Abstract

Because critical infrastructure (CI) is considered to be the backbone of a nation’s livelihood, the Critical Infrastructure

Protection (CIP) program was established in 1998 by the American President as a directive to ensure the United States’ security and to keep it safe from any malicious attacks or unexpected disasters. However, protecting the critical infrastructure of this country has always been challenging, especially with the interdependencies among each sector, which increases its vulnerability. Any failure of one sector could cause a significant impact on the others. The Decision Support System (DSS) is a computer system that helps agencies make decisions based on existing situations. The decision making of the DSS has a strong relationship to situational awareness (SA), such that the quality of a decision relies on the degree of the situational awareness. Regarding CI, any decision for one sector affects other sectors. Therefore, decision makers should have insight about the consequences for all sectors when one sector changes.

To avoid the complexity of interdependencies in the critical infrastructure of the United States, the healthcare sector was chosen to demonstrate the thesis hypothesis. Situational awareness is applied to healthcare, in general, but this thesis focuses on the situational awareness that is addressed during a multi-casualty incident (MCI).

Bi-layer access control (BLAC) is an instrument that was proposed recently in a doctoral dissertation. BLAC uses a new concept named pseudoroles to verify the eligibility of access. For any request, BLAC checks, as a first step, against fixed attributes, then, in the next step, it matches against the associated policies. This two-step process increases the efficiency of the method. Although BLAC was introduced into the healthcare sector to protect patients’ privacy by regulating access to electronic health records, the pseudoroles concept can be implemented in any other sector.

This thesis aims to utilize the concept of pseudoroles leveraged in situational awareness in the CIP program. Focusing on MCIs, this thesis proposes a model that will help ambulance personnel make decisions as to the most appropriate hospital for each patient’s care. The decision making depends on multiple factors that are related to the patient's case and the policies of each hospital. Because of the importance of time, in such situations, and the need for the patient to be transported to a hospital as soon as possible, the model uses the BLAC mechanism of a two-step evaluation to exclude all impractical hospitals, at a first glance, based on the hospitals’ policies. Thus, by complex evaluation of the hospitals' information, there is a higher probability that the most appropriate hospital will be chosen for the patients.

Library of Congress Subject Headings

Medical records--Data processing; Medical records--Access control; Data protection; Situational awareness

Publication Date

5-2015

Document Type

Thesis

Student Type

Graduate

Degree Name

Computer Science (MS)

Department, Program, or Center

Computer Science (GCCIS)

Advisor

Rajendra K Raj

Advisor/Committee Member

Carol Romanowski

Advisor/Committee Member

Jennifer Schneider

Comments

Physical copy available from RIT's Wallace Library at RA976 .B35 2015

Campus

RIT – Main Campus

Plan Codes

COMPSCI-MS

Download

Share

COinS