International Journal of Advanced and Applied Sciences
Int. j. adv. appl. sci.
EISSN: 2313-3724
Print ISSN: 2313-626X
Volume 4, Issue 1 (January 2017), Pages: 74-83
Title: Role-based efficient information extraction using rule-based decision tree
Author(s): Imran Khan 1, *, M. Sher 1, Syed M. Saqlain 1, Husnain A. Naqvi 1, Anwar Ghani 1, M. Usman Ashraf 2, Javed I. Khan 3
Affiliation(s):
1Department of Computer Science and Software Engineering, International Islamic University, Islamabad, Pakistan
2IBMS, University of Agriculture, Faisalabad, Pakistan
3Department of Computer Science, Kent State University, Kent Ohio, USA
https://doi.org/10.21833/ijaas.2017.01.011
Abstract:
This article presents a framework to reduce the comparison complexity required to evaluate requests for releasing Protected Health Information (PHI). A new methodology is introduced to divide HIPAA (Health Information Portability Accountability Act) into small independent integrate-able modules to facilitate the implementation process. The HIPAA World Rule Model is used for decision using formalized legal text. In order to reduce the time complexity of logical rule set comparison process for Role/Actor based approach, RBDT and Rules Filtering Algorithm are used. It reduces the time complexity of rule generation process from O(n5) to O(n) for producing quick responses to access requests. The achieved results show significant improvement even for huge data.
© 2017 The Authors. Published by IASE.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
Keywords: Privacy rules, Logical rules set, Formalization, Health care, EHR, Rule base decision tree
Article History: Received 27 October 2016, Received in revised form 27 December 2016, Accepted 7 January 2017
Digital Object Identifier:
https://doi.org/10.21833/ijaas.2017.01.011
Citation:
Khan I, Sher M, Saqlain SM, Naqvi HA, Ghani A, Ashraf MU, and Khan JI (2017). Role-based efficient information extraction using rule-based decision tree. International Journal of Advanced and Applied Sciences, 4(1): 74-83
http://www.science-gate.com/IJAAS/V4I1/Khan.html
References:
| Ashley P, Hada S, Karjoth G, and Schunter M (2002a). E-P3P privacy policies and privacy authorization. In Proceedings of the 2002 ACM Workshop on Privacy in the Electronic Society. ACM: 103-109, Washington, USA. https://doi.org/10.1145/644527.644538 |
||||
| Ashley P, Powers C, and Schunter M (2002b). From privacy promises to privacy management: A new approach for enforcing privacy throughout an enterprise. In Proceedings of the 2002 Workshop on New Security Paradigms. ACM: 43-50, Virginia, USA. https://doi.org/10.1145/844102.844110 |
||||
| Breaux T and Antón A (2008). Analyzing regulatory rules for privacy and security requirements. IEEE Transactions on Software Engineering, 34(1): 5-20. https://doi.org/10.1109/TSE.2007.70746 |
||||
| Breaux TD, Vail MW, and Anton AI (2006). Towards regulatory compliance: Extracting rights and obligations to align requirements with regulations. In 14th IEEE International Requirements Engineering Conference (RE'06): 49-58, Minneapolis, USA. https://doi.org/10.1109/RE.2006.68 |
||||
| Byun JW, Bertino E, and Li N (2005). Purpose based access control of complex data for privacy protection. In Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies. ACM: 102–110, Stockholm, Sweden. https://doi.org/10.1145/1063979.1063998 |
||||
| Hodge JG (2003). Health information privacy and public health. The Journal of Law, Medicine and Ethics, 31(4): 663-671. https://doi.org/10.1111/j.1748-720X.2003.tb00133.x PMid:14968668 |
||||
| Khan I, Alwarsh M, and Khan JI (2012a). Quantitative charting of HIPAA section 164's legal universe privacy rules of HIPAA (Technical Report). Networking and Media Communications Lab, Kent State University. Available online at: http://www.medianet.kent.edu/techreports/TR2012-06-01-HIPAA-164-legaluniverse.pdf | ||||
| Khan I, Alwarsh M, and Khan JI (2012b). Tr2012-16-02 a decision tree model of HIPAA section 164 of HIPAA legal requirements, Tech. rep., Technical Report, Networking and Media Communications Lab, Kent State University. Available online at: http://www.medianet.kent.edu/techreports/TR2012-06-02-HIPAA-164-decisiontree.pdf | ||||
| Khan I, Alwarsh M, and Khan JI (2013). A comprehension approach for formalizing privacy rules of HIPAA for decision support. In Machine Learning and Applications (ICMLA), 12th International Conference, 2: 390-395, Miami, USA. https://doi.org/10.1109/icmla.2013.154 |
||||
| Lam PE, Mitchell JC, and Sundaram S (2009). A formalization of HIPAA for a medical messaging system. In International Conference on Trust, Privacy and Security in Digital Business. Springer Berlin Heidelberg: 73-85. https://doi.org/10.1007/978-3-642-03748-1_8 |
||||
| Massey AK, Otto PN, Hayward LJ, and Antón AI (2010). Evaluating existing security and privacy requirements for legal compliance. Requirements Engineering, 15(1): 119-137. https://doi.org/10.1007/s00766-009-0089-5 |
||||
| Maxwell JC and Antón AI (2009). Developing production rule models to aid in acquiring requirements from legal texts. In 7th IEEE International Requirements Engineering Conference: 101–110, Atlanta, USA. https://doi.org/10.1109/re.2009.21 |
||||
| Maxwell JC and Antón AI (2010). The production rule framework: developing a canonical set of software requirements for compliance with law. In proceedings of the 1st ACM International Health Informatics Symposium. ACM: 629-636. https://doi.org/10.1145/1882992.1883092 |
||||
| Sandhu RS, Coynek EJ, Feinsteink HL, and Youmank CE (1996). Role-based access control models yz. IEEE Computer, 29(2): 38-47. https://doi.org/10.1109/2.485845 |
||||
| Wilson JF (2006). Health insurance portability and accountability act privacy rule causes ongoing concerns among clinicians and researchers. Annals of Internal Medicine, 145(4): 313-316. https://doi.org/10.7326/0003-4819-145-4-200608150-00019 PMid:16908928 |
||||