國
立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
5.2 未來發展
我們認為下列幾點是在未來的研究中可以繼續加強的地方:
1. 在設定病歷中的哪些欄位是隱私資料的時候,目前還沒有很友善的介面可以使 用,理想的情況應該是要提供網頁管理介面,就像設定行動目的和病人隱私偏 好的功能,讓系統管理人員能夠直接在系統中選取哪些欄位是隱私資料,系統 就會自動把這些欄位標記起來,在設定病人偏好的時候就可以使用。
2. 前面第二章有提到 EPAL 規則中可以包含責任 (Obligation) 的部份,這在本系 統框架中並未支援,未來希望能加入管理隱私責任的機制,例如建立定期排程 檢查的功能,當系統發現符合條件的隱私責任,就會自動執行。
3. 在目前實作的系統框架中,如果要改變隱私剖面中的存取控制規則,就必須修 改相關的程式碼然後重新編譯,再重開伺服器,修改才會生效;但是在某些很 重要或是流量很大的系統,可能沒辦法容忍重開伺服器造成一段時間停止服務 的情況,這時就必須要有動態載入修改的機制。關於這方面的改進或許可以參 考 JRebel (http://www.zeroturnaround.com/jrebel/ ) 提供的功能。
‧
http://emr.doh.gov.tw/introduction.aspx[2] U.S. Department of Health and Human Services (2008), Nationwide Privacy and Security Framework For Electronic Exchange of Individually Identifiable Health Information,
(Internet), Office of the National Coordinator for Health Information Technology, U.S.
Department of Health and Human Services, Available from
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10731_848088_0_0_18/Nationwi dePS_Framework-5.pdf (Accessed 28 June, 2009)
[3] APEC (2005), APEC Privacy Framework, (Internet), Asia-Pacific Economic Corporation, Available from
http://www.apec.org/apec/news___media/fact_sheets/apec_privacy_framework.html (Accessed 28 June, 2009)
[4] 台大醫院當機 8000 病患受累 (22 May, 2007), Retrieved January 15, 2011, from
http://www.libertytimes.com.tw/2007/new/may/22/today-life3.htm
[5] eXtensible Access Control Markup Language (XACML) Version 1.1, Retrieved January 15, 2011, from
http://www.oasis-open.org/committees/xacml/repository/cs-xacml-specification-1.1.pdf
‧
[6] Enterprise Privacy Authorization Language (EPAL), Retrieved January 15, 2011, from http://www.zurich.ibm.com/security/enterprise-privacy/epal/Specification/index.html
[7] XACML on OASIS, Retrieved January 15, 2011, from
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
[8] A Brief Introduction to XACML, Retrieved January 15, 2011, from
http://www.oasis-open.org/committees/download.php/2713/%20Brief_Introduction_to_XAC ML.html
[9] XACML Terminology, Retrieved January 15, 2011, from http://en.wikipedia.org/wiki/XACML#Terminology
[10] EPAL W3C submission, Retrieved January 15, 2011, from http://www.w3.org/Submission/2003/SUBM-EPAL-20031110/
[11] Walter Hürsch and Cristina Videira Lopes, Separation of Concerns, Technical Report, no.
NU-CCS-95-03, 1995.
[12] Kiczales, G. et al., (1997), Aspect-Oriented Programming, European Conference on Object-Oriented Programming, Jyväskylä, Finland, June 1997, Lecture Notes in Computer
Science 1241; 220-242.
[13] 陳恭, 剖面導向程式設計(AOP/AOSD)簡介, 2007
[14] Kiczales, G. et al., (2001), Getting Started with AspectJ, Communications of ACM, 44(10), 2001, 59-65.
‧
[15] Hilsdale, E. and Hugunin, J. (2004), Advice Weaving in AspectJ, Proc. of the 3rd International Conference on Aspect-Oriented Software Development, Lancaster UK, 2004:
26-35.
[16] Plain Old Java Object (POJO), Retrieved January 15, 2011, from http://en.wikipedia.org/wiki/Plain_Old_Java_Object
[17] Object-relational mapping, Retrieved January 15, 2011, from http://en.wikipedia.org/wiki/Object-relational_mapping
[18] Model–View–Controller, Retrieved January 15, 2011, from
http://en.wikipedia.org/wiki/Model%E2%80%93View%E2%80%93Controller
[19] Relational Database, Retrieved January 15, 2011, from http://en.wikipedia.org/wiki/Relational_database
[20] Object-relational impedance mismatch, Retrieved January 15, 2011, from
http://en.wikipedia.org/wiki/Object-relational_impedance_mismatch
[21] Connection Pool, Retrieved January 15, 2011, from http://en.wikipedia.org/wiki/Connection_pool
[22] Shan, Tony (2006). "Taxonomy of Java Web Application Frameworks". Proceedings of 2006 IEEE International Conference on e-Business Engineering (ICEBE 2006),
http://portal.acm.org/citation.cfm?id=1190953 (Accessed 10 Oct, 2010)
[23] Stateless, Retrieved January 15, 2011, from http://en.wikipedia.org/wiki/Stateless_protocol
‧
[24] Blobel B. (2004), Authorisation and access control for electronic health record systems.
Int. J. of Medical Informatics, 73(3), March 2004, 251-7.
[25] Ferreira A, et al. (2005), Modelling access control for a complex healthcare organization.
In: iSHIMR 2005: Proceedings of the Tenth International Symposium on Health Information Management Research, Thessaloniki, Greece, Sep. 2005.
[26] Massacci, F. and Zannone, N. (2006), Privacy is Linking Permission to Purpose, Lecture Notes in Computer Science Vol. 3957, Springer Berlin / Heidelberg.
[27] Personally identifiable information, Retrieved January 15, 2011, from
http://en.wikipedia.org/wiki/Personally_identifiable_information
[28] Hafner, M. et al. (2008), Modeling and Enforcing Advanced Access Control Policies in Healthcare Systems with Sectet, IN: H. Giese (Ed.):MoDELS 2007 Workshops, LNCS 5002, pp. 132-144, 2008, Springer Berlin / Heidelberg.
[29] Health Level Seven, The Clinical Document Architecture Release 2.0, Retrieved January 15, 2011, from http://www.hl7.org/library/standards_non1.htm
[30] HL7 Security WG: The RBAC Security and Privacy Vocabulary Project (2008), Available from
http://hl7projects.hl7.nscee.edu/docman/view.php/57/361/SecurityandPrivacyuthzFramework.
pdf, (Accessed June 28, 2009)
[31] Platform for Privacy Preferences (P3P) Project, Retrieved January 15, 2011, from
‧ 國
立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
[32] Aspect Weaver, Retrieved January 15, 2011, from http://en.wikipedia.org/wiki/Aspect_weaver
[33] Sandhu R, et al. (1996), Role-based access control models, IEEE Computer, 29(2), 1996, pp. 38-47.
[34] Opt out, Retrieved January 15, 2011, from http://en.wikipedia.org/wiki/Opt-out
[35] Karjoth, G., Schunter, M., Waidner, M. (2004), Privacy-enabled Management of Customer Data. IEEE Data Eng. Bull. 27(1): 3-9 (2004).