存取控管是電子病歷 (Electronic Medical Records, EMR)安全防護的核心課題。為了因應醫病關係的變動及確保病患隱私,EMR的存取控管必須滿足動態和細緻化這兩大需求。但這樣的需求並不容易實現,因為負責存取控管的程式碼具有橫跨 (cross-cutting)的特性,必須嵌入到應用系統的各個模組,很容易與應用邏輯發生夾雜不清的現象。礙於現有的程式機制和開發工具對於這樣的安全需求無法提供有效的支援,因此本研究將以剖面導向程式設計 (Aspect Oriented Programming,AOP)技術為基礎,設計一個宣告式EMR安全控管方法,。
在我們的方法中,安全控管邏輯將從EMR系統的核心抽離,並且匯集到單一的剖面 (Aspect)模組,使原有的系統更加模組化 (modularity)。此外,利用我們開發的存取控管程式碼產生器,安全管理者可以藉由宣告組態檔的方式產生EMR的存取控管程式碼。如此一來,安全管理者不僅可以容易地掌握全局、減少分散管理可能造成的疏失,更可以大幅減少維護EMR存取安全所需的時間及成本。 / This paper presents an aspect-oriented approach to providing adaptable access control framework for Electronic Medical Records (EMR) on Web-based platform. In our scheme, access control logic is decoupled from the core of application and collected into separate aspect modules which are automatically synthesized from access control rules in XML format and properly designed aspect templates. The generated aspect modules will then be compiled and integrated into the underlying application using standard aspect tools. At runtime, these aspect codes will be executed to enforce the required access control without any runtime interpretation overhead. Future changes of access control rules can also be effectively realized through these mechanisms without actual coding. This will not only improve the system’s modularity but also make the task of enforcing comprehensive access control more adaptable.
Identifer | oai:union.ndltd.org:CHENGCHI/G0093753005 |
Creators | 張淵鈞, Chang, Yuan-chun |
Publisher | 國立政治大學 |
Source Sets | National Chengchi University Libraries |
Language | 中文 |
Detected Language | English |
Type | text |
Rights | Copyright © nccu library on behalf of the copyright holders |
Page generated in 0.0018 seconds