Publications-Theses

Article View/Open

Publication Export

Google ScholarTM

NCCU Library

Citation Infomation

Related Publications in TAIR

題名 可動態調整的電子病歷存取控管機制
A Dynamically Configurable Access Control Mechanism for Electronic Medical Records
作者 許原瑞
Hsu,Yuan Jui
貢獻者 陳恭
Chen, Kung
許原瑞
Hsu,Yuan Jui
關鍵詞 剖面導向
可動態調整
Aspect Oriented Programming
Dynamically Configurable
日期 2006
上傳時間 11-Sep-2009 16:03:22 (UTC+8)
摘要 在醫療系統中,存取控管是電子病歷安全防護的核心。針對這樣的議題,我們實驗室已經有設計出一種安全的架構,利用最新的程式開發技術,剖面導向程式設計為基礎,設計出一種宣告式電子病歷安全控管的方法。這樣的設計讓安全管理者可以有系統化的控制整個系統的安全存取。但是這樣的架構下,安全規則的變動必須經過好幾道複雜的手續,造成使用上彈性不足。
     
     本研究針對這樣的架構提出幾種改進的方式,使安全規則更動更具有彈性。主要分為兩方面,第一,針對安全規則的變數,設計可以彈性更動的方式,不需要為了更動變數而重複整個安全控管規則產生流程。第二,利用動態載入的功能,提出可以由外部Java程式寫好安全控管規則,在執行時候將該規則載入來判斷,如此對於複雜的安全控管規則也有修改的彈性。希望藉由這樣彈性的設計使我們設計的安全控管架構更能符合實際使用的需求。
Maintaining proper access control to Electronic Medical Records (EMR) is essential to protecting patients’ privacy. However, the fine-grained and dynamic nature of access control rules for EMR has imposed great challenges on the healthcare information system developers. This thesis presents a dynamically configurable access control mechanism for Web-based EMR systems.It is an enhancement of a previous work in which static aspects are employed to enforce fine-grained access control for EMR. Specifically, we provide two additional kinds of dynamic adjustment mechanism to enhance the static access control aspects, namely dynamic parameters and dynamic constraints. If the scope of dynamic changes is small, dynamic parameters can realize the required changes. Otherwise, dynamic constraints can be used to support replacement of the access control enforcing code while allowing the EMR application running as usual. Consequently, system administrators have a fine range of choices with different trade-offs between flexibility and performance, namely fully static aspects, parameterized aspects using dynamic parameters and fully dynamic aspects using dynamic constraints. We have built a Web-based EMR prototype implementation using AspectJ to demonstrate our approach.
參考文獻 [1] TMT(Taiwan Electronic Medical Record Template)
http://emr.doh.gov.tw/introduce/introduce.html
[2] H. Ossher And P. Tarr. 2001 Using multidimension separation of concerns to shape evolving software,Communications of the ACM, vol. 44, no. 10 43-50.
[3] LUO Guang-chun,WANG Yan-hua,LU Xian-liang,et al.2003 A novel Web application frame developed by MVC[J].ACM SIGSOFT Software Engineering Notes,28(2): 1-3.
[4] Apache Struts
http://struts.apache.org/
[5] Pascal Fradet,Mario Sudholt. AOP: towards a generic frameworkusing program transformation and analysis
[6] Wim Vanderperren, Davy Suvee, Bart Verheecke, Maria Agustina Cibran, Viviane Jonckers .2005. Adaptive Programming in JAsCo. Communications of the ACM
[7] Gregor Kiczales1, Erik Hilsdale2, Jim Hugunin2, Mik Kersten2,Jeffrey Palm2 and William G. Griswold3 .2004.An Overview of AspectJ
[8] Apache Velocity Project
http://velocity.apache.org/
[9] Sheng Liang,Gilad Bracha.1998.Dynamic class loading in the Java virtual machine
[10] Tai-Wei Lin.2002.Java Architecture for XML Binding
http://java.sun.com/developer/technicalArticles/WebServices/jaxb/
[11] K. Chen, and C.H. Huang. A Practical Aspect Framework for Enforcing Fine-GrainedAccess Control in Web Application. First Information Security Practice and Experience Conference.
[12] Yuan-Chun Chang. Using Aspects to Implement Adaptable Access Control for Electronic Medical Records
描述 碩士
國立政治大學
資訊科學學系
93971010
95
資料來源 http://thesis.lib.nccu.edu.tw/record/#G0093971010
資料類型 thesis
dc.contributor.advisor 陳恭zh_TW
dc.contributor.advisor Chen, Kungen_US
dc.contributor.author (Authors) 許原瑞zh_TW
dc.contributor.author (Authors) Hsu,Yuan Juien_US
dc.creator (作者) 許原瑞zh_TW
dc.creator (作者) Hsu,Yuan Juien_US
dc.date (日期) 2006en_US
dc.date.accessioned 11-Sep-2009 16:03:22 (UTC+8)-
dc.date.available 11-Sep-2009 16:03:22 (UTC+8)-
dc.date.issued (上傳時間) 11-Sep-2009 16:03:22 (UTC+8)-
dc.identifier (Other Identifiers) G0093971010en_US
dc.identifier.uri (URI) https://nccur.lib.nccu.edu.tw/handle/140.119/29682-
dc.description (描述) 碩士zh_TW
dc.description (描述) 國立政治大學zh_TW
dc.description (描述) 資訊科學學系zh_TW
dc.description (描述) 93971010zh_TW
dc.description (描述) 95zh_TW
dc.description.abstract (摘要) 在醫療系統中,存取控管是電子病歷安全防護的核心。針對這樣的議題,我們實驗室已經有設計出一種安全的架構,利用最新的程式開發技術,剖面導向程式設計為基礎,設計出一種宣告式電子病歷安全控管的方法。這樣的設計讓安全管理者可以有系統化的控制整個系統的安全存取。但是這樣的架構下,安全規則的變動必須經過好幾道複雜的手續,造成使用上彈性不足。
     
     本研究針對這樣的架構提出幾種改進的方式,使安全規則更動更具有彈性。主要分為兩方面,第一,針對安全規則的變數,設計可以彈性更動的方式,不需要為了更動變數而重複整個安全控管規則產生流程。第二,利用動態載入的功能,提出可以由外部Java程式寫好安全控管規則,在執行時候將該規則載入來判斷,如此對於複雜的安全控管規則也有修改的彈性。希望藉由這樣彈性的設計使我們設計的安全控管架構更能符合實際使用的需求。
zh_TW
dc.description.abstract (摘要) Maintaining proper access control to Electronic Medical Records (EMR) is essential to protecting patients’ privacy. However, the fine-grained and dynamic nature of access control rules for EMR has imposed great challenges on the healthcare information system developers. This thesis presents a dynamically configurable access control mechanism for Web-based EMR systems.It is an enhancement of a previous work in which static aspects are employed to enforce fine-grained access control for EMR. Specifically, we provide two additional kinds of dynamic adjustment mechanism to enhance the static access control aspects, namely dynamic parameters and dynamic constraints. If the scope of dynamic changes is small, dynamic parameters can realize the required changes. Otherwise, dynamic constraints can be used to support replacement of the access control enforcing code while allowing the EMR application running as usual. Consequently, system administrators have a fine range of choices with different trade-offs between flexibility and performance, namely fully static aspects, parameterized aspects using dynamic parameters and fully dynamic aspects using dynamic constraints. We have built a Web-based EMR prototype implementation using AspectJ to demonstrate our approach.en_US
dc.description.tableofcontents 第一章、導論
     第一節、研究動機
     第二節、研究目的
     第三節、研究目標
     第四節、本研究之貢獻
     第五節、本研究之限制
     第六節、本論文之章節架構
     第二章、相關研究與技術背景
     第一節、AOP(ASPECT-ORIENTED PROGRAMMING)與ASPECTJ
     第二節、樣板引擎(VELOCITY)
     第三節、動態載入(DYNAMIC LOADING)
     第四節、JAVA ARCHITECTURE FOR XML BINDING (JAXB)
     第五節、相關研究
     第三章、系統架構
     第一節、可調式安全控管規則系統架構說明
     第二節、安全規則設定
     第三節、動態控制安全控管變數
     第四節、產生ASPECTJ CODE改進
     第四章、系統分析與實做
     第一節、動態變數參照(DYNAMIC VARIABLE BINDING)
     第二節、動態載入(DYNAMIC LOADING)
     第三節、動態機制對於效能造成的影響
     第五章、結論
     參考文獻
zh_TW
dc.language.iso en_US-
dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0093971010en_US
dc.subject (關鍵詞) 剖面導向zh_TW
dc.subject (關鍵詞) 可動態調整zh_TW
dc.subject (關鍵詞) Aspect Oriented Programmingen_US
dc.subject (關鍵詞) Dynamically Configurableen_US
dc.title (題名) 可動態調整的電子病歷存取控管機制zh_TW
dc.title (題名) A Dynamically Configurable Access Control Mechanism for Electronic Medical Recordsen_US
dc.type (資料類型) thesisen
dc.relation.reference (參考文獻) [1] TMT(Taiwan Electronic Medical Record Template)zh_TW
dc.relation.reference (參考文獻) http://emr.doh.gov.tw/introduce/introduce.htmlzh_TW
dc.relation.reference (參考文獻) [2] H. Ossher And P. Tarr. 2001 Using multidimension separation of concerns to shape evolving software,Communications of the ACM, vol. 44, no. 10 43-50.zh_TW
dc.relation.reference (參考文獻) [3] LUO Guang-chun,WANG Yan-hua,LU Xian-liang,et al.2003 A novel Web application frame developed by MVC[J].ACM SIGSOFT Software Engineering Notes,28(2): 1-3.zh_TW
dc.relation.reference (參考文獻) [4] Apache Strutszh_TW
dc.relation.reference (參考文獻) http://struts.apache.org/zh_TW
dc.relation.reference (參考文獻) [5] Pascal Fradet,Mario Sudholt. AOP: towards a generic frameworkusing program transformation and analysiszh_TW
dc.relation.reference (參考文獻) [6] Wim Vanderperren, Davy Suvee, Bart Verheecke, Maria Agustina Cibran, Viviane Jonckers .2005. Adaptive Programming in JAsCo. Communications of the ACMzh_TW
dc.relation.reference (參考文獻) [7] Gregor Kiczales1, Erik Hilsdale2, Jim Hugunin2, Mik Kersten2,Jeffrey Palm2 and William G. Griswold3 .2004.An Overview of AspectJzh_TW
dc.relation.reference (參考文獻) [8] Apache Velocity Projectzh_TW
dc.relation.reference (參考文獻) http://velocity.apache.org/zh_TW
dc.relation.reference (參考文獻) [9] Sheng Liang,Gilad Bracha.1998.Dynamic class loading in the Java virtual machinezh_TW
dc.relation.reference (參考文獻) [10] Tai-Wei Lin.2002.Java Architecture for XML Bindingzh_TW
dc.relation.reference (參考文獻) http://java.sun.com/developer/technicalArticles/WebServices/jaxb/zh_TW
dc.relation.reference (參考文獻) [11] K. Chen, and C.H. Huang. A Practical Aspect Framework for Enforcing Fine-GrainedAccess Control in Web Application. First Information Security Practice and Experience Conference.zh_TW
dc.relation.reference (參考文獻) [12] Yuan-Chun Chang. Using Aspects to Implement Adaptable Access Control for Electronic Medical Recordszh_TW