Reading List

As part of this doctoralseminar, we will create a comprehensive reading list. The reading lists willcontain papers related to security and privacy in Healthcare IT. Paperscovered/presented are in the presentation Schedule pages

All the papers should beavailable online at IEEE/ACM (or relevant journal venues) through Pitt domain.

 

 

Access Control Literature (Recommended Readings) (Those COLOREDare covered/overviewed)

·        J. B. D. Joshi, Arif Ghafoor, Walid Aref, and Eugene H. Spafford,"Digital Government Security Infrastructure Design Challenges", IEEEComputer, Vol. 34, No. 2, February 2001, pp. 66-72.

·        JamesB. D. Joshi, Walid G. Aref,Arif Ghafoor and Eugene H. Spafford, “Security Models for Web-Based Applications,”Communications of the ACM, Vol. 44, No. 2, February, 2001, pp. 38-44.

·        BasitShafiq, James B. D. Joshi, Elisa Bertino,Arif Ghafoor, "SecureInteroperation in a Multi-Domain Environment Employing RBAC Policies,"IEEE Transactions on Knowledge and Data Engineering. Vol. 17, No. 11, Pages1557 - 1577, Nov. 2005.

·        James B. D. Joshi, Elisa Bertino, Usman Latif, ArifGhafoor, “Generalized Temporal Role Based Access ControlModel,” IEEE Transactions on Knowledge and Data Engineering, Vol 17, No. 1 pages 4-23, Jan, 2005.

·        D.Ferraiolo, R. Sandhu, S. Gavrila, R. Kuhn, and R. Chandramouli,“The NIST Model for Role-Based Access Control: Towards a Unified Standard,” ACMTransactions on Information and System Security, Vol4, Issue 3, August 2001, pp. 224-274.

·        Gong, L. and Qian, X. ComputationalIssues in Secure Interoperation. IEEE Transaction on Software and Engineering,22 (1).

·        Shafiq,B., Joshi, J. B. D., Bertino, E., and Ghafoor, A., "Secure Interoperation in a Multi-DomainEnvironment Employing RBAC Policies," IEEE Transactions on Knowledge andData Engineering (accepted), 2005.

·        JaehongPark, Ravi Sandhu, The UCONABC usagecontrol model, ACM Transactions on Information and System Security(TISSEC)  Volume 7 ,  Issue 1  (February 2004) Pages: 128 – 174.

Overview papers on HealthCare Information Security and Privacy(Those COLORED are covered/overviewed)

·        Mohd Anwar, James Joshi, Joseph Tan, “Anytime, Anywhere Accessto Secure, Privacy-aware Healthcare Services: Issues, Approaches &Challenges,” Elsevier Health Policy and Technology Journal, 2015

·        DanielHalperin, Tadayoshi Kohno,Thomas S. Heydt-Benjamin, Kevin Fu, William H. Maisel, “Security and Privacy for Implantable MedicalDevices” IEEE Pervasive Computing, 2008.

Access Control in HealthCare Information Security and Privacy(See the presentation schedule

Privacy Recommended list of papers

·        L.Sweeney. k-anonymity: a model for protecting privacy.In International Journal on Uncertainty, Fuzziness and Knowledge-based systems,2002

·        R.Bayardo and R. Agrawal.Data Privacy Through Optimal k-Anonymization. In ICDE,2005.

·        A.Machanavajjhala, J. Gehrke,D. Kifer, and M. Venkita subramaniam. l-Diversity: PrivacyBeyond k-Anonymity. In ICDE, 2006

·        G.Cormode, D. Srivastava, T.Yu, Q. Zhang. Anonymizing Bipartite Graph Data usingSafe Groupings In VLDB, 2008.

·        C.Dwork. Differential Privacy InICALP, 2006.

·        A.Sala et. al Sharing Graphsusing Differentially Private Graph Models In IMC, 2011.