Page 30 - Trust in ICT 2017
P. 30

1                                                    Trust in ICT































                                    Figure 5 – An e-Health application service model [113]

            Again, these challenges can be solved by using trust-based access control mechanism in which the trust level
            for each person is calculated by the trust platform; then mapped to an authorized access control rules.

            5.2.2.2    Actors
            A Patients: using sensor (medical status measurement) devices
            E-Health application service providers: providing sensor devices and operating remote patient monitoring,
            care and notification services
            Care givers: (e.g. nurses, doctors, homecare assistants, emergency responders) and other administrative
            users with authorization to access healthcare data (e.g. insurance providers, billing personnel). It also refers
            to these entities as “participants in the healthcare episode” in some occasions.
            M2M  service  providers,  network  operators:  providing  connectivity  services  for  the  patients,  e-health
            application providers and care givers.
            Trust Platform: responsible for trust evaluation between nodes in wireless networks and an intelligent engine
            to detect whether a node with a specific trust level in a particular context is malicious or not.
            Access Control Policy and Mapping Manager: to map each trust level (of each device) to a specific access
            control policy.

            5.2.2.3    Pre-condition
            A categorization rule set, that is able to categorize various entries within a medical record according to the
            sensitivity levels and label them accordingly, must exist.
            A redaction engine that is able to examine the raw medical record and produce different versions of the
            record at different redaction levels with only data that is at or below a sensitivity level.

            A policy engine that is able to examine medical records and determine level of criticality (applicable to one
            of the flows described).

            A set of authorization policies that describe what authorization level is required to be able to access data at
            each redaction level.

            An  authorization  engine/server  that  interacts  with  each  user  of  the  e-health  application  to  verify  their
            claimed authorization level, for example the server may perform an authentication function with the user.





            22
   25   26   27   28   29   30   31   32   33   34   35