An Approach for Managing Access to Personal Information Using Ontology-Based Chains

Omran, Esraa (2013) An Approach for Managing Access to Personal Information Using Ontology-Based Chains. Doctoral thesis, University of Sunderland.

[img]
Preview
PDF
Esraathesis_28th_of_May.pdf - Accepted Version

Download (5MB)

Abstract

The importance of electronic healthcare has caused numerous
changes in both substantive and procedural aspects of healthcare
processes. These changes have produced new challenges to patient
privacy and information secrecy. Traditional privacy policies cannot
respond to rapidly increased privacy needs of patients in electronic
healthcare. Technically enforceable privacy policies are needed in
order to protect patient privacy in modern healthcare with its cross
organisational information sharing and decision making.
This thesis proposes a personal information flow model that specifies
a limited number of acts on this type of information. Ontology
classified Chains of these acts can be used instead of the
"intended/business purposes" used in privacy access control to
seamlessly imbuing current healthcare applications and their
supporting infrastructure with security and privacy functionality. In
this thesis, we first introduce an integrated basic architecture, design
principles, and implementation techniques for privacy-preserving
data mining systems. We then discuss the key methods of privacypreserving
data mining systems which include four main methods:
Role based access control (RBAC), Hippocratic database, Chain
method and eXtensible Access Control Markup Language (XACML).
We found out that the traditional methods suffer from two main
problems: complexity of privacy policy design and the lack of context
flexibility that is needed while working in critical situations such as the
one we find in hospitals. We present and compare strategies for
realising these methods. Theoretical analysis and experimental
evaluation show that our new method can generate accurate data
mining models and safe data access management while protecting
the privacy of the data being mined. The experiments followed
comparative kind of experiments, to show the ease of the design first
and then follow real scenarios to show the context flexibility in saving
personal information privacy of our investigated method.

Item Type: Thesis (Doctoral)
Subjects: Sciences > Health Sciences
Divisions: Collections > Theses
Depositing User: Barry Hall
Date Deposited: 24 Jul 2013 13:04
Last Modified: 07 Mar 2017 17:11
URI: http://sure.sunderland.ac.uk/id/eprint/4014

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year