A Comparative Study to the Semantics of Ontology Chain-Based Data Access Control versus Conventional Methods in Healthcare Applications

The necessity of having intelligent methodology to access databases in networks has become more apparent in the age of distributed networks. Using semantics and ontologies can be highly helpful in developing such methodologies, as they provide the required classifications and mined information. The necessities that are required by the database administrator to build durable, reliable, and flexible data access methodology have been highly appreciated. This study that compares between the proposed system and conventional methods, for example Role Based Access Control (RBAC) and classical chain-based methods. The comparison is done using applications in the healthcare sector. This study is based on real surveys that have been conducted in an active hospital in the State of Kuwait.


Introduction
There are various techniques that have been planned for maintaining confidentiality in the literature. These techniques vary from simple rules specifications, such as those provided in the Platform for Privacy Preferences or P3P (W3C, 2009) to very complicated methodology, such as Hippocratic Database or HDB (Grandison et al., 2008;Byun et al., 2005;Agrawal et al., 2002). However, both techniques have proved to suffer deficiencies as it is not enough to set the rules as specified in P3P but also to be able to enforce them technically. While at the same time, it is needed to maintain the simplicity of the database design, which the Hippocratic database lacks.
One of the methods in the literature that have been proving reliable in data access management is Role Based Access Control (RBAC) (Sandhu, 1998;Ferraiolo & Richard, 1992). Selections in RBAC are mainly based on the responsibilities that users contain as an element of a group. For example, in the healthcare system, users have certain appointed roles, such as a doctor, nurse, or office admin/receptionist (receptionist as "admin" are preferred hereafter). The rights are merged by responsibility designation, where the use of possessions remains limited to the work personnel, who follow to understand the associated roles of the job. The role of doctor consists of functions to present an analysis, recommend prescription, and make requests for x-ray tests when needed; while, the responsibilities of a nurse are restricted to read only access for comprehending the quantity of the medicine. However, the RBAC model can work efficiently in some areas.
The different responsibilities and situations in the RBAC model can provide evidence of being difficult concluding in large scale of role descriptions, and users are producing more responsibilities in some cases. Furthermore, RBAC tends to be leftover to some extent; while, current necessities are gradually more fine-grained. The primary RBAC model has been based on the option of the permissions only, which must clearly identify the rejection to the access and turn out to be significant. These circumstances have concluded in several changes developed in the model of RBAC, involving Task Based Access Control or TBAC (Thomas & Sandhu, 1998). But none of these RBAC versions have proven successful in overcoming the situation representation difficulties that initial RBAC suffers.
Chain-Based Access Control (ChBAC) system has been derived from the earlier idea of a chain of acts that have been recommended by Al-Fedaghi (2007). Fedaghi introduced the plan by varying the standards of information access supervise from procedures to chains of restricted actions. It has been claimed that the administration of quality and users' perspective are a difficult problem. The mapping procedure is simplified by assigning the roles to users and to access permissions linked with responsibilities but not openly to individual users (Omran et al., 2009).
The chain of acts method consists of a position of seven partial acts: collecting, creating, storing, using, mining, processing, and disclosing personal information (Figure 1), which are spread among the unlike sets of roles. The functions describe the policy and objectives according to which certain sets of roles are provided with the access to the record. It also involves the procedures that can allow the user to implement actions on the database. Figure 1 shows that the data practice can be distributed into main parts, specifically: compilation, formation, organizing, and exposé of individual information. Each part can be related with a quantity of approved actions. For example, a scenario of a doctor who creates a medical record, then Stores it in the database can be considered. It can be then Proceed (edit) by using it to release a final decision of making a surgery.  (2007) has presented a claim that specific role of an individual can be transformed into a sequence of actions on record. It has also been declared that individual's incomplete actions can be used to propose a more strong data access organize mechanisms that might guarantee the privacy of individual information. So, there is manageable set of restricted tasks instead of long policy tables .

Scenarios
The distinctive scenarios have been recommended in this part of healthcare allocation in a hospital environment. Table 1 shows some examples of the situations that regularly take place in a typical hospital. The full set of scenarios is available upon request (Omran, 2013). The full list has been carefully distracted from procedures at the "International Clinic" (International Clinic, 2011) in Kuwait and includes: Patient registration -represented in Table 1 as scenario 1.1. Here, the patient has been registered by the admin for the initial time who collect their basic information. The patient record is the individual database.
The basic details are provided to the office admin by filling a form when a patient visits to the hospital first time.
The patient have to provide other information when requires. The patient has to provide a valid card, if owns a health insurance, at the time of registration. The record is created in the database when a patient has provided the information. Information regarding patient, which includes personal information, is recorded into the medical file . The admin collects the patient's information and then stores the information to prove it cis.ccsenet.org Computer and Information Science Vol. 10, No. 4;2017 3 in ChBAC. The arranged scenarios are presented in Table 1, which has created the origin of experimental outcomes.

Ontology
As discussed earlier, the most important sequence problems in describing the conditions and how to implement them in actual phase, such as the healthcare area, have been suggested. In this work, the results have been recommended by defining the chain terms in ontology, where analyzing area information is feasible once a cis.ccsenet.org Computer and Information Science Vol. 10, No. 4;2017 4 declared requirement of the terms is accessible. Official investigation of situations is very important when both seeking to reclaim presenting ontology and expanding it.
The personal information of developed ontology in healthcare can then be used as a source for many applications, but for the purpose of this study, it has been applied in the data access administration. The ontology, established by the Protégé Owl development editor, consecutively builds a link with an existent plan from the division of health. Web Ontology Language (OWL) has been recognized as the component belonging to the rising stack of W3C guidance, which inclines to be connected to Semantic Web. Semantic Web is an idea, which is intended for achieving an opportunity of the Web. It aims to provide with documentation that must have a clear importance and may create simpler ways to involuntarily handling of the machines and combine data that is accessible on Web (Tektonidis et al., 2006).
The other important verdict in emerging ontology has been whether to utilize an accessible ontology from the text or create it from the scrape. There are reusable ontology libraries that are available online and in the literature; such as those found in the presentations by Ontolingua (2011) and DAML Ontology Library (2011). There is also a wide availability of commercial ontologies that include United Nations Standard Products and Services Code (UNSPSC), RosettaNet, and DMOZ.
The medical ontologies are available in categories, which include Open Clinical Ontology, Clinical Ontology Website, UMBEL, and Open Wetware. Nonetheless, none of the modalities wrap all the available processes that are utilized within a hospital or in the individual data for health. All regulations that control the administration of the hospital record, providing the access to the responsible individuals, are acquired in accordance to the ontology developed by Omran (2013).
The other part of ontology execution is to write down the list of all conditions that are of interest to the investigator for concluding and to provide details to the user. Significant healthcare terminologies were identified in this present case and in the survey employed in the hospital. It has included the terms like doctor, patient, nurse, medical record, and treatment. It has been deemed necessary to compile a complete list of conditions that may not cover the ideas they communicate to including the associations between the conditions, any properties that the ideas may have, or whether the ideas are programs or slots. References from literature have been used for better understanding the ontological concepts (Reuters, 2009;Health Level Seven Inc, 2009;University of Alberta, 2005;Webster, 1990). Once this part has been completed, a chain of command is required to be constructed.
The ontology given on figure 2 describes the parts of a healthcare organization to indicate an execution of an ontology-based access control. In the presented healthcare facility, different groups of actors and organizations are provided with an access to the customized information and record data. These actors or organizations in each of the different classes can be allowed with permissions, which may interpret to the special actions that can be conducted on documentation or record data.
The modality of "healthcare" is identified as the higher level of ontology. It highlights to facilitate the entire low level nodes and supports the example that ontology is a component of the "healthcare" organization. The organization carries four nodes: actor, organization, record, and event. The actor node has low level of convergence describing the category of actor. These factors are primarily demonstrated by patient, doctor, nurse, administrator, and manager. The class, from which the actor belongs, particularly determines the provision of special accesses to data and the actions that can be conducted on that data.
The organization node has low level of convergence describing the class of organization that is acceptable to access the information. This class is represented by hospital, general practice and insurer organization. Accesses to documentation and actions, which can be conducted on that data, are capable to be limited or approved based upon the organization related with the user demanding the action.
The record node has lower level convergence describing the class of data, which is collected and directed ahead by actions performed on that information. The data record of each class comprises of information that must be contained within a record or other data storage system, with restricted access. This class is represented by medical record, letter from a doctor, and information set of the insurance policy. The access provided for the data categories along with the determination of type of accessibility is strictly controlled. The type of accessibility may include the data generation, access as well as the removal. The approval is provided on the basis of the applicant's acting class or the relation of the applicant with the organization along with the action that is to be conducted upon the data. The event node has lower level convergence describing the type of situation that can take place in the healthcare organization. These are demonstrated by recommendation, surgery, behavior and discussion. The capability to begin each of these procedures/situations, or to be the part of each of it, can be controlled or decided based upon the class of applicant or organization. A doctor holds the authority to demand the database concerning a patient, but an admin supervisor cannot make such calls.
The ontology mappings and ontology records are used to identify the class of actor, in which requestor concerns, when a system obtain a demand from the user. The system then accesses the sequence related with the demanded action and decides if the user has approved to conduct the action related with that sequence on the demanded data. The complete ontology, which has been developed for the healthcare system is presented in the work by Omran (2013). This ontology is based on questionnaires, surveys and feedbacks collected from the "International Clinic" in Kuwait and experts from "Madrid University" and "IBM Company". Hereafter, the developed system has been referred as Ontology-Chain-Based Access Control System or O-ChBAC.

The Ontology-Chain-Based Access Control System (O-ChBAC)
The complete method of the O-ChBAC structure and all its parts are obtainable in Figure 3 and Figure 4. Figure  4 is an example of how the structure acts for a particular scenario. A data access demand starts with the user demand access to a detailed record. It is likely to verify the elected user type (for example a doctor) from the profile of the current user. The system can decide the set of situations under which it may allow the users to access the data by enquiring the ontology. Next, each situation must be identified for requirements until a situation is established as being suitable for the user. Inspecting the requirements may engage assembling information taken off the record, or asking for the identification of the user. When a particular perspective is deemed applicable for a demand, access is subsequently approved. Otherwise, the accessibility for the database is denied.

Experiment Setup
The experiments identified here are to make certain whether the developed methods are capable of presenting a perceptive between situations where admission should be granted and where it should be refused. The objective of this set of experiments is: • To demonstrate that by utilizing the developed system, an improvement can be generated in better data access management by retrieving more accurate results.
It is not just a matter of retrieving all the available information, rather retrieving results as accurately as possible when the user submits the request. Achieving this goal will greatly help users in accomplishing their work efficiently and with fewer errors. It also makes audit retrieving of any misuse of information much easier, as it is much concentrated from the data retrieved and action taken. The system has been developed to have situation sensitivity, such that the access authorization for the data can change according to the situation where the data is being used. This flexibility can greatly help the system in changing environments like the case in a hospital.
In this set of experiments, some basic scenarios from Table 1 have been taken into consideration. Setting experiments to validate these critical criteria is neither an easy nor a straight forward task, as it cannot be measured or calculated but it is rationally evaluated. It can also be compared with data that should be retrieved in the ideal solution to meet the users' requirements. Setting up the questionnaires to test and evaluate the proposed semantic system took a great amount of time and lengthy discussions with experts in the field to cover all related criteria, but without redundancy. As usually in semantic experiments, users' feedback is one of the central issues that the experiments rely on. For the purpose of evaluating the O-ChBAC system, the hospital database administrator (DA) was asked to choose a random set of users (levels of expertise will be given in details later in this section) to test the developed system, in comparison with the other two conventional systems: • Classical Chain without semantic (ChBAC) • RBAC The O-ChBAC developed system is using the principles of ChBAC (explained in the previous section) and integrates it with ontology that has been developed using protégé OWL editor and Java GUI. The full version of this ontology is shown in [11]. The three systems under study have accurately the same GUI to make sure that the users cannot recognize the distinction between them, which may influence their advice. The system users have been trained on using the GUI interface before the experiments. The system (O-ChBAC) was placed in the middle of the other two systems, as system B, after ChBAC.
Users have been given carefully selected scenarios (these scenarios have been discussed also with experts from the field) that cover all main functionalities as shown in Table 1. The scenarios have been optimized to the preferred responsibilities that are shown in the questionnaires, given that if exact processes came in unusual scenarios. It has been determined based on the important types of users in the hospital. These users face the complete and serious scenarios. The tasks included some scenarios common between users of different types. But different users require viewing different parts of the information according to the situation.
In order to estimate these methods, the questionnaires were given to the selected group of users randomly from the hospital. Only one condition has been employed that the users set must include at least one participant from each of the groups. The most important scenarios that were taken into the account for testing have included: 1. Admin: • "New patient registration" • "Booking appointments" • "Visit for appointment" • "Billing" • "Managing Patients" 2. Doctor: • "Routine Patient Consultation" • "Outgoing referral" • "Incoming referral" 3. Nurse: • "Nurse Consultation" • "Incoming Referral" 4. Database Administrator (DA) • "Overall database management" cis.ccsenet.org Computer and Information Science Vol. 10, No. 4;2017 8 • "Changing access policies" The performance evaluation of the system has been divided into four categories: • "Accuracy" • "Correctness" • "Situation sensitivity/Flexibility of the system" • "Relative time to perform a task"

Technical Details
The participants, who were recruited into the set of experiments, have been the staff from real hospitals. The responsibilities of these personnel were as follows: • "Three admin(s)" • "One doctor" • "Three nurses" • "One database administrator (DA)" These questionnaires were provided to the users, while the evaluation setting has been developed at the hospital that utilized the use of a computer with the following specifications: Operating System: Windows 7 Ultimate, 32-bit Processor: Intel® Core™ Duo CPU T2450 @ 2.00GHz

Memory (RAM): 1 GB DDR2
The demonstration was given to these users on, "how to use the systems" before they had been provided by the tasks. Then, users were told to act according to the scenarios that were presented in table 1. Then the users were asked to complete these responsibilities and save their answers to a content file. In addition, database administrators were asked to give help and answer questions if required.
The chain ontology based system was tested when users were asked to test all three systems. These include system A that contains (ChBAC), system B contains (O-ChBAC), and system C includes RBAC without semantics. The responses of the investigation are presented in Table 2 and 3 as obtained by the user. The GUI can help into hiding the identity of the systems. The user was requested to begin with the user name and password. The intention has been to correspond with the GUI that involves certain rules of RBAC along with the necessary set of actions regarding chain method. The developed system of O-ChBAC passes through the ontology layer to identify the actions through group of users.

Results
In Table 1, it has been displayed that the admin is having the right to establish a new patient record by collecting information such as exact name, DOB, and address. The admin also indicates to have an authority to approach the patients' record to set the scheduled meeting on the situation or reschedule with regard to the call from a doctor, as given in the appointment tab in Figure 5 and Figure 6. The admin can also approach the billing information of a patient specified with the situation to facilitate the documentation of the patient, who has been imparted to this particular admin. Otherwise the admin will not allow the accessibility. Check the billing of a specific patient

Read information from a database Success
Admin 2 Check the billing of a specific patient

Read information from a database Success
Admin 3 Check the billing of a specific patient Read information from a database Success [as shown in Fig. 5] cis.ccsenet.org Computer and Information Science Vol. 10, No. 4;2017 10 Three admins have been asked to go all the way through the presented situations to evaluate the development of the system followed by the collection of their response. The results are shown in Table 2. After observing the skill of the Chain Ontology Based System (O-ChBAC) in order to complete necessary functions related to the different tasks of the Admin, the investigator requested the three admins to do the following actions using the three systems as follows: • "System A: system of classical Chains without ontology (ChBAC)" • "System B: our propped system of chains with ontology (O-ChBAC)" • "System C: system of RBAC" The estimation has been indicated with accordance to the responses of the questions in Table 3 and Table 4.   Table 2 is selected to verify the authority that comes with the handling of the system to wrap necessary daily operations of the hospital system. The results explain that the system can access the model of the ontology, where sparql queries can be translated, and database can be written. The questions on Table 3 were given to estimate the method of exactness, situation understanding and time requisite for retrieving the information. The questions were arranged to highlight genuine situations, which may occur in a hospital and simultaneously evaluate the provided method of presentation for the given three systems. An explanation showing each performance criterion and the questions used to evaluate it are stated below. The expected answer is also given in order to compare it to the outcomes obtained from the users.

Analysis of Results Related to Doctor and Nurses Feedback
In this phase of real scenario experiments, the records of the questionnaire results taken from one doctor and two nurses are provided in details in Table 5. The criterions are mentioned below that are estimated through experiments.
3.2.1 Criterion 1-Accuracy Q4, Q5, and Q6 are estimated for this method. The probable answer for Q4 is: Mohammed Imran, however the other patients were also scheduled by the doctor: • Mohammed Imran • Noor Husin

• Paula Jones
• Greg Spencer Based on the questionnaire answers, it has been evaluated that system B has been reached at the expected outcomes, which are in accordance with the conditions that have been given by the user. Moreover, the expected outcomes in regard of question number five has indicated that the admin can easily get an access to the billing areas; however, the explanation is always been decided by the physicians. It is also a fact that system B is always considered as the only one system, which has fulfilled the estimation, as this system has given the potential for the admin type users. The estimated answer of question number six has been given by Noor Hussni, who has included six patients without any payment in the hospitals. The successful implementation of system B has solved such data in accordance with the situations, which has been provided through the users. However, the rest of two aspects were recovered through the absolute level of sets in regards of patients. System B has highlighted some of the precise results, which are completely relative to different situations, which were supplementary in regards of ontology and the harder implicit of the Java language in order to slightly move the range of different investigations.

Criterion 2-Context Sensitivity
The questions that have been put to evaluate this issue for the three systems are also Q4, Q5 and Q6. It is significantly common and expected from the outcomes, which has been retrieved in this domain of the study that cis.ccsenet.org Computer and Information Science Vol. 10, No. 4;2017 12 the changes in the context will make a direct impact on the system. It is a fact that the context is related to appointment, registration, billing, and ending of the patients' profile. This is also not included in the case related to the other two different systems as it can easily give access to the rights as per the role without being affected by the context. These outcomes were not surprising as it was expected earlier.

Criterion 3-Time required to perform the queries
Q5 and Q6 are used to estimate the criteria. The data must be recovered without making the user experience an interruption. The authors have searched a system for semantics that have been compared with other systems without an interruption. This is exactly what they got as users did not face any interruption while using the system. In particular cases RBAC has approached to the time, as it needs to interpret the sparql query. The main factors that did not affect significantly on system by sparql are database planning, less features and tables to be identified by the system, and in the case that record can be read . The results of table 5 are presented in table 6, which shows the comparison between the systems for the given methods. It also determines the standard time to execute the query. The group of scenario in the system is presented by the estimated table 5 that indicates the evidence of precision, situation handling, and providing good time for retrievals.

Results Related to Database Administrator Feedback
The database administrator was asked to alter some of the policies for the three systems under testing, as detailed in Table 7 in the last phase of experiments.

Data Analysis of Database Administrator Feedback
There was a criteria, which has been evaluated through the proper development of the system, which is known as flexibility. According to table 7, the investigators have asked that the database administrator should made proper changes in the two given conditions and see the impact of every given system. IT was clear that System Bit has simpler technicalities; therefore, it is extremely easy to change different conditions in regards of this system. Similar aspect has been witnessed in enormous cases. Accordingly, it is also a fact that there is extremely lower need to make any type of change in the construction of database. This perspective is totally different from the perspective of system C. It is a fact that system C can be changed by the technical members through the conditions, which are mostly saved in the policies table.
At the same time, changes in the system C also require the changes in the conditions, which are developed for the attributes in regards of the relative tables. On the contrary, the case of system B is totally different. The changes in the conditions are directly controlled by the protégé OWL editor in regards of the system B. The study has also included different instructions, which are necessary for the ontology; therefore, the future changes in different policies will become easier. By supporting the claim of this study, the investigators have received an email from the IC hospital database administration, which has shown different types of feedback and recommendations for the utilization of developed methods in the clinical settings. This aspect was because of the enhanced flexibility along with the ease of altering different policies along with the perseverance of the privacy concerning the data. Therefore, the study has presented different experiments, which were carried out throughout different years in regards of the primary analysis.

Conclusion
The study has retrieved out three significant points, which have been shaped by the findings of proposed experiments. These points are as follow: • The implementation of reliable design because of its comfort design is helpful for getting reliable data in regards of accessing management method.
• The second perspective is that the precision of data have been mainly identified the development of different methods.
• The third aspect is all about the time, which is required for collecting data that can be a result of easer cis.ccsenet.org Computer and Information Science Vol. 10, No. 4;2017 14 design.
It is also a fact that the experiments have been accordingly developed, designed, recorded, implemented, and analyzed for getting the proper outcomes appropriately. The RBAC and ChBAC systems have been tested by this study by the implementation of different database administrators. The findings of the experiments have shown a proper advantage towards ChBAC system while making a comparison with RBAC. These criteria have been tested in particular sets of experiment that included: • "Number of required SQL statements to implement the two methods" • "Number of required tables to implement the two methods" • "Number of required constraints to implement the two methods" • "Time required to retrieve the information" The study has shown such outcomes by presenting the analyzed and collected outcomes, which the ChBAC system requires half the number of SQL statements along with the numbers of tables, time for retrievals, and constraints. This perspective is helpful for getting the advantage to ChBAC on the system of RBAC in the third and first criteria, which have been mentioned above.
On the contrary, it has been further evaluated that none of the utilized two methods have provided any of the solution in regards of the second criteria. This perspective have raised the significance of integrating different semantic to the principles and chains of ChBAC. However, the study has stepped further into different precisions and criteria of such; therefore, it is needed to assess the integration related impact on the first criteria. This was the major rationale behind the development and implementation of second experiment in regards of second point. It is also a fact that the chain has reduced level of parameters, which are necessary to be implemented; therefore, the outcomes have identified that the implementation within OWL is extremely simpler as compared to RBAC.
After the completion of this phase, the evaluation has been transformed into another critical phase, which demonstrated precise criteria of success. Because of this perspective, consultation has been requested in order to get positive reviews from IBM Company, Trento University, Madrid University, and Eindhoven University. It has been agreed that the feedback of users has been needed. Furthermore, some of the users have required to present different scenarios carefully for the reliability of different systems in generating information that can be accurate in the perspective of the sensitive issues. The feedback of the users has been identified properly, which was extremely positive as they have noticed major different in the data retrieved through the development system.
The study aids in presenting insights of the users regarding the Chain Ontology Based Method. It has been deduced that they presume, the technique: • is simple and precise in policy specification; • is flexible in its expressiveness; • uses less tables and conditions than the system currently used at the healthcare provider; • is faster than the RBAC method In conclusion, it has been shown that the ontology chain-based data access method is a simpler and better manner for the perseverance of the database privacy without the loss of any highest standard of database design and administration.