Change search
ReferencesLink to record
Permanent link

Direct link
Distributed Policy Decision Points for Electronic Health Records
KTH, School of Information and Communication Technology (ICT).
2012 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

The advancement in technology mandates the extensive use of computerized healthcare devices making Electronic Health Records (EHRs) the way to store the patient details. The EHR systems have high availability and security requirements for the storage database. DIGHT is a distributed key-value store architecture being developed at SICS addressing the problems of high availability and scalability, data integrity and confidentiality, accountability, EHR versioning and extensibility.

This Master thesis addresses the authorization requirements of the EHR systems. eXtensible Access Control Markup Language (XACML) is a OASIS standard for general purpose access control policy language designed for managing the access for resources. All of the available open source implementation of Policy Decision Point(PDP) conforms to XACML version 2.0 and retrieves the policies from the traditional file systems.

Sun open source implementation of PDP conforming to XACML 2.0 was evaluated. It was upgraded to conform with XACML 3.0 standards. The XACML Admin Profile for delegation was also implemented. The testing was carried out with a prototype application which accepts text sms from registered doctors through an sms gateway. The application was designed for adding new patient record, medical record to an existing patient and retrieving existing patient and medical records. The application generates the XACML Request and send it to the PDP for evaluation. The XACML policies for authorizing the doctors were stored in MySQL database clusters. The PDP evaluates the request and send the XACML Response back to the application. The application processes the response and send appropriate reply to the sender.

Performance evaluation was carried out with policies stored in database clusters. The thesis also discusses about the possible future enhancements like implementing XACML profile for SAML assertions, implementing the Policy Information Point to fetch attributes.

Place, publisher, year, edition, pages
2012. , 66 p.
Trita-ICT-EX, 9
National Category
Engineering and Technology
URN: urn:nbn:se:kth:diva-90810OAI: diva2:506602
Subject / course
Information and Software Systems
Educational program
Master of Science -Communication Systems
Available from: 2012-02-29 Created: 2012-02-29 Last updated: 2012-02-29Bibliographically approved

Open Access in DiVA

fulltext(960 kB)184 downloads
File information
File name FULLTEXT01.pdfFile size 960 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
School of Information and Communication Technology (ICT)
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 184 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 220 hits
ReferencesLink to record
Permanent link

Direct link