政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/32648
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  全文笔数/总笔数 : 113656/144643 (79%)
造访人次 : 51725856      在线人数 : 556
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
  • 进阶搜寻
    政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 >  Item 140.119/32648


    请使用永久网址来引用或连结此文件: https://nccur.lib.nccu.edu.tw/handle/140.119/32648


    题名: 設計易調整的電子病歷存取控管機制
    Using Aspects to Implement Adaptable Access Control for Electronic Medical Records
    作者: 張淵鈞
    Chang, Yuan-chun
    贡献者: 陳恭
    Chen, Kung
    張淵鈞
    Chang, Yuan-chun
    关键词: 剖面導向程式設計
    電子病歷
    存取控管
    Aspect Oriented Programming
    Electronic Medical Records
    Access Control
    日期: 2005
    上传时间: 2009-09-17 13:56:00 (UTC+8)
    摘要: 存取控管是電子病歷 (Electronic Medical Records, EMR)安全防護的核心課題。為了因應醫病關係的變動及確保病患隱私,EMR的存取控管必須滿足動態和細緻化這兩大需求。但這樣的需求並不容易實現,因為負責存取控管的程式碼具有橫跨 (cross-cutting)的特性,必須嵌入到應用系統的各個模組,很容易與應用邏輯發生夾雜不清的現象。礙於現有的程式機制和開發工具對於這樣的安全需求無法提供有效的支援,因此本研究將以剖面導向程式設計 (Aspect Oriented Programming,AOP)技術為基礎,設計一個宣告式EMR安全控管方法,。
    在我們的方法中,安全控管邏輯將從EMR系統的核心抽離,並且匯集到單一的剖面 (Aspect)模組,使原有的系統更加模組化 (modularity)。此外,利用我們開發的存取控管程式碼產生器,安全管理者可以藉由宣告組態檔的方式產生EMR的存取控管程式碼。如此一來,安全管理者不僅可以容易地掌握全局、減少分散管理可能造成的疏失,更可以大幅減少維護EMR存取安全所需的時間及成本。
    This paper presents an aspect-oriented approach to providing adaptable access control framework for Electronic Medical Records (EMR) on Web-based platform. In our scheme, access control logic is decoupled from the core of application and collected into separate aspect modules which are automatically synthesized from access control rules in XML format and properly designed aspect templates. The generated aspect modules will then be compiled and integrated into the underlying application using standard aspect tools. At runtime, these aspect codes will be executed to enforce the required access control without any runtime interpretation overhead. Future changes of access control rules can also be effectively realized through these mechanisms without actual coding. This will not only improve the system’s modularity but also make the task of enforcing comprehensive access control more adaptable.
    參考文獻: 【1】 B. De Win, F. Piessens, W. Joosen and T. Verhanneman. 2002. On the importance of the separation-of-concerns principle in secure software engineering, ACSA Workshop on the Application of Engineering Principles to System Security Design 1-10.
    【2】 H. Ossher and P. Tarr. 2001. Using multidimensional separation of concerns to shape evolving software, Communications of the ACM, vol. 44, no. 10 43-50.
    【3】 Patient Privacy Rights. The Important Issues Privacy in Health Care. http://www.patientprivacyrights.org/site/PageServer?pagename=The_Important_Issues.
    【4】 HIPAA. http://www.cms.hhs.gov/hipaa.
    【5】 G. Kiczales, J. Lamping, A. Menhdhekar, C. Maeda, C. Lopes, J.-M. Loingtier, and J. Irwin. 1997. Aspect-Oriented Programming. ECOOP `97, LNCS 1241 220-242.
    【6】 Sun Microsystems, Inc. The Essentials of Filters. http://java.sun.com/products/servlet/Filters.html.
    【7】 S Probst, J Kueng. 2004. The Need for Declarative Security Mechanisms. IEEE Proceedings of the 30th EUROMICRO Conference .
    【8】 Sun Microsystems, Inc. Java Authentication and Authorization Service (JAAS). http://java.sun.com/products/jaas/index.jsp.
    【9】 Sun Microsystem, Inc. Java 2 Platform, Enterprise Edition (J2EE). http://java.sun.com/j2ee/.
    【10】 OASIS. eXtensible Access Control Markup Languages (XACML). http://www.oasis-open.org/specs/index.php.
    【11】 K. Beznosov. 2000. Engineering Access Control in Distributed Applications. PhD thesis, Florida International University, Miami, FL.
    【12】 R. Sandhu, E. Coyne, H. Feinstein, and C. Youman. 1996. Role-based access control models. IEEE Computer 29:2:38–47.
    【13】 B. De Win and B. De Decker. 2001. Building Frameworks in AspectJ. Workshop on Advanced Separation of Concerns 1-6.
    【14】 Goodwin, R., Goh, S.F. and Wu, F.Y. 2002. Instance-level access control for business-to-business electronic commerce. IBM System Journal, vol. 41, no. 2.
    【15】 K. Chen and C.W. Lin. 2006. An Aspect-Oriented Approach to Declarative Access Control for Web Applications. APWeb 2006, LNCS 3841.
    【16】 G. Kiczales, E. Hilsdale, J. Hugunin, M. Kersten, J. Palm, and W.G. Griswold. 2001. Getting Started with AspectJ, Comm. of ACM, vol. 44, no. 10 59-65.
    【17】 Tai-Wei Lin. 2002. Java Architecture for XML Binding:A Primer. http://developer.java.sun.com/developer/technicalArticles/xml/jaxb/.
    【18】 E-Taiwan Project. http://www.etaiwanexpo.nat.gov.tw/government/
    01about/abo_c02.asp?bull_id=93.
    【19】 W.S. Jian et al.. The Development of Taiwan Electronic Medical Record Template. http://emr.doh.gov.tw/htm?l/kaisya-annai.html.
    【20】 E. Gamma, R. Helm, R. Johnson, J. 1995. Vlissides: Design Patterns. A.W. L. ISBN0-201-63361-2.
    【21】 Roger Whitney. Advanced Object-Oriented Design and Programming. http://www.eli.sdsu.edu/courses/spring01/cs635/notes/visitor/.
    【22】 The Apache Struts Web Application Framework. http://struts.apache.org/.
    【23】 K. Chen, and C.H. Huang. A Practical Aspect Framework for Enforcing Fine-GrainedAccess Control in Web Applications. First Information Security Practice and Experience Conference 156-167.
    【24】 K. Chen and D.W. Wang. 2004. Toward Configurable Access Control for Healthcare Information Systems. Medical Information System in Taiwan 2004.
    【25】 T. Verhanneman, L. Jaco, B. De Win, F. Piessens, and W. Joosen. 2003. Adaptable Access Control Policies for Medical Information Systems. Proc. of Distributed Applications and Interoperable Systems LNCS 2893 133-140.
    【26】 M. Kudo and S. Hada. 2000. XML Document Security Based on Provisional Authorization. In Proceedings of the 7th ACM conference on Computer and communications security.
    【27】 E. Damiani, P. Samarati. 2002. A Fine Grained Access Control System for XML Documents. ACM Transactions on Information and System Security.
    【28】 J. Farrell and S. Hinkelman. 2004. XML Schema Design Guindlines. MedBiquitous Technical Steering Committee.
    【29】 Mark. Curphey. 2002. A Guide to Building Secure Web Applicationss. The Open Web Applications Security Project Version 1.1.
    【30】 C. Lai, L. Gong, L. Koved, A. Nadalin, and R. Schemers. 1999. User Authentication And Authorization In The Java Platform. Proceedings of Annual Computer Security Applications Conference 285-290.
    描述: 碩士
    國立政治大學
    資訊科學學系
    93753005
    94
    資料來源: http://thesis.lib.nccu.edu.tw/record/#G0093753005
    数据类型: thesis
    显示于类别:[資訊科學系] 學位論文

    文件中的档案:

    档案 描述 大小格式浏览次数
    75300501.pdf59KbAdobe PDF2703检视/开启
    75300502.pdf74KbAdobe PDF2829检视/开启
    75300503.pdf79KbAdobe PDF2880检视/开启
    75300504.pdf113KbAdobe PDF2943检视/开启
    75300505.pdf233KbAdobe PDF21274检视/开启
    75300506.pdf400KbAdobe PDF21127检视/开启
    75300507.pdf471KbAdobe PDF2959检视/开启
    75300508.pdf496KbAdobe PDF2987检视/开启
    75300509.pdf79KbAdobe PDF2840检视/开启
    75300510.pdf55KbAdobe PDF2804检视/开启
    75300511.pdf150KbAdobe PDF2769检视/开启


    在政大典藏中所有的数据项都受到原著作权保护.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回馈