Role Hierarchy based Access Control Android Blood Donate System

Download Full-Text PDF Cite this Publication

Text Only Version

Role Hierarchy based Access Control Android Blood Donate System

Ms. Prita Patil

Computer Engineering Department, Mumbai University, Vidyalankar Institute of Technology, Mumbai , India

Abstract There are several online blood bank databases available; however, none of them allow for direct interaction between the donor and the recipient. This is a considerable drawback, especially when blood is needed fast. A blood financial institution database is created by gathering information from several sources, including blood banks, the National Security Service, non-governmental organizations, and hospitals, as well as via an internet interface. The data gathered will be saved on a large server. The paper presents Role Hierarchy based Access Control Android Blood Donate System which is developed to allow users to search for nearby hospitals and blood banks. This initiative is being developed in collaboration with the hospital, the blood bank, and the patient/donor. We have ensured the security of authorized users by requiring new users to register and current users to login in line with their type of perspective. The use of the internet is required for this task. We're working on an app that will allow you to choose a local clinic in real time by tracking its location using GPS. In the event of a serious accident, we also supply an alert device; with this option, an ambulance will be dispatched to your area without delay. This technique drastically reduces the amount of time spent searching for required blood in blood banks and hospitals. As a result, our application provides the necessary data in less time, allowing for more rapid decision- making.

Keywords Blood Donate,Automation, ICT, Role based model


    There are numerous channels available on the internet for transporting data, data files, music, and video files, among other things. Being connected to the internet may grant access to specific routes. To put it another way, the internet is a network of networks. ICT refers to technology that enables people to access information via telecommunications, with a focus on communication technologies such as the internet, wireless networks, cell phones, and other forms of communication. It may be used to automate a wide range of daily tasks. Blood banking refers to a cache or bank of blood or blood components acquired as a result of blood donation and kept and preserved for future use in blood transfusions. Furthermore, the patients' blood type must be determined in order for them to be compatible with a blood transfusion. In some situations, the patient may be unable to acquire the necessary quantity of blood at the proper time due to a loss of interrelationship in the form of a networked data-base a number of blood banks, resulting in a lack of expertise of all blood donors' up-to-date records. Cellular and cell-based entire packages are increasingly becoming a part of our everyday life. With the mobile computer revolution, the industry received various fantastic features, and mobiles became smaller, faster, and better as the decade went. In the

    event of an emergency, this Android app tool was built to fast seek for blood in neighboring regions. This Android application enables clean blood access in real time and at the appropriate area. We need to create a network of blood banks from various hospitals that can help at any time during an emergency. The donor statistics are updated on a regular basis by this programmed, and the administrator has total access to the blood bank administration system. Personal information such as a donor's name, phone number, Aadhar Card number, and blood bank may be requested. In the event of an emergency blood requirement, you can use the software to swiftly search for blood banks or hospitals that match a pre-selected or connected blood institution and call them. The Donor and Blood Bank Application provides information on blood banks in your area. A high number of blood donors have been solicited through the usage of an Android utility. Because almost everyone owns a cell phone, it enables real- time location surveillance and communication. Only those who have registered and are willing to donate blood will be admitted to the programmed. In this utility, we're using GPS technology to figure out how to get to the blood bank. The user will be directed to the desired region without having to inquire manually, perhaps saving time. We discussed the importance of automation and access control models, as well as the role of ICT in automation, in section II. In part III, the proposed system is discussed. Implementation and analysis are covered in Section IV. The simulation findings are presented in part V, and the recommended work is concluded in section VI.


    1. Automation

      Automation [1] is the substitution of computer procedures and other machinery for manual operations. Automation is necessary to boost productivity, reduce production time, increase manufacturing flexibility, reduce costs, remove human mistake, reduce labor shortage, do jobs that are beyond human capabilities in terms of size, weight, speed, endurance, and so on.

      A Library Automation System implemented in the University of Toronto Library in 1963-1972[1] and the University of Illinois at Urbana-Chamnpaign1965-2000[2], an Automated System for Educational Assessment developed in Nigeria, an e-Learning System [3], an Automated Project Grading System, and an Instant Feedback System [4] are well-known examples of Automated Systems that have achieved automation in their manual processes and improved their overall performance. By turning a paper-based system into a paperless system, automation is achieved [5]. The

      Single Copy Model and Form Oriented Model [5] are two prevalent models used in paperless systems.

    2. Access Control Methods

      Because automation offers numerous benefits, we must protect data privacy and confidentiality. An Access Control mechanism is a strong security policy that provides a verifiable approach to safeguard data from unauthorized access. Access Control Models are commonly classified into four types [6]: I Mandatory Access Control (MAC), ii) Discretionary Access Control (DAC), iii) Role-Based Access Control (RBAC), and iv) Domain Type Enforcement (DTE). We discovered that the Role Based Access Control Model (RBAC) is appropriate for the proposed system after comparing access control models.

      The many RBAC implementations are explored, as the BASE Model for RBAC [7] emphasizes on the function of the user and assigning access control to the users. Role Hierarchies in RBAC [7] on the implementation of user hierarchy and access control assignment based on senior and subordinate roles. The RBAC Constraint-based Model [7] focuses on enforcing constraints on roles and user sessions to provide access control. The RBAC Management Model [7] assists the administrative person of the organization in controlling and assigning access privileges. An enterprise describes the collection of rules that are triggered to automatically assign access control to user roles in Induced Role Hierarchies with Attribute-Based Model in RBAC [8]. Administration of a Hybrid Role Hierarchy in RBAC [9] manages Hybrid Role administration in the organization by decomposing the hybrid role hierarchy or using an inference rule. Contextual RBAC Authorization Model deployed effectively in Electronic Patient Record (EPR) [10]. The incorporation of rules based on contextual information increases the flexibility and expressive capacity of EPR access policy formulation utilizing RBAC authorizatios. The proposed study on Workflow Access Control from Role Engineering to Task Engineering focuses on a Constraint Satisfaction Problem (CSP) based technique to achieving task engineering in the System's Workflow access[11]. Also discussed the significance of Task Engineering in conjunction with Role Engineering.

    3. Information Communication Technology

      ICT refers to technology that give information access via telecommunications. It is comparable to information technology (IT), but it primarily focuses on communication technologies. The Internet, wireless networks, cell phones, and other forms of communication are all included. Information and communication technology have presented society with a plethora of new communication capabilities during the last few decades.

      Currently, the general public may only learn about blood donation events through traditional media means such as radio, newspapers, and television advertising. There is no information about blood donation programmes or databases of various blood banks on any of the portals. In the manual system, there are challenges in dealing with donor records. Donor information may not be stored accurately, and donor facts may be lost as a result of human error or natural disasters. Furthermore, blood is required on an urgent basis

      during an emergency, and the individual must know which neighboring blood bank has the required blood type so that that specific blood bank can be contacted for the blood needs. There is no unified database for blood banks. As a result, searching for blood in an emergency takes a long time. The only other option is to search for and match donors manually, followed by phone calls to each blood bank. There is also no centralized database to keep track of the details of the donors. Each financial institution has its own set of donor information. No prior information can be identified if a donor makes a donation at a different facility. It is also difficult to maintain track of the actual quantity of each blood type within the blood bank without an automated management system.

      We are aware that we require a system to discover the nearest blood bank to our search location or present position, as well as to keep track of blood donors, blood groups, blood banks, and available stock. Also, to provide an interface for communication between blood banks and donors in order to handle emergency situations, reducing manual work for monitoring blood donors, blood banks, blood groups, and so on, as well as to take online payments from users for blood donations.


    Blood Donate, the proposed system, will be an android-based application system that blood banks or blood centers can use to allow the public to make online reservations and requests for blood. The system keeps track of all donors, recipients, and blood banks. This system can also maintain track of both the donor's contribution information and the blood stock in the blood bank. Due to the increasing length of data facts, this project seeks to computerized the blood and do-nor control device in a blood bank in order to boost document control efficiency.

      • Login: The system provides security functions through username-password matching, allowing only the most authorized legal person to access the system.

      • Donor Profile Registration: This allows the general public to sign up to be a volunteer donor.

      • Retrieval of Nearby Blood Banks: The user can search for nearby blood banks and simply retrieve information on blood banks that are close to him/her, which will be shown using Google Maps.

      • Blood Stock Management: Using this method, blood bank employees can manipulate the blood inventory beginning with blood collection, blood screening, processing, storage transference, and transfusion. The database can be used to trace each procedure or work-flow. The system will also notify employees if the blood quantity falls below the par level or if the blood in the stock has expired.

      • Donor/Recipient Management: All donor/recipient information and records are handled in one centralized database, reducing duplicate facts in the database. The system keeps a record of all donations.

      • Reporting: The system may generate pre-defined reports such as a list of donors, recipients, and

    personnel, as well as the blood quantity in the bank and charts.


    The proposed model is implemented on three tier architectures in which the client interface is simply a web browser , XAMPP is configured as a web server, PHP is used as scripting language, MySQL Database connectivity and Android Studio for user interface.

    Profile Building:

    When the user launches the application, he or she is taken to a home screen where they can enter their login credentials. If the user is new to the application, he must first register in the database and create an account in the system. He does not need to re-enter his credentials once he has logged into the system in order to use the software. The most important point to remember here is that if there is an emergency and the user needs information about the nearest blood banks so that he can get blood for a patient, he does not need to spend time creating an account and logging into the system because time is of the essence in such situations. Here, the user can simply click on the Blood Stock or Nearby Blood Banks option displayed on the Home Screen, which will take him to a screen where he only needs to supply the right blood group and the district in which he is now located, or wherever the blood is needed. After he enters this information, the database provides real-time updates on the amount of blood stock available at different blood banks in his geographic area. The user is provided with information such as the blood bank's name, complete address, the amount of blood stock available at the blood bank, and the contact number. This, in turn, accelerates the process and provides the user with the essential information in a reasonably short period of time. When the user picks the Nearby Blood Banks option, he is directed to a Google Maps screen that shows the exact location of the blood banks in his area. This section makes use of the Google Maps API, which allows the program me to pinpoint the user's exact location using GPS tracking and subsequently pinpoint the location of neighboring blood banks.

    User dashboard:

    When a user logs into the system, he is given access to the dashboard. In this section, the visitor can browse numerous requests for blood made by other people. Any user can make a blood request here to acquire blood in an emergency. The donor can contact the individual in need of blood and donate blood to a specific blood bank so that the individual can receive the blood he asked.

    Backend Interface:

    This is the system's management interface, where all user information is maintained in an online Firebase Database. The administrator can create reports on the various requests submitted by all system users, as well as a spreadsheet listing all successful donations and blood requests. All of the users' information, including blood types, phone numbers, and email addresses, will be stored in the database. Report creation is essential since it will notify the administrator of where the application needs to be updated so

    that users can have a better experience with a simpler interface.

    User achievements:

    This section of the application displays the user's history of previous blood requests, as well as all necessary details. When another user requests it, it also offers details on the blood he gave at any given blood bank.


    Fig. 1. Home Screen of the application.

    Fig. 2. Blood Search

    Fig. 3. List of Blood Banks as per the blood search

    Fig.4. Nearest Blood Banks

    Fig. 5 User Profile GUI


The proposed concept is easier to operate than the present blood bank system. Because there is no centralized database for all blood banks, as well as suitable positioning and information about the specific blood bank, if a person needs blood in an emergency, he must manually contact blood banks near him to find out whether the precise blood he needs is available or not. The donors profile are all included in our interface. It also includes the blood type, which is maintained in the application databases of numerous blood banks. A new entry is created when a user enters fresh information into the database. This displays the amount of blood donated/received by the user after calling the blood bank. As a result of this research, current blood banks may be used more frequently, and the transition from a traditional framework to a more convenient and user-friendly framework may be aided.


  1. Ritvars Bregzis,Calvin Gotlieb,Carole Moore , The Beginning of Automation in the University of Toronto Library,19631972, in IEEE Annals of the History of Computing, AprilJune 2002.

  2. Prof. Godswill Obioma , Prof. Ismail Junaidu , Dr. Grace Ajagun , The Automation of Educational Assessment in Nigeria: Challenges and Implications for Pre-service Teacher Education, 39th Annual Conference of the International Association for Educational Assessment (IAEA) held at the Dan Panorama Hotel, Tel-Aviv, Isreal October 20th 25th, 2013

  3. M. Jou,J.K. Shiau and H.W. Zhang, Application of Web Technologies in Automation Technology Education, International Journal of Computers and Applications, Vol. 31, No. 4, 2009

  4. Xiang Fu, Boris Peltsverger, Kai Qian, Lixin Tao, Jigang Liu, APOGEE Automated Project Grading and Instant Feedback System for Web Based Computing,Computer Science and Information

    Technology, 2nd IEEE International Conference 2009.

  5. Gerald Weber, Defining the Paperless Workplace with the Paper Metaphor -Not a Contradiction in Terms, Conference: Proceedings of the Fourth Australasian Workshop on Health Informatics and Knowledge Management – Volume 120

  6. Ryan AusankaCrues, Methods for Access Control:Advances and Limitations, Ryan Ausanka-Crues Harvey Mudd College 301 Platt Blvd Claremont, California ,2001.

  7. Ravi S. Sandhu{, Edward J. Coynek, Hal L. Feinsteink and Charles E. Youman, Role-Based Access Control Models, IEEE Computer, Volume 29, Number 2, February 1996, pages 38-47.

  8. Mohammad A. Al-Kahtani, Ravi Sandhu, Induced Role Hierarchies

    with Attribute-Based RBAC, SACMAT03, JUNE 1-4, 2003, COMO,

    ITALY COPYRIGHT 2003 ACM 1-58113-681-1/03/0006

  9. Suroop Mohan Chandran, Suroop Mohan Chandran, Towards Administration of a Hybrid Role Hierarchy, IEEE 0-7803-9093- 8/05/$20.00 ©2005.

  10. Gustavo H.M.B Motta and Sergio S.Furuie,A Contextual Role-Based Access Control Authorization Model for Electronic Patient Record,IEEE TRANSACTIONS OF INFORMATION TECHNOLOGY IN BIOMEDICINE VOL..7,NO3, SEPTEMBER 2003.

  11. Hamid Hatim, Hanan El Bakkali, Ilham Berrada, Workflow Access Control: From Role Engineering to Task Engineering, Internation Journal Internet Technology and Secured Transactions Vol 4, no.1, 2012

  12. Reinhardt A. Botha, Jan H.P. Eloff, Designing Role Hierarchies for Access Control in Workflow Systems, IEEE 0-7695-1372-7101

    $10.00 2001.

  13. Prita Patil , Kavita Shirsat An Integrated Automated Paperless Academic Module for Education Institutes, International Journal of Engineering Science Invention Research & Development; Vol. I Issue IX March 2015

  14. G.H.M.B. Motta; S.S. FuruieA contextual role-based access control authorization model for electronic patient record, IEEE Transactions on Information Technology in Biomedicine , Volume: 7, Issue: 3, Sept. 2003

  15. R.A. Botha; J.H.P. Eloff, Designing role hierarchies for access control in workflow systems 25th Annual International Computer Software and Applications Conference. COMPSAC 2001

  16. S. Thanuskodi (Alagappa University, India), ICT Skills among Library Professionals: A Case Study of Universities in Tamilnadu, India, Handbook of Research on Inventive Digital Tools for Collection Management and Development in Modern Libraries-2015

  17. Hezam Akram Abdulghani,OrcID,Niels Alexander Nijdam,A Study on Security and Privacy Guidelines, Countermeasures, Threats: IoT Data at Rest Perspective,

  18. Zia Ullah,A Solution to the Optimal Power Flow Problem Considering WT and PV Generation,IEEE-2019, DOI: 10.1109/ACCESS.2019.2909561

  19. Arun Kumar,Neeran KArnik, Context sensitivity in role-based access control,ACM Journal,July 2002,Issue -3,pp-53

  20. Saurin Parikh, Preeti Kathiria A Geo-Location based Mobile Service for Blood Donation during Medical Emergencies International Journal of Computer Applications (0975 8887) Volume 88 No.3,

    February 2014

  21. Tushar Pandit, A.S. Shinde ,A Survey Paper on E-Blood Bank and an Idea to use on Smartphone Volume 113 No. 6, March 2015

  22. T.Hilda Jenipha, R.Backiyalakshmi ,Android Blood Donor Life Saving Application in Cloud Computing , Computer Science Biometrics and Bioinformatics ,Volume-03, Issue-02, pp-105-108, 2014

  23. P. Priya, V. Saranya, S. Shabana, Kavitha Subramani The Optimization of Blood Donor Information and Management System by Technopedia International Journal of Innovative Research in Science, Engineering and Technology ,Volume 3, Special Issue 1, and February 2014

  24. Neetu Mittal,Karan Snotra, Blood bank information system using Androidapplication, 2017 Recent Developments in Control, Automation & Power Engineering (RDCAPE)

Leave a Reply

Your email address will not be published. Required fields are marked *