Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2024 Sep 16;24(1):260.
doi: 10.1186/s12911-024-02638-5.

A cross domain access control model for medical consortium based on DBSCAN and penalty function

Chuanjia Yao  1   2   3 Rong Jiang  1   2   3 Bin Wu  4 Pinghui Li  5 Chenguang Wang  3   6
Affiliations

A cross domain access control model for medical consortium based on DBSCAN and penalty function

Chuanjia Yao et al. BMC Med Inform Decis Mak. .

Abstract

Graded diagnosis and treatment, referral, and expert consultations between medical institutions all require cross domain access to patient medical information to support doctors' treatment decisions, leading to an increase in cross domain access among various medical institutions within the medical consortium. However, patient medical information is sensitive and private, and it is essential to control doctors' cross domain access to reduce the risk of leakage. Access control is a continuous and long-term process, and it first requires verification of the legitimacy of user identities, while utilizing control policies for selection and management. After verifying user identity and access permissions, it is also necessary to monitor unauthorized operations. Therefore, the content of access control includes authentication, implementation of control policies, and security auditing. Unlike the existing focus on authentication and control strategy implementation in access control, this article focuses on the control based on access log security auditing for doctors who have obtained authorization to access medical resources. This paper designs a blockchain based doctor intelligent cross domain access log recording system, which is used to record, query and analyze the cross domain access behavior of doctors after authorization. Through DBSCAN clustering analysis of doctors' cross domain access logs, we find the abnormal phenomenon of cross domain access, and build a penalty function to dynamically control doctors' cross domain access process, so as to reduce the risk of Data breach. Finally, through comparative analysis and experiments, it is shown that the proposed cross domain access control model for medical consortia based on DBSCAN and penalty function has good control effect on the cross domain access behavior of doctors in various medical institutions of the medical consortia, and has certain feasibility for the cross domain access control of doctors.

Keywords: Access control; Blockchain technology; Medical consortium; Medical informatization.

PubMed Disclaimer

Conflict of interest statement

The authors declare that they have no competing interests.

Figures

Fig. 1
Fig. 1
Schematic diagram of graded diagnosis and treatment
Fig. 2
Fig. 2
Schematic diagram of referral between hospitals
Fig. 3
Fig. 3
Schematic diagram of experts’ consultation
Fig. 4
Fig. 4
Cross domain access control model for medical consortium based on DBSCAN and penalty function
Fig. 5
Fig. 5
Workflow diagram of the proposed model
Fig. 6
Fig. 6
Example diagram of cross domain access data by doctors in Hospital A
Fig. 7
Fig. 7
Plots of uploading of doctors’ cross domain access log are generated under 4G (a) and 5G (b). The value X-axis represents the number of access logs, and the value of Y-axis represents time consumption of uploading to the blockchain distributed ledger. The latency of 4G is in the range of (0.05,0.08) second, while the latency of 5G is in the range of (0.005,0.01) second
Fig. 8
Fig. 8
DBSCAN clustering sub-plots were generated under different parameters (eps, min_s). In the sub-plots, the value X-axis represents the access time of a doctor, and the value of Y-axis represents department labels. Sub-plot (a)’s generation depends on parameter (15, 20), sub-plot (b)’s generation depends on parameter (30, 20), sub-plot (c)’s generation depends on parameter (25, 20), and sub-plot (d)’s generation depends on (30, 15)
Fig. 9
Fig. 9
DBSCAN clustering sub-plot generated under parameter (eps=30, min_samples=15). The coordinate values of each point represent the positioning of the doctor’s access behavior in the figure. The value X-axis represents the access time of a doctor, and the value of Y-axis represents department labels
Fig. 10
Fig. 10
DBSCAN clustering sub-plot generated under parameter (eps=30, min_samples=15). The coordinate values of each point represent the positioning of the doctor’s access behavior in the figure. The value X-axis represents the access time of a doctor, and the value of Y-axis represents department labels. The black line is the boundary line to distinguish normal behavior and abnormal behavior
Fig. 11
Fig. 11
The function fitting sub-plots were automatically generated by Python through polynomial regression. The value X-axis represents the access time of a doctor, and the value of Y-axis represents department labels. The blue dots represent 79 random points distributed along the boundary line of Fig. 10. Sub-plot (a) illustrates the result of fitting with a 5th-degree polynomial. Sub-plot (b) illustrates the result of fitting with a 6th-degree polynomial. sub-plot (c) illustrates the result of fitting with a 7th-degree polynomial. Sub-plot (d) illustrates the result of fitting with a 8th-degree polynomial
Fig. 12
Fig. 12
Schematic of doctor risk measurement across domains. The value X1-axis represents the access time of a doctor, and the value of X2-axis represents department labels. In order to adapt to the construction of penalty function, we use X2 to substitute Y
Fig. 13
Fig. 13
Interior point penalty function optimizes results for cross domain access. The value X1-axis represents the access time of a doctor, and the value of X2-axis represents department labels. In order to adapt to the construction of penalty function, we use X2 to substitute Y. The red points stands for access points
Fig. 14
Fig. 14
Cross domain access situation sub-plots of comparison before and after control. The value X-axis represents the access time of a doctor, and the value of Y-axis represents department labels
See this image and copyright information in PMC

Similar articles

See all similar articles

Cited by

References

    1. Haowen Y, Li Y. Integrated medical theory, practice, and effectiveness evaluation at home and abroad. Chin J Evid Based Med. 2020;20(05):585–92.
    1. Lei Y, et al. Exploring strategies for responding to sudden public health incidents under the mode of group medical Alliance China. Hosp Manage. 2020;40(04):33–4.
    1. Yinying Y, et al. SWOT analysis and strategies for the development of traditional Chinese medicine consortia in China. Med Content. 2019;10(05):70–3.
    1. Cooper MI, Attanasio LB, Geissler KH. Maternity care clinician inclusion in Medicaid Accountable Care Organizations. PLos One. 2023;18(3):e0282679. 10.1371/journal.pone.0282679 - DOI - PMC - PubMed
    1. Kerrissey M, et al. Integration on the frontlines of Medicaid accountable care organizations and associations with perceived care quality, health equity, and satisfaction. Med Care Res Rev. 2023;80:519–29. 10.1177/10775587231173474 - DOI - PubMed

LinkOut - more resources