Table 1 List of attributes needed to build ABAC authorization rules to enforce policies presented in the running example (see “Running example” subsection)
Short name | Namespace | Category | Data type | Values |
|---|---|---|---|---|
Subject_type | Subject | Subject_cat | String | Nurse, lab technician, employee, patient |
Object_type | Object | Object_cat | String | Lab procedure, compensation, health record |
Action_type | Action | Action_cat | String | View, change, request |
Rank | Subject.employee | Subject_cat | String | Senior, junior |
Working_hours | Subject.employee. health_professional | Subject_cat | String | First-shift, second-shift, on-call |
Status | Subject.patient | Subject_cat | String | Registered |
Status | Object.lab_procedure | Object_cat | String | Approved, pending, rejected |
Type | Object.lab_procedure | Object_cat | String | Follow-up |
Status | Object.health record | Object_cat | String | Full |
Period | Object.compensation | Object_cat | String | Long-term |