February 15, 2019 Outline

Reading: text, §8; paper [WB04]
Due: Project Progress Report, due February 15, 2019; Homework 3, due February 22, 2019


  1. Clinical Information System Security model
    1. Intended for medical records; goals are confidentiality, authentication of annotators, and integrity
    2. Patients, personal health information, clinician
    3. Assumptions and origin of principles
    4. Access principles
    5. Creation principle
    6. Deletion principle
    7. Confinement principle
    8. Aggregation principle
    9. Enforcement principle
    10. Comparison to Bell-LaPadula: lattice structure but different focus
    11. Comparison to Clark-Wilson: specialization
  2. ORCON
    1. Originator controls distribution
    2. DAC, MAC inadequate
    3. Solution is combination
  3. Role-based Access Control (RBAC)
    1. Definition of role
    2. Partitioning as job function
    3. Axioms
    4. Containment and other uses
    5. RBAC0, RBAC1, RBAC2, RBAC3

UC Davis seal
Matt Bishop
Office: 2209 Watershed Science
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
You can also obtain a PDF version of this.
Version of February 15, 2019 at 9:58PM