Enforcing security requires the application of an access control model. The access control models used today have limitations that become evident when applied in collaborative environments, such as medical environments. To overcome these problems, a system has been developed in order to introduce dynamic access security. The system at hand combines effectively (C-TMAC) Team-based access control using contexts model and knowledge base technology. The system’s security scheme fine-grains the users’ access rights by integrating the Role Based Access Controls (RBAC) model and the (C-TMAC) model through knowledge-based systems technology. The originality lies on the fact that the users in the system are authenticated by combining their individual access rights (RBAC), their team’s access rights (C-TMAC) and the context information associated with the team they belong to.
Furthermore, knowledge-based technology is used for the representation of knowledge and reasoning. The system initiates with some facts and rules and is able to learn, infer knowledge and produce meta-knowledge. Therefore the system can train itself and respond in non-deterministic way to user requests. Any change in context information fires a new rule in the knowledge base. The proposed system is an automated and self-controlled system called (K-BASS) Knowledge-based Access Security System that may be used in medical environments, to dynamically assign permission rights and to add new medical staff and patients.
Vakaros, George; Pangalos, George; and Arrow Technologies s.a, "K-bass: A Knowledge–Based Access Security System For Medical Environments" (2009). MCIS 2009 Proceedings. 74.