Hamed ArshadPh.D. started in: 2017
Expected year of graduation: 2020
COINS consortium member: University of Oslo
Supervised by: Christian Johansen, Olaf Owe
Research area: Models and Protocols
Project title: Attribute Based Access Control
Project description: Access control is an important mean to achieve security and privacy in e-health care systems. Access control is part of the authorization process where the system checks the enforced rules to ensure that only authorized users get access to resources in a system. Hence, employing an access control mechanism in e-health care systems is a necessity. Attribute-based Access Control (ABAC) is the successor of Role-based AC where both resources and subjects have attributes, and a set of attributes can be understood as defining a role. ABAC has reached the maturity of OASI standards with XACML 3.0 and SAML 2.0 with existing tools like open-source Balana or PicketBox from RedHat JBoss or proprietary engines like from Axiomatics. The research will initially focus on creating a framework for attribute-based access control and apply it to the existing infrastructure of e-health care systems. Subsequently the framework will be applied to envisaged infrastructures. The framework will also be developed for Internet-of-Things (IoT) environments. The last part of the research will extend the models, implement them and provide to industry (and e-Health care systems) a sustainable framework.