COMPREHENSIVE CONFLICT RESOLUTION IN SECURE AUTHORIZATION IN HEALTH ORGANIZATIONS
Hiva Samadian, Amirhossein Chinaei.
University of Puerto Rico, MayagÃ¼ez Campus, MyagÃ¼ez, PR.
Organizational assets and resources are administered to be accessed by some members and not to be accessed by others. The high sensitivity of assets (e.g., patientsâ€™ health records and sensitive medical devices) in some organizations like health organizations causes the managers to pay special attention to deploying reliable authorization models. A reliable authorization model must be able to resolve the conflicts of different authorization policies. However, resolving authorization conflicts is quite a challenge in such models because of the existence of sophisticated inheritance hierarchies that might cause an exponential number of conflicts (in terms of the number of subjects in the organizational hierarchy) and the diversity of ways to combine resolution policies. The need to have an approach that can handle as many resolution policies as possible and work in an appropriate time arises here. In this paper, a dynamic programming algorithm for resolving conflicts with all existing policies has been implemented and tested in the context of a health organization. The result of these experiments shows the algorithm works in a reasonable time in practical instances.