taken to protect information resources. Forensic readiness is becoming important for modern corporate environments and a significant component of the Information Security Good Practice. In this paper we also advocate that the scope of forensics needs to be expanded in order to encompass the whole information security domain and we address a number of related issues that need further attention or must be resolved in order to take full advantage of forensic readiness in a corporate environment. The expanded scope of information security due to the inclusion of forensic readiness is expected to disturb established information security good practices. As such we challenge the concept of a generic good practice, its applicability to a specific organizational context and we investigate alternatives for adapting information security good practices to accommodate digital forensics processes.

Rheological Properties of News Inks

This work examines the effect of ink composition on steady‐state and time‐dependent behavior in simple shear, as well as on extensional flow behavior. The inks studied were formulated to represent a spectrum of compositions typical of North American news inks. Hydrocarbon pitch, a common dispersant, is found to lower the viscosity at low shear rates in simple shear and to cause a dramatic drop in the extensional stress in a uniaxial stretching test. The addition of a commercial resin commonly found in lithographic inks increased both the viscosity in simple shear and the extensional stress. With respect to time‐dependent behavior, not only is the duration of the shearing of an ink important but also the direction of repeated shear pulses and the time interval between such pulses. The first normal stress difference was found to be negative in certain shear rate ranges. The shear stress‐shear rate relationship of the inks examined has been successfully described by a four‐parameter model.

Implementing Context and Team Based Access Control in Healthcare Intranets

The establishment of an efficient access control system in healthcare intranets is a critical security issue directly related to the protection of patients privacy. Our C-TMAC (Context and Team-based Access Control) model is an active security access control model that layers dynamic access control concepts on top of RBAC (Role-based) and TMAC (Team-based) access control models. It also extends them in the sense that contextual information concerning collaborative activities is associated with teams of users and user permissions are dynamically filtered during runtime. These features of C-TMAC meet the specific security requirements of healthcare applications. In this paper, an experimental implementation of the C-TMAC model is described. More specifically, we present the operational architecture of the system that is used to implement C-TMAC security components in a healthcare intranet. Based on the technological platform of an Oracle Data Base Management System and Application Server, the application logic is coded with stored PL/SQL procedures that include Dynamic SQL routines for runtime value binding purposes. The resulting active security system adapts to current need-to-know requirements of users during runtime and provides fine-grained permission granularity. Apart from identity certificates for authentication, it uses attribute certificates for communicating critical security metadata, such as role membership and team participation of users.

eMEDAC: Role-based Access Control Supporting Discretionary and Mandatory Features

In this paper, we present an enhanced use of RBAC features in articulating a security policy for access control in medical database systems. The main advantage of this implementation is that it supports both MAC and DAC features at the same time; a feature that has been proved to be necessary in healthcare environments. The eMEDAC security policy that results from the above implementation provides an enhanced redefinition of a number of mechanisms of the already known MEDAC security policy. The concept of hyper node hierarchies is proposed for deriving totally ordered security levels while preserving the role hierarchy levels required satisfying particular administration needs. Finally, a demonstration example is given based on the pilot implementation of the proposed security policy in a major Greek hospital. The advantages offered are related to the efficiency of access control, the flexibility and decentralisation of administration, and the storage savings.

Security Issues in a Mobile Computing Paradigm

In this paper, we discuss operational and security issues arising from the use of mobile components in distributed systems. We argue that mobile agents can be used to overcome intrinsic problems of wireless networking. We define the operational model of our mobile computing environment, where we plan to demonstrate our proposed solutions. We also discuss security problems and mechanisms that can be applied to each one of the three main components of our mobile computing model, which is intended to be implemented in a health care paradigm, where special conditions and emergency needs are imposing the use of services supported with mobile computing.

Security of medical multimedia

The application of information technology to health care has generated growing concern about the privacy and security of medical information. Furthermore, data and communication security requirements in the field of multimedia are higher. In this paper we describe firstly the most important security requirements that must be fulfilled by multimedia medical data, and the security measures used to satisfy these requirements. These security measures are based mainly on modern cryptographic and watermarking mechanisms as well as on security infrastructures. The objective of our work is to complete this picture, exploiting the capabilities of multimedia medical data to define and implement an authorization model for regulating access to the data. In this paper we describe an extended role-based access control model by considering, within the specification of the role-permission relationship phase, the constraints that must be satisfied in order for the holders of the permission to use those permissions. The use of constraints allows role-based access control to be tailored to specifiy very fine-grained and flexible content-, context- and time-based access control policies. Other restrictions, such as role entry restriction also can be captured. Finally, the description of system architecture for a secure DBMS is presented.

Towards dynamically administered role-based access control

In digital business, the need for efficient frameworks to address the multifaceted security issues related to Web-based applications, has led to efforts towards the development of dynamically administered access control systems that implement robust access control models, to allow controlled access of information based on content or context of processing, and secure interoperation in a dynamic distributed enterprise environment. Pure RBAC seems to be suitable for function-oriented organization structures usually used in relatively stable environments. On the other hand, TBAC and TMAC provide a complementary support in environments that are based on process-oriented organization structures. However, current organizational alternatives lead to the combination of the above approaches, in the form of a matrix organization structure that maximizes the advantages of functional and process-oriented structures and introduces the need for new access control administration paradigms. In this paper, we discuss our approach for dynamically administered role-based access control, which covers the need-to-know requirements of users and missions are involved with, and provides tight and just-in-time access control without sacrificing operability and simplicity of administration.