|
 Emergency alert systems typically demand push notification because of the infrequency of events and the urgency with which parties need to be notified of them. However, push notification systems like email have many limitations, such as susceptibility to SPAM and security vulnerabilities. This project explores the idea of basing health alerts on RSS feeds, which provide a polling-based notification system. Since emergency alerts may be resticted to parties like doctors or heath administrators and may be drawn from diverse administrative domains, RSS for health alerts requires a mechanism for expressing and enforcing interdomain access policies for feeds. In particular, we use Shibboleth, a federated identity system developed for use in universities, and an attribute-based policy language, to provide secure RSS for emergency alerts. We aim to show how it can be used to deliver CDC PHIN health alerts with diverse polices and acceptable efficiency.
This is part of the Assisted Living Security project.
People
Publications
Our Links
Reading List
- Shibboleth
- Really Simple Syndication (RSS)
- Secure RSS Syndication
Joe Gregorio
- A logic-based framework for attribute based access control,
L. Wang, D. Wijesekera, and S. Jajodia.
Formal Methods in Security Engineering (FMSE), 2004, ACM.
- Verification and change-impact analysis of access-control policies,
K. Fisler, S. Krishnamurthi, L. A. Meyerovich, and M. C. Tschantz.
International Conference on Software Engineering, 2005.
Other Links
This page is maintained by Wook Shin.
|
|
Last Updated ( Friday, 20 April 2007 )
|
|
|
© 2008 Illinois Security Laboratory
|
