| dc.contributor.advisor | 陳恭 | zh_TW |
| dc.contributor.advisor | Chen, Kung | en_US |
| dc.contributor.author (Authors) | 許原瑞 | zh_TW |
| dc.contributor.author (Authors) | Hsu,Yuan Jui | en_US |
| dc.creator (作者) | 許原瑞 | zh_TW |
| dc.creator (作者) | Hsu,Yuan Jui | en_US |
| dc.date (日期) | 2006 | en_US |
| dc.date.accessioned | 11-Sep-2009 16:03:22 (UTC+8) | - |
| dc.date.available | 11-Sep-2009 16:03:22 (UTC+8) | - |
| dc.date.issued (上傳時間) | 11-Sep-2009 16:03:22 (UTC+8) | - |
| dc.identifier (Other Identifiers) | G0093971010 | en_US |
| dc.identifier.uri (URI) | https://nccur.lib.nccu.edu.tw/handle/140.119/29682 | - |
| dc.description (描述) | 碩士 | zh_TW |
| dc.description (描述) | 國立政治大學 | zh_TW |
| dc.description (描述) | 資訊科學學系 | zh_TW |
| dc.description (描述) | 93971010 | zh_TW |
| dc.description (描述) | 95 | zh_TW |
| dc.description.abstract (摘要) | 在醫療系統中,存取控管是電子病歷安全防護的核心。針對這樣的議題,我們實驗室已經有設計出一種安全的架構,利用最新的程式開發技術,剖面導向程式設計為基礎,設計出一種宣告式電子病歷安全控管的方法。這樣的設計讓安全管理者可以有系統化的控制整個系統的安全存取。但是這樣的架構下,安全規則的變動必須經過好幾道複雜的手續,造成使用上彈性不足。 本研究針對這樣的架構提出幾種改進的方式,使安全規則更動更具有彈性。主要分為兩方面,第一,針對安全規則的變數,設計可以彈性更動的方式,不需要為了更動變數而重複整個安全控管規則產生流程。第二,利用動態載入的功能,提出可以由外部Java程式寫好安全控管規則,在執行時候將該規則載入來判斷,如此對於複雜的安全控管規則也有修改的彈性。希望藉由這樣彈性的設計使我們設計的安全控管架構更能符合實際使用的需求。 | zh_TW |
| dc.description.abstract (摘要) | Maintaining proper access control to Electronic Medical Records (EMR) is essential to protecting patients’ privacy. However, the fine-grained and dynamic nature of access control rules for EMR has imposed great challenges on the healthcare information system developers. This thesis presents a dynamically configurable access control mechanism for Web-based EMR systems.It is an enhancement of a previous work in which static aspects are employed to enforce fine-grained access control for EMR. Specifically, we provide two additional kinds of dynamic adjustment mechanism to enhance the static access control aspects, namely dynamic parameters and dynamic constraints. If the scope of dynamic changes is small, dynamic parameters can realize the required changes. Otherwise, dynamic constraints can be used to support replacement of the access control enforcing code while allowing the EMR application running as usual. Consequently, system administrators have a fine range of choices with different trade-offs between flexibility and performance, namely fully static aspects, parameterized aspects using dynamic parameters and fully dynamic aspects using dynamic constraints. We have built a Web-based EMR prototype implementation using AspectJ to demonstrate our approach. | en_US |
| dc.description.tableofcontents | 第一章、導論 第一節、研究動機 第二節、研究目的 第三節、研究目標 第四節、本研究之貢獻 第五節、本研究之限制 第六節、本論文之章節架構 第二章、相關研究與技術背景 第一節、AOP(ASPECT-ORIENTED PROGRAMMING)與ASPECTJ 第二節、樣板引擎(VELOCITY) 第三節、動態載入(DYNAMIC LOADING) 第四節、JAVA ARCHITECTURE FOR XML BINDING (JAXB) 第五節、相關研究 第三章、系統架構 第一節、可調式安全控管規則系統架構說明 第二節、安全規則設定 第三節、動態控制安全控管變數 第四節、產生ASPECTJ CODE改進 第四章、系統分析與實做 第一節、動態變數參照(DYNAMIC VARIABLE BINDING) 第二節、動態載入(DYNAMIC LOADING) 第三節、動態機制對於效能造成的影響 第五章、結論 參考文獻 | zh_TW |
| dc.language.iso | en_US | - |
| dc.source.uri (資料來源) | http://thesis.lib.nccu.edu.tw/record/#G0093971010 | en_US |
| dc.subject (關鍵詞) | 剖面導向 | zh_TW |
| dc.subject (關鍵詞) | 可動態調整 | zh_TW |
| dc.subject (關鍵詞) | Aspect Oriented Programming | en_US |
| dc.subject (關鍵詞) | Dynamically Configurable | en_US |
| dc.title (題名) | 可動態調整的電子病歷存取控管機制 | zh_TW |
| dc.title (題名) | A Dynamically Configurable Access Control Mechanism for Electronic Medical Records | en_US |
| dc.type (資料類型) | thesis | en |
| dc.relation.reference (參考文獻) | [1] TMT(Taiwan Electronic Medical Record Template) | zh_TW |
| dc.relation.reference (參考文獻) | http://emr.doh.gov.tw/introduce/introduce.html | zh_TW |
| dc.relation.reference (參考文獻) | [2] H. Ossher And P. Tarr. 2001 Using multidimension separation of concerns to shape evolving software,Communications of the ACM, vol. 44, no. 10 43-50. | zh_TW |
| dc.relation.reference (參考文獻) | [3] LUO Guang-chun,WANG Yan-hua,LU Xian-liang,et al.2003 A novel Web application frame developed by MVC[J].ACM SIGSOFT Software Engineering Notes,28(2): 1-3. | zh_TW |
| dc.relation.reference (參考文獻) | [4] Apache Struts | zh_TW |
| dc.relation.reference (參考文獻) | http://struts.apache.org/ | zh_TW |
| dc.relation.reference (參考文獻) | [5] Pascal Fradet,Mario Sudholt. AOP: towards a generic frameworkusing program transformation and analysis | zh_TW |
| dc.relation.reference (參考文獻) | [6] Wim Vanderperren, Davy Suvee, Bart Verheecke, Maria Agustina Cibran, Viviane Jonckers .2005. Adaptive Programming in JAsCo. Communications of the ACM | zh_TW |
| dc.relation.reference (參考文獻) | [7] Gregor Kiczales1, Erik Hilsdale2, Jim Hugunin2, Mik Kersten2,Jeffrey Palm2 and William G. Griswold3 .2004.An Overview of AspectJ | zh_TW |
| dc.relation.reference (參考文獻) | [8] Apache Velocity Project | zh_TW |
| dc.relation.reference (參考文獻) | http://velocity.apache.org/ | zh_TW |
| dc.relation.reference (參考文獻) | [9] Sheng Liang,Gilad Bracha.1998.Dynamic class loading in the Java virtual machine | zh_TW |
| dc.relation.reference (參考文獻) | [10] Tai-Wei Lin.2002.Java Architecture for XML Binding | zh_TW |
| dc.relation.reference (參考文獻) | http://java.sun.com/developer/technicalArticles/WebServices/jaxb/ | zh_TW |
| dc.relation.reference (參考文獻) | [11] K. Chen, and C.H. Huang. A Practical Aspect Framework for Enforcing Fine-GrainedAccess Control in Web Application. First Information Security Practice and Experience Conference. | zh_TW |
| dc.relation.reference (參考文獻) | [12] Yuan-Chun Chang. Using Aspects to Implement Adaptable Access Control for Electronic Medical Records | zh_TW |
