security enhanced linux to enforce mandatory access control in health information systems

《security enhanced linux to enforce mandatory access control in health information systems》由会员上传分享，免费在线阅读，更多相关内容在工程资料-天天文库。

1、SecurityEnhancedLinuxtoEnforceMandatoryAccessControlinHealthInformationSystemsLuisFranco,TonySahama,PeterCrollFacultyofInformationTechnologyQueenslandUniversityofTechnologyGPOBox2434,Brisbane,QLD4001,Australialfranco@student.qut.edu.auAbstract(EHR)hasraisedconcernsinrelationwiththetr

2、ustworthinessofthesystemsbywhichpatientscanThispaperintroducesSecurityEnhancedLinuxaccesstheirownrecords.Mainprivacyissuesrelated(SELinux)astherequiredOperatingSystem(OS)towithsystemsthatmanageEHRarethoseinwhichtheenforceMandatoryAccessControl(MAC)mechanismsaccesstoHealthInformationc

3、anbecompromised.toprotectHealthInformation.HealthInformationAuthenticationandauthorizationarekeysecuritygoalsinSystems(HIS)requireanOSwhichcanenforceMACHISwhileauthorizingaccesstotheresourcesonlytorulessothataccesstotheresourcesdoesnotrelyonthethoseindividualswiththeneed-to-knowright

4、stothediscretionoftheusers,thusminimizingthedamagewheninformation,andgrantingtheleastnumberofprivilegesusers’applicationsarecompromised.SELinuxprovidesarequiredtocommittheintendedtasks.Systemswithpoorflexibleandfine-grainedMACarchitectureimplementingsecuritymechanismscanbefaultedthro

5、ughunauthorizedacombinationofTypeEnforcement(TE)andRole-BasedaccesstotheinformationthatcanbeobtainedbyposingAccessControl(RBAC).SELinuxhowever,isconsideredasthepatientorhackingintothedatabase/system.tobedifficulttoimplementbecauseofthecomplexityofPrivacycanbealsocompromisedwhenauthor

6、izedusersSELinuxpoliciesrequiredbythefine-grainedaccesshaveaccesstomoreinformationthantheyrequireandcontrols.ToreducethecomplexitytomanageSELinuxusingitforpurposesforwhichtheywerenotauthorized.policiesdifferenttoolsandmethodshavebeendevelopedForasystemtobeconsideredusableandlegallyin

7、creasingthefeasibilitytouseSELinuxtocreatetrustedcompliant,privacyandsecurityissuesmustbeadequatelysystems.addressed.Keywords:HIS,AccessControl,HealthInformationHISareconstructedwiththeawarenessthatsecurityisPrivacy,SELinux,MAC,RBAC,SELinuxPolicyTools.requiredtoassureindividualsthatt

8、heirHealthIn