Enforcing Minimum Necessary Access through Integrated Audit and Access Control

Designed and implemented a system for enforcing minimum necessary access in healthcare IT environments by integrating audit trail analysis with access control enforcement. The system monitors access patterns, identifies potential privacy violations, and automatically tightens access control policies based on observed usage. This work was conducted at Johns Hopkins University and resulted in a published paper at ACM BCB-HIS 2013 and two U.S. patents (US 8,984,583 B2 and US 9,438,632 B2).