The concept of context-dependent access control has emerged during the last years: Information about the state of a process model of a working environment is combined with general knowledge about a person to grant or revoke access to protected data. Being understood very well in principle, different problems arise when implementing context-dependent access control, in particular on an open network. This paper reports on an ongoing project on contextdependent access control to support distributed clinical trials. Centrally stored data will be accessed from contributors to the clinical trial over the Internet. We present in this paper how context-dependent access control can be implemented on the Internet in a secure way. Technically we use Java Servlets to implement the access control and SSL to secure communication. The whole framework is built around the Java Webserver. We emphasize the technical aspects of this scenario in this paper.
Ultes-Nitsche, Ulrich and Teufel, Stephanie, "Secure Access to Medical Data over the Internet" (2000). ECIS 2000 Proceedings. 137.