多终端用户医疗信息共享强制访问控制系统
Mandatory Access Control System for Medical Information Sharing among Multiple End
刘洪高1
作者信息
- 1. 临沂市第三人民医院信息科,山东临沂 276000
- 折叠
摘要
为降低多终端用户对医疗共享信息的访问风险,从数据库和软件功能两个方面,优化设计医疗信息共享强制访问控制系统.构建医疗共享信息、用户等数据库表,根据逻辑关系连接数据库表,完成系统数据库的设计.模拟医疗信息共享过程,确定医疗共享信息敏感级别.分配多终端用户角色与权限,实时检测访问用户异常访问行为,结合授权与行为检测结果,实现系统的医疗信息共享强制访问控制功能.测试结果表明,设计系统的访问控制错误率降低约24.4%,在设计系统控制下,医疗共享信息的访问风险得到明显降低.
Abstract
In order to reduce the access risk of medical information shared by multiple end users,the compulsory access control system for medical information sharing is optimized and designed from two aspects of database and software functions.The database tables of medical shared information and users are built,connecting the database tables according to the logical relationship,and completing the design of the system database.The process of medical information sharing is simulated and the sensitivity level of medical information sharing is determined.Multi-terminal user roles and permissions are allocated,abnormal access behaviors of access users are detected in real time,and authorization and behavior detection results are combined to realize the mandatory access control function of medical information sharing of the system.The test results show that the access control error rate of the design system is reduced by about 24.4%,and the access risk of medical shared information is significantly reduced under the control of the design system.
关键词
多终端系统/用户访问/医疗信息/强制访问/信息共享Key words
multi-terminal system/user access/medical information/forced access/information sharing引用本文复制引用
基金项目
山东省自然科学基金资助项目(ZR2022MF294)
出版年
2024
国家科技期刊平台
NSTL
万方数据