Towards a Zero Trust Based Hybrid Access Control Model for Medical Data

Colin Wilcox; Kristopher Welsh; Soufiene Djahel; Nicholas Costen; Vasileios Giagos

doi:10.1109/ICT-DM62768.2024.10798961

Towards a Zero Trust Based Hybrid Access Control Model for Medical Data

Colin Wilcox, Kristopher Welsh, Soufiene Djahel, Nicholas Costen, Vasileios Giagos

Centre for Future Transport and Cities

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding › peer-review

12 Downloads (Pure)

Abstract

This paper addresses some of the limitations of current hybrid access control models, in particular the issues surrounding managed rights inheritance, a model’s consistency and its ability to reflect changes in environment without losing integrity or flexibility. Our approach describes a layered model design which allows more or less detail to be added, in real-time, to reflect changes in the real world. The model provides time-based inherited access control following the principles of zero trust to minimise risk whilst preserving its integrity and flexibility. This paper concludes by providing a comparison of how our approach differs from traditional techniques and the areas in which improvements can be seen.

Original language	English
Title of host publication	2024 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM)
Publisher	IEEE
Pages	1-7
Number of pages	7
ISBN (Electronic)	979-8-3503-6792-8
ISBN (Print)	979-8-3503-6793-5
DOIs	https://doi.org/10.1109/ICT-DM62768.2024.10798961
Publication status	E-pub ahead of print - 18 Dec 2024
Event	2024 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM 2024): ICT-DM 2024 - Setif 1 University - Ferhat ABBAS, Setif, Algeria Duration: 19 Nov 2024 → 21 Nov 2024 https://ict-dm2024.univ-setif.dz/

Publication series

Name
Publisher	IEEE
ISSN (Print)	2469-8822
ISSN (Electronic)	2643-6868

Conference

Conference	2024 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM 2024)
Country/Territory	Algeria
City	Setif
Period	19/11/24 → 21/11/24
Internet address	https://ict-dm2024.univ-setif.dz/

Bibliographical note

© 2024 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Copyright © and Moral Rights are retained by the author(s) and/ or other copyright owners. A copy can be downloaded for personal non-commercial research or study, without prior permission or charge. This item cannot be reproduced or quoted extensively from without first obtaining permission in writing from the copyright holder(s). The content must not be changed in any way or sold commercially in any format or medium without the formal permission of the copyright holders.

This document is the author’s post-print version, incorporating any revisions agreed during the peer-review process. Some differences between the published version and this version may remain and you are advised to consult the published version if you wish to cite from it.

Keywords

Access control
Disaster management
Data models
Real-time systems
Zero Trust
Information and communication technology
Iterative methods

Access to Document

10.1109/ICT-DM62768.2024.10798961

Djahel2024AAMAccepted author manuscript, 592 KB

https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10798961

Cite this

Towards a Zero Trust Based Hybrid Access Control Model for Medical Data. / Wilcox, Colin; Welsh, Kristopher; Djahel, Soufiene et al.
2024 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM). IEEE, 2024. p. 1-7 10798961.

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding › peer-review

Wilcox, C, Welsh, K, Djahel, S, Costen, N & Giagos, V 2024, Towards a Zero Trust Based Hybrid Access Control Model for Medical Data. in 2024 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM)., 10798961, IEEE, pp. 1-7, 2024 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM 2024), Setif, Algeria, 19/11/24. https://doi.org/10.1109/ICT-DM62768.2024.10798961

@inproceedings{cf93cb8d0204486eafd864b6962b9d20,

title = "Towards a Zero Trust Based Hybrid Access Control Model for Medical Data",

abstract = "This paper addresses some of the limitations of current hybrid access control models, in particular the issues surrounding managed rights inheritance, a model{\textquoteright}s consistency and its ability to reflect changes in environment without losing integrity or flexibility. Our approach describes a layered model design which allows more or less detail to be added, in real-time, to reflect changes in the real world. The model provides time-based inherited access control following the principles of zero trust to minimise risk whilst preserving its integrity and flexibility. This paper concludes by providing a comparison of how our approach differs from traditional techniques and the areas in which improvements can be seen.",

keywords = "Access control, Disaster management, Data models, Real-time systems, Zero Trust, Information and communication technology, Iterative methods",

author = "Colin Wilcox and Kristopher Welsh and Soufiene Djahel and Nicholas Costen and Vasileios Giagos",

note = "{\textcopyright} 2024 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. Copyright {\textcopyright} and Moral Rights are retained by the author(s) and/ or other copyright owners. A copy can be downloaded for personal non-commercial research or study, without prior permission or charge. This item cannot be reproduced or quoted extensively from without first obtaining permission in writing from the copyright holder(s). The content must not be changed in any way or sold commercially in any format or medium without the formal permission of the copyright holders. This document is the author{\textquoteright}s post-print version, incorporating any revisions agreed during the peer-review process. Some differences between the published version and this version may remain and you are advised to consult the published version if you wish to cite from it. ; 2024 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM 2024) : ICT-DM 2024 ; Conference date: 19-11-2024 Through 21-11-2024",

year = "2024",

month = dec,

day = "18",

doi = "10.1109/ICT-DM62768.2024.10798961",

language = "English",

isbn = "979-8-3503-6793-5",

publisher = "IEEE",

pages = "1--7",

booktitle = "2024 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM)",

address = "United States",

url = "https://ict-dm2024.univ-setif.dz/",

}

TY - GEN

T1 - Towards a Zero Trust Based Hybrid Access Control Model for Medical Data

AU - Wilcox, Colin

AU - Welsh, Kristopher

AU - Djahel, Soufiene

AU - Costen, Nicholas

AU - Giagos, Vasileios

N1 - © 2024 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. Copyright © and Moral Rights are retained by the author(s) and/ or other copyright owners. A copy can be downloaded for personal non-commercial research or study, without prior permission or charge. This item cannot be reproduced or quoted extensively from without first obtaining permission in writing from the copyright holder(s). The content must not be changed in any way or sold commercially in any format or medium without the formal permission of the copyright holders. This document is the author’s post-print version, incorporating any revisions agreed during the peer-review process. Some differences between the published version and this version may remain and you are advised to consult the published version if you wish to cite from it.

PY - 2024/12/18

Y1 - 2024/12/18

N2 - This paper addresses some of the limitations of current hybrid access control models, in particular the issues surrounding managed rights inheritance, a model’s consistency and its ability to reflect changes in environment without losing integrity or flexibility. Our approach describes a layered model design which allows more or less detail to be added, in real-time, to reflect changes in the real world. The model provides time-based inherited access control following the principles of zero trust to minimise risk whilst preserving its integrity and flexibility. This paper concludes by providing a comparison of how our approach differs from traditional techniques and the areas in which improvements can be seen.

AB - This paper addresses some of the limitations of current hybrid access control models, in particular the issues surrounding managed rights inheritance, a model’s consistency and its ability to reflect changes in environment without losing integrity or flexibility. Our approach describes a layered model design which allows more or less detail to be added, in real-time, to reflect changes in the real world. The model provides time-based inherited access control following the principles of zero trust to minimise risk whilst preserving its integrity and flexibility. This paper concludes by providing a comparison of how our approach differs from traditional techniques and the areas in which improvements can be seen.

KW - Access control

KW - Disaster management

KW - Data models

KW - Real-time systems

KW - Zero Trust

KW - Information and communication technology

KW - Iterative methods

UR - https://www.scopus.com/pages/publications/85216584574

U2 - 10.1109/ICT-DM62768.2024.10798961

DO - 10.1109/ICT-DM62768.2024.10798961

M3 - Conference proceeding

SN - 979-8-3503-6793-5

SP - 1

EP - 7

BT - 2024 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM)

PB - IEEE

T2 - 2024 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM 2024)

Y2 - 19 November 2024 through 21 November 2024

ER -

Towards a Zero Trust Based Hybrid Access Control Model for Medical Data

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

A Novel Framework for Secure and Privacy-Preserving Access to Healthcare Resources

Cite this

Towards a Zero Trust Based Hybrid Access Control Model for Medical Data

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Projects

A Novel Framework for Secure and Privacy-Preserving Access to Healthcare Resources

Cite this