Access Control Concepts and Capabilities
When determining the appropriate access controls, it is important to identify the critical
systems ranging from high to low. Once these systems have been identified the appropriate
controls can be set in place. In a hospital environment, PII is used often from check-in and
checkout systems, electronic records and other various medical systems (Hamidovic, 2012).
Security models are implemented to define which users are allowed or disallowed access
to levels of information (Incapsula, 2014). Some examples of security models that will be
discussed are the Biba Integrity Model, Bell-LaPadula model, Lipner model, and the Brewer-
Nash, or Chinese wall, model.
About the MILS architecture, security models provide the
assurances for the integrity and confidentiality of data.
The Biba Integrity Model focuses on data integrity.
Integrity levels are assigned to
objects (data) and only users that are assigned permissions for the same or higher levels of
integrity, or accuracy, can read this data.
Data modification in the Biba Model is only allowed by
users with the same permission level as the data; no modification of higher-level data is allowed.
The Bell-LaPadula Model ensures data confidentiality.
The Bell-LaPadula rule can be
summarized as a way through which a user can modify the information at the same or higher
levels, but cannot modify information at a lower level (Tipton & Hernandez, 2013, p.934).
DATABASE SECURITY ASSESSMENT
11
Tipton & Hernandez (2013, p. 934) state that the limitation with this model is that it cannot limit
or allow access based on need-to-know and does not cover any concerns of integrity or
availability.
The Brewer-Nash (Chinese wall) Model is concerned with data that can be associated
with conflict of interest (Tipton & Hernandez, 2013).
A user cannot access data about more than
one client in any given competitive field, which limits a user’s ability to share competing
information with vendors in the same field and also means that the access rules in this model
change depending on the type of data a user accesses first.
Accurate implementation of the security model for protecting confidentiality and
integrity of sensitive data involves ensuring that risk analysis has been completed and potential
risks and vulnerabilities have appropriate mitigations in place and that the safeguards in place for
e-PHI are HIPAA compliant.
Insecure handling incidents must be addressed as soon as the
incident is discovered and a report to the hospital Chief Information Officer (CIO) immediately
so the full impact can be investigated and reported as per HIPAA Breach Notification Rule.
Test Plan Requirements
To ensure the database works according to specifications, it is recommended that testing
is conducted before implementation of the product. It is important to prevent information leakage
and improper error handling within the database.
If an error takes place within the database,
error messages should not be displayed (Incapsula, 2014).
The intent of not displaying the error
message is to limit the amount of information about the database for public viewing; attacks
could be based off messages associated with errors.
This can be avoided by conducting a code
review for improper handling and limit error handling. This task will be time-consuming, but
well worth it to protect the database containing medical health records.
DATABASE SECURITY ASSESSMENT
12
The database will, also, be tested for database dumps or other associated errors.
You've reached the end of your free preview.
Want to read all 14 pages?
- Winter '15
