Security Challenges in Healthcare Cloud Computing: A Systematic Review

BACKGROUND: Healthcare data are very sensitive records that should not be made available to unauthorized people in order for protecting patient's information security. However, in progressed technologies as cloud computing which are vulnerable to cyber gaps that pose an adverse impact on the security and privacy of patients’ electronic health records and in these situations, security challenges of the wireless networks need to be carefully understood and considered. Recently, security concerns in cloud computing environment are a matter of challenge with rising importance.OBJECTIVE: In this study a systematic review to investigate the security challenges in cloud computing was carried out. We focused mainly on healthcare cloud computing security with an organized review of 210 full text articles published between 2000 and 2015.METHOD: A systematic literature review was conducted including PubMed, Science direct, Embase, ProQuest, Web of science, Cochrane, Emerald, and Scopus databases.FINDINGS: Using the strategies described, 666 references retrieved (for research question one 365, research question two 201, and research question three 100 references).IMPROVEMENTS: Review of articles showed that for ensuring healthcare data security, it is important to provide authentication, authorization and access control within cloud's virtualized network. Issues such as identity management and access control, Internet-based access, authentication and authorization and cybercriminals are major concerns in healthcare cloud computing. To manage these issues many involved events such as Hybrid Execution Model, VCC-SSF, sHype Hypervisor Security Architecture, Identity Management, and Resource Isolation approaches have to be defined for using cloud computing threat management processes.

Download Full-text

Improvement of Privacy and Security in Hybrid Cloud with Attribute Group Based Access Control

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit19518 ◽

2019 ◽

pp. 57-61

Author(s):

Kayalvili S ◽

Sowmitha V

Keyword(s):

Cloud Computing ◽

Access Control ◽

Data Storage ◽

Service Providers ◽

Cloud Service ◽

Security Requirements ◽

Security And Privacy ◽

Data Outsourcing ◽

Privacy And Security ◽

Control Approach

Cloud computing enables users to accumulate their sensitive data into cloud service providers to achieve scalable services on-demand. Outstanding security requirements arising from this means of data storage and management include data security and privacy. Attribute-based Encryption (ABE) is an efficient encryption system with fine-grained access control for encrypting out-sourced data in cloud computing. Since data outsourcing systems require flexible access control approach Problems arises when sharing confidential corporate data in cloud computing. User-Identity needs to be managed globally and access policies can be defined by several authorities. Data is dual encrypted for more security and to maintain De-Centralization in Multi-Authority environment.

Download Full-text

An Unified Secured Cloud System for the Education Sector of India

Social, Legal, and Ethical Implications of IoT, Cloud, and Edge Computing Technologies - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-3817-3.ch004 ◽

2020 ◽

pp. 69-102

Author(s):

Kimaya Arun Ambekar ◽

Kamatchi R.

Keyword(s):

Cloud Computing ◽

Network Security ◽

Access Control ◽

Identity Management ◽

Data Encryption ◽

Cloud Services ◽

Education Sector ◽

Cloud Environment ◽

The World ◽

Community Cloud

Cloud computing is based on years of research on various computing paradigms. It provides elasticity, which is useful in the situations of uneven ICT resources demands. As the world is moving towards digitalization, the education sector is expected to meet the pace. Acquiring and maintaining the ICT resources also necessitates a huge amount of cost. Education sector as a community can use cloud services on various levels. Though the cloud is very successfully running technology, it also shows some flaws in the area of security, privacy and trust. The research demonstrates a model in which major security areas are covered like authorization, authentication, identity management, access control, privacy, data encryption, and network security. The total idea revolves around the community cloud as university at the center and other associated colleges accessing the resources. This study uses OpenStack environment to create a complete cloud environment. The validation of the model is performed using some cases and some tools.

Download Full-text

Data Security and Privacy Assurance Considerations in Cloud Computing for Health Insurance Providers

International Journal of Monitoring and Surveillance Technologies Research ◽

10.4018/ijmstr.2017100101 ◽

2017 ◽

Vol 5 (4) ◽

pp. 1-22

Author(s):

Amavey Tamunobarafiri ◽

Shaun Aghili ◽

Sergey Butakov

Keyword(s):

Cloud Computing ◽

Health Insurance ◽

Data Security ◽

Assessment Tool ◽

Security And Privacy ◽

Data Breaches ◽

Healthcare Data ◽

The Us ◽

Health Insurance Providers ◽

Privacy Issues

Cloud computing has been massively adopted in healthcare, where it attracts economic, operational, and functional advantages beneficial to insurance providers. However, according to Identity Theft Resource Centre, over twenty-five percent of data breaches in the US targeted healthcare. The HIPAA Journal reported an increase in healthcare data breaches in the US in 2016, exposing over 16 million health records. The growing incidents of cyberattacks in healthcare are compelling insurance providers to implement mitigating controls. Addressing data security and privacy issues before cloud adoption protects from monetary and reputation losses. This article provides an assessment tool for health insurance providers when adopting cloud vendor solutions. The final deliverable is a proposed framework derived from prominent cloud computing and governance sources, such as the Cloud Security Alliance, Cloud Control Matrix (CSA, CCM) v 3.0.1 and COBIT 5 Cloud Assurance.

Download Full-text

Hybrid Secure Model for Securing Data in The Cloud Computing System by Combining RSA, AES and CP-ABE: نموذج هجين آمن لحماية البيانات في الحوسبة السحابية بدمج RSA وAES وCP-ABE

Journal of engineering sciences and information technology - مجلة العلوم الهندسية و تكنولوجيا المعلومات ◽

10.26389/ajsrp.z110521 ◽

2021 ◽

Vol 5 (4) ◽

pp. 80-59

Author(s):

Zakria Mahrousa, Mahmoud Rahhal, Nairouz Alzin Zakria Mahrousa, Mahmoud Rahhal, Nairouz Alzin

Keyword(s):

Health Care ◽

Cloud Computing ◽

Access Control ◽

Healthcare System ◽

Service Providers ◽

Security Requirements ◽

Security And Privacy ◽

Rsa Algorithm ◽

Aes Algorithm ◽

Cloud Computing System

The cloud healthcare system represents an important application for cloud computing, as it uses the cloud for the operations of storing patient medical data and sharing it between health care service providers and patients, making the security and privacy of e-health system data the main concern of researchers. This paper presents an integrated secure model for the healthcare system in cloud computing that achieves the security and confidentiality of data transferred through cloud computing, by combining the two algorithms AES and RSA with the access control algorithm CP-ABE in order to use the advantages of each of them, where the encryption process is done by a proposed algorithm which is based on the RSA algorithm, the XOR parameter, and the AES algorithm; the secrecy of the AES algorithm has been increased by generating a dynamic key, and the confidentiality of this key has been secured with two encryption levels, the first level using the CP-ABE algorithm and the second level using the RSA algorithm. The proposed model is characterized by meeting the requirements of access control, authentication, and verification for both the transmitter and the receiver, and the results of the application of this model proved its ability to meet the security requirements of the health care system in cloud computing with the lowest possible implementation time, as the execution times were at the transmitter's end (43.2, 43.83, 45.11, 48. 23, 50.77, 52.16, 57.95, 63.2, and 63.35)ms for variable file sizes (37, 50, 100, 150, 200, 256, 512, 1000, and 1024)KB, respectively. The results also showed its superiority in terms of security requirements in cloud computing and the necessary implementation times on studied reference models.

Download Full-text

Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health Data and Provide Risk Assessment for Mobile Apps

Journal of Healthcare Engineering ◽

10.1155/2020/5601068 ◽

2020 ◽

Vol 2020 ◽

pp. 1-14

Author(s):

Pedro Moura ◽

Paulo Fazendeiro ◽

Pedro R. M. Inácio ◽

Pedro Vieira-Marques ◽

Ana Ferreira

Keyword(s):

Risk Factors ◽

Risk Assessment ◽

Access Control ◽

Delphi Study ◽

Mobile Apps ◽

Real Life ◽

Health Data ◽

Security And Privacy ◽

Risk Level ◽

Healthcare Data

Background. Smartphones can tackle healthcare stakeholders’ diverse needs. Nonetheless, the risk of data disclosure/breach can be higher when using such devices, due to the lack of adequate security and the fact that a medical record has a significant higher financial value when compared with other records. Means to assess those risks are required for every mHealth application interaction, dependent and independent of its goals/content. Objective. To present a risk assessment feature integration into the SoTRAACE (Socio-Technical Risk-Adaptable Access Control) model, as well as the operationalization of the related mobile health decision policies. Methods. Since there is still a lack of a definition for health data security categorization, a Delphi study with security experts was performed for this purpose, to reflect the knowledge of security experts and to be closer to real-life situations and their associated risks. Results. The Delphi study allowed a consensus to be reached on eleven risk factors of information security related to mobile applications that can easily be adapted into the described SoTRAACE prototype. Within those risk factors, the most significant five, as assessed by the experts, and in descending order of risk level, are as follows: (1) security in the communication (e.g., used security protocols), (2) behavioural differences (e.g., different or outlier patterns of behaviour detected for a user), (3) type of wireless connection and respective encryption, (4) resource sensitivity, and (5) device threat level (e.g., known vulnerabilities associated to a device or its operating system). Conclusions. Building adaptable, risk-aware resilient access control models into the most generalized technology used nowadays (e.g., smartphones) is crucial to fulfil both the goals of users as well as security and privacy requirements for healthcare data.

Download Full-text

Identity and Access Management in the Cloud Computing Environments

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Developing Interoperable and Federated Cloud Architecture ◽

10.4018/978-1-5225-0153-4.ch003 ◽

2016 ◽

pp. 61-90 ◽

Cited By ~ 1

Author(s):

Manoj V. Thomas ◽

K. Chandrasekaran

Keyword(s):

Cloud Computing ◽

Identity Management ◽

Life Cycle Management ◽

Cloud Environment ◽

Access Management ◽

Access Control Models ◽

Important Research Topic ◽

Authentication And Authorization ◽

Computing Environments ◽

Federated Identity

Nowadays, the issue of identity and access management (IAM) has become an important research topic in cloud computing. In the distributed computing environments like cloud computing, effective authentication and authorization are essential to make sure that unauthorized users do not access the resources, thereby ensuring the confidentiality, integrity, and availability of information hosted in the cloud environment. In this chapter, the authors discuss the issue of identity and access management in cloud computing, analyzing the work carried out by others in the area. Also, various issues in the current IAM scenario in cloud computing, such as authentication, authorization, access control models, identity life cycle management, cloud identity-as-a-service, federated identity management and also, the identity and access management in the inter-cloud environment are discussed. The authors conclude this chapter discussing a few research issues in the area of identity and access management in the cloud and inter-cloud environments.

Download Full-text

Trusted Computing Strengthens Cloud Authentication

The Scientific World JOURNAL ◽

10.1155/2014/260187 ◽

2014 ◽

Vol 2014 ◽

pp. 1-17 ◽

Cited By ~ 11

Author(s):

Eghbal Ghazizadeh ◽

Mazdak Zamani ◽

Jamalul-lail Ab Manan ◽

Mojtaba Alizadeh

Keyword(s):

Identity Management ◽

Trusted Computing ◽

Security And Privacy ◽

Trusted Platform Module ◽

Single Sign On ◽

Proposed Model ◽

Security Challenges ◽

Trusted Platform ◽

Federated Identity ◽

New Generation

Cloud computing is a new generation of technology which is designed to provide the commercial necessities, solve the IT management issues, and run the appropriate applications. Another entry on the list of cloud functions which has been handled internally is Identity Access Management (IAM). Companies encounter IAM as security challenges while adopting more technologies became apparent. Trust Multi-tenancy and trusted computing based on a Trusted Platform Module (TPM) are great technologies for solving the trust and security concerns in the cloud identity environment. Single sign-on (SSO) and OpenID have been released to solve security and privacy problems for cloud identity. This paper proposes the use of trusted computing, Federated Identity Management, and OpenID Web SSO to solve identity theft in the cloud. Besides, this proposed model has been simulated in .Net environment. Security analyzing, simulation, and BLP confidential model are three ways to evaluate and analyze our proposed model.

Download Full-text

Improving Individual Acceptance of Health Clouds through Confidentiality Assurance

Applied Clinical Informatics ◽

10.4338/aci-2016-07-ra-0107 ◽

2016 ◽

Vol 07 (04) ◽

pp. 983-993 ◽

Cited By ~ 1

Author(s):

Benjamin Fabian ◽

Rüdiger Zarnekow ◽

Tatiana Ermakova

Keyword(s):

Cloud Computing ◽

Research Question ◽

Healthcare Delivery ◽

Medical Data ◽

Third Party ◽

Security And Privacy ◽

Privacy Concerns ◽

Delivery Performance ◽

Cloud Providers ◽

Health Cloud

SummaryBackground Cloud computing promises to essentially improve healthcare delivery performance. However, shifting sensitive medical records to third-party cloud providers could create an adoption hurdle because of security and privacy concerns.ObjectivesThis study examines the effect of confidentiality assurance in a cloud-computing environment on individuals’ willingness to accept the infrastructure for inter-organizational sharing of medical data.MethodsWe empirically investigate our research question by a survey with over 260 full responses. For the setting with a high confidentiality assurance, we base on a recent multi-cloud architecture which provides very high confidentiality assurance through a secret-sharing mechanism: Health information is cryptographically encoded and distributed in a way that no single and no small group of cloud providers is able to decode it.ResultsOur results indicate the importance of confidentiality assurance in individuals’ acceptance of health clouds for sensitive medical data. Specifically, this finding holds for a variety of practically relevant circumstances, i.e., in the absence and despite the presence of conventional offline alternatives and along with pseudonymization. On the other hand, we do not find support for the effect of confidentiality assurance in individuals’ acceptance of health clouds for non-sensitive medical data. These results could support the process of privacy engineering for health-cloud solutions.Citation: Ermakova T, Fabian B, Zarnekow R. Improving individual acceptance of health clouds through confidentiality assurance.

Download Full-text

A Novel Blockchain-Based Encryption Model to Protect Fog Nodes from Behaviors of Malicious Nodes

Electronics ◽

10.3390/electronics10243135 ◽

2021 ◽

Vol 10 (24) ◽

pp. 3135

Author(s):

Mohammed Alshehri ◽

Brajendra Panda ◽

Sultan Almakdi ◽

Abdulwahab Alazeb ◽

Hanan Halawani ◽

...

Keyword(s):

Cloud Computing ◽

Access Control ◽

Data Security ◽

Fog Computing ◽

Data Access ◽

End Users ◽

Security And Privacy ◽

Communication Overhead ◽

Data Access Control ◽

Time Latency

The world has experienced a huge advancement in computing technology. People prefer outsourcing their confidential data for storage and processing in cloud computing because of the auspicious services provided by cloud service providers. As promising as this paradigm is, it creates issues, including everything from data security to time latency with data computation and delivery to end-users. In response to these challenges, the fog computing paradigm was proposed as an extension of cloud computing to overcome the time latency and communication overhead and to bring computing and storage resources close to both the ground and the end-users. However, fog computing inherits the same security and privacy challenges encountered by traditional cloud computing. This paper proposed a fine-grained data access control approach by integrating the ciphertext policy attribute-based encryption (CP-ABE) algorithm and blockchain technology to secure end-users’ data security against rogue fog nodes in case a compromised fog node is ousted. In this approach, we proposed federations of fog nodes that share the same attributes, such as services and locations. The fog federation concept minimizes the time latency and communication overhead between fog nodes and cloud servers. Furthermore, the blockchain idea and the CP-ABE algorithm integration allow for fog nodes within the same fog federation to conduct a distributed authorization process. Besides that, to address time latency and communication overhead issues, we equip each fog node with an off-chain database to store the most frequently accessed data files for a particular time, as well as an on-chain access control policies table (on-chain files tracking table) that must be protected from tampering by rogue fog nodes. As a result, the blockchain plays a critical role here because it is tamper-proof by nature. We assess our approach’s efficiency and feasibility by conducting a simulation and analyzing its security and performance.

Download Full-text

Identifying the Emerging e-Health Technologies To Ubiquity 2.0 and Beyond

Ubiquitous Health and Medical Informatics ◽

10.4018/978-1-61520-777-0.ch001 ◽

2010 ◽

pp. 1-18

Author(s):

Sabah Mohammed ◽

Jinan Fiaidhi

Keyword(s):

Identity Management ◽

Single Point ◽

Healthcare Delivery ◽

Relevant Information ◽

Security And Privacy ◽

Great Promise ◽

Healthcare Organizations ◽

Web Technologies ◽

Security Challenges ◽

The Web

Achieving improvements and optimum healthcare delivery has become a bipartisan top priority for several governments and institutions. The ability to meet this goal depends on the exchange of information within and across healthcare communities. The real challenge for any healthcare initiative is at the application level, where patient data may be stored on hundreds of different clinical systems such as lab, radiology, or pharmacy systems, and various clinical applications such as electronic medical record (EHRs), that use different protocols and schemas. In an attempt to overcome these challenges, many organizations have used enterprise-oriented integration platforms to transform and translate information so that disparate systems could exchange information internally and externally. However, the development and ongoing maintenance of such healthcare systems has become extremely expensive due to the growing complexity of healthcare organizations as they acquire more systems to meet clinical and business needs. As a result, healthcare communities continue to face the same challenge: how to achieve a level of interoperability for accessing all relevant information about a patient from a single point, which is universally becoming the Web, as well as to ensure accuracy, security, and privacy of all the relevant data. This chapter provides a roadmap solution based on the emerging web technologies that hold great promise for addressing these challenges. The roadmap is termed as the “ubiquity 2.0 trend.” This chapter also highlights the security challenges and the emerging web-oriented identity management technologies to provide a single, common user credential that is trusted, secure, and widely supported across the Web and within the healthcare enterprises.

Download Full-text