Rishi Kanth Saripalle

Leveraging UML for security engineering and enforcement in a collaboration on duty and adaptive workflow model that extends NIST RBAC

To facilitate collaboration in the patient-centered medical home (PCMH), our prior work extended the NIST role-based access control (RBAC) model to yield a formal collaboration on duty and adaptive workflow (COD/AWF) model. The next logical step is to place this work into the context of an integrated software process for security engineering from design through enforcement. Towards this goal, we promote a secure software engineering process that leverages an extended unified modeling language (UML) to visualize COD/AWF policies to achieve a solution that separates concerns while still providing the means to securely engineer dynamic collaborations for applications such as the PCMH. Once defined, these collaboration UML diagrams can be utilized to generate the corresponding aspect oriented policy code upon which the enforcement mechanism can be applied to at runtime.

A Software Modeling Approach to Ontology Design via Extensions to ODM and OWL

Ontologies are built to establish standard terminologies representing a semantic agreement between humans and knowledge systems via representational frameworks (e.g., KIF, DAML+OIL, OWL, etc.) that have been proposed in the research community, with limited adoption in industry. One possible reason is a lack of a formal model and associated process to more precisely and accurately design and develop ontologies. The authors’ prior work explored UML, entity-relationship diagrams, and XML as compared to RDF and OWL, identifying modeling capabilities lacking in ontologies. In all three approaches, design precedes instantiation which contrasts with ontology developers who build ontologies at the application level targeted to a specific domain. The paper proposes design-level modeling enhancements to ontologies by extending the OMG Ontology Definition Model (ODM) and OWL grammar with capabilities from the three aforementioned approaches, promoting a software engineering-based process. As a result, this work provides a more software engineering-oriented process to ontology design and development.

A proposed star schema and extraction process to enhance the collection of contextual & semantic information for clinical research data warehouses

In the past decade, clinical patient data has played a pivotal role in clinical and translational research in support of new treatment options, medical interventions, drug development, etc. In support of this process, researchers require massive integrated data sets generated via a health information exchange (HIE) to centralize and automate the development and maintenance of a clinical research data warehouse (CRDW). The data harvested from the CRDW is obtained by cleansing transactional clinical databases (TCD) used for daily clinical activities. Traditionally, TCD schema and CRDW data models only capture conceptual patient data, often neglecting to address the contextual and semantic information attached to such data that is crucial for clinical analysis. In this paper, we propose a star schema and associated extraction process to enhance the collection of contextual and semantic information in support of CRDW that leverages HL7 Clinical Document Architecture in conjunction with the Reference Information Model.

Need for a Specialized Metamodel for Biomedical and Health Informatics Domain

The history of computing has taught the software community significant lessons and few of them in a hard way. After spending numerous resources, the community has realized the need for establishing standards or specification for efficiently handling interoperability issues across diverse applications and tools. For example, UML for model driven development, and XML for information exchange. The domain of biomedical informatics is traversing through a similar path where numerous resources are employed for achieving interoperability among heterogeneous biomedical applications. To mitigate this issue and learning from previous experiences, the biomedical domain has to establish a modeling standard for design and development of its software applications and tools. Towards this goal, this research article proposes a minimal metamodel for the domain of biomedical and health informatics based on MOF and UMLS Semantic Network.

SMARTSync: Towards patient-driven medication reconciliation

Interactions between prescription medications, over-the-counter drugs, and nutritional supplements can have negative consequences for patients. There is a need for the reconciliation across this spectrum spurred on by the adoption of electronic medical records by healthcare providers and the usage of personal health records by patients. In such a setting, unifying information from multiple sources through automated reconciliation can address adverse medication interactions, track adverse medication reactions, and avoid overmedication. This requires mitigating the integration issues of multiple data sources and systems. In this paper, we leverage Harvard Universitys SMART framework to perform medication reconciliation across different data sources, with the long-term goal of providing robust decision support for overmedication and adverse interactions. Our prototype application SMARTSync provides ontology-backed recognition of interactions, decision support, and is able to warn a patient (or notify a provider) of potential medication problems.

Towards knowledge level privacy and security using RDF/RDFS and RBAC

Information privacy and security plays a major role in domains where sensitive information is handled, such as case studies of rare diseases. Currently, security for accessing any sensitive information is provided by various mechanisms at the user/system level by employing access control models such as Role Based Access Control. However, these approaches leave security at the knowledge level unattended, which can be inadequate. For example, in healthcare, ontology-based information extraction is employed for extracting medical knowledge from sensitive structured/unstructured data sources. These information extraction systems act on sensitive data sources which are protected against unauthorized access at the system level based on the user, context and permissions, but the knowledge that can be extracted from these sources is not. In this paper we tackle the security or access control at the knowledge level by presenting a model, to enforce knowledge security/access by leveraging knowledge sources (currently focused on RDF) with the RBAC model. The developed model filters out knowledge by means of binary permissions on the knowledge source, providing each user with a different view of the knowledge source.