interconnecting autonomous medical domains gritzalis, s.gritzalis, s. ; belsis, p. ; katsikas, s.k....
DESCRIPTION
Policy-Based Management XACML standardized and open, allowing extensions that enable interoperation between various platforms it is codified in XML, which tends to dominate as a codification standard and is operating-system independent it allows extensions so as to support the needs for a variety of environments it allows context-based authorization Policy enforcement point (PEP) grants access after receiving an appropriate message from the PDP Policy decision point (PDP) reasons over a specific access request after evaluating both the requestor ’ s credentials and the request according to the policy in force Policy information point (PIP) responsible for retrieving environmental attributesTRANSCRIPT
![Page 1: Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K](https://reader036.vdocument.in/reader036/viewer/2022082800/5a4d1b707f8b9ab0599b52f2/html5/thumbnails/1.jpg)
InterconnectingAutonomous Medical
DomainsGritzalisGritzalis, S., S. ; Belsis, P. ; Katsikas, S.K. ; ; Belsis, P. ; Katsikas, S.K. ;
Univ. of the Aegean, Samos Univ. of the Aegean, Samos
This paper appears in:This paper appears in: Engineering in Medicine and Biolo Engineering in Medicine and Biology Magazine, IEEE gy Magazine, IEEE
Issue Date : Issue Date : Sept.-Oct. 2007 Sept.-Oct. 2007
![Page 2: Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K](https://reader036.vdocument.in/reader036/viewer/2022082800/5a4d1b707f8b9ab0599b52f2/html5/thumbnails/2.jpg)
Access Control Models Group-oriented rather than individual-oriented
access control makes the process more easily manageable
role based access control (RBAC) model
![Page 3: Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K](https://reader036.vdocument.in/reader036/viewer/2022082800/5a4d1b707f8b9ab0599b52f2/html5/thumbnails/3.jpg)
Policy-Based Management XACML
standardized and open, allowing extensions that enable interoperation between various platforms
it is codified in XML, which tends to dominate as a codification standard and is operating-system independent
it allows extensions so as to support the needs for a variety of environments
it allows context-based authorization Policy enforcement point (PEP)
grants access after receiving an appropriate message from the PDP Policy decision point (PDP)
reasons over a specific access request after evaluating both the requestor’s credentials and the request according to the policy in force
Policy information point (PIP) responsible for retrieving environmental attributes
![Page 4: Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K](https://reader036.vdocument.in/reader036/viewer/2022082800/5a4d1b707f8b9ab0599b52f2/html5/thumbnails/4.jpg)
![Page 5: Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K](https://reader036.vdocument.in/reader036/viewer/2022082800/5a4d1b707f8b9ab0599b52f2/html5/thumbnails/5.jpg)
Multidomain AccessControl Enforcement
Access to data should be regulated by specific generic guidelines, applicable for all the cooperating medical environments.
Free. Enforcement points should be autonomous and should have freedom in managing their IT infrastructure.
Dynamic. Healthcare units can join or leave at any time, increasing the complexity of the overall management.
No centralized authorization architecture. Security policies can be defined locally
Transparency. The procedures for accessing medical data, whether these are stored locally or in a remote domain, should be identical.
![Page 6: Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K](https://reader036.vdocument.in/reader036/viewer/2022082800/5a4d1b707f8b9ab0599b52f2/html5/thumbnails/6.jpg)
![Page 7: Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K](https://reader036.vdocument.in/reader036/viewer/2022082800/5a4d1b707f8b9ab0599b52f2/html5/thumbnails/7.jpg)
Interoperability Issues in Multidomain Environments
Exchanging HL7 messages can be made through cost-effective channels such as the Internet
Secure information transfer over networks is realized via the secure file transfer protocol (SFTP)
All the inter-domain communications are encrypted using the secure sockets layer protocol
![Page 8: Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K](https://reader036.vdocument.in/reader036/viewer/2022082800/5a4d1b707f8b9ab0599b52f2/html5/thumbnails/8.jpg)
Virtual Ontology Networks In order to avoid irrelevant queries to a
specific domain, we create an appropriate ontology that can be considered as a set of metadata and meta-knowledge that provides a set of concepts and terms to describe the information content of the specific domain
Each request for specific medical information will be directed to an appropriate (in terms of stored medical content) domain
![Page 9: Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K](https://reader036.vdocument.in/reader036/viewer/2022082800/5a4d1b707f8b9ab0599b52f2/html5/thumbnails/9.jpg)
![Page 10: Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K](https://reader036.vdocument.in/reader036/viewer/2022082800/5a4d1b707f8b9ab0599b52f2/html5/thumbnails/10.jpg)
Conclusions and Future Directions Enabling multi-domain infrastructures to
communicate and exchange medical information