Share Email Print

Proceedings Paper

MAAC: a software tool for user authentication and access control to the electronic patient record in an open distributed environment
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

Designing proper models for authorization and access control for the electronic patient record (EPR) is essential to wide scale use of the EPR in large health organizations. This work presents MAAC (Middleware for Authentication and Access Control), a tool that implements a contextual role-based access control (RBAC) authorization model. RBAC regulates user’s access to computers resources based on their organizational roles. A contextual authorization uses environmental information available at access-request time, like user/patient relationship, in order to decide whether a user has the right to access an EPR resource. The software architecture where MAAC is implemented uses Lightweight Directory Access Protocol, Java programming language and the CORBA/OMG standards CORBA Security Service and Resource Access Decision Facility. With those open and distributed standards, heterogeneous EPR components can request user authentication and access authorization services in a unified and consistent fashion across multiple platforms.

Paper Details

Date Published: 19 April 2004
PDF: 12 pages
Proc. SPIE 5371, Medical Imaging 2004: PACS and Imaging Informatics, (19 April 2004); doi: 10.1117/12.535633
Show Author Affiliations
Gustavo HMB Motta, Univ. of Sao Paulo Medical School (Brazil)
Federal Univ. of Paraiba (Brazil)
Univ. of Sao Paulo Polytechnic School (Brazil)
Sergio S. Furuie, Univ. of Sao Paulo Medical School (Brazil)
Univ. of Sao Paulo Polytechnic School (Brazil)

Published in SPIE Proceedings Vol. 5371:
Medical Imaging 2004: PACS and Imaging Informatics
Osman M. Ratib; H. K. Huang, Editor(s)

© SPIE. Terms of Use
Back to Top
Sign in to read the full article
Create a free SPIE account to get access to
premium articles and original research
Forgot your username?