Encryption as a Service (EaaS) as a Solution for Cryptography in Cloud

AbstractIn recent years, there has been a vast interest in optimal usage of computing resources so that massive data can be processed with minimal cost. The need to use a pool of shared resources in a wide area network that provide elasticity, high capacity of computation and ability to store information on location-independent storages have led to the advent of cloud-computing. However, the global nature of cloud brings about some challenges in security domain when physical control over our information in cloud is impossible. Thus, encrypting critical data becomes essential, and strongly advisable. The server-side encryption in an untrustworthy environment like public cloud is too risky. On the other hand, client-side encryption can undermine the benefits of cloud since it is a time-consuming task for encryption and decryption. To address this issue, we developed a private cloud as an intermediary. In this paper, based on XaaS concept, we design an Encryption as a Service in order to get rid of the security risks of cloud provider's encryption and the inefficiency of client-side encryption

Integrated, reliable and cloud-based personal health record: a scoping review.

Personal Health Records (PHR) emerge as an alternative to integrate patient’s health information to give a global view of patients' status. However, integration is not a trivial feature when dealing with a variety electronic health systems from healthcare centers. Access to PHR sensitive information must comply with privacy policies defined by the patient. Architecture PHR design should be in accordance to these, and take advantage of nowadays technology. Cloud computing is a current technology that provides scalability, ubiquity, and elasticity features. This paper presents a scoping review related to PHR systems that achieve three characteristics: integrated, reliable and cloud-based. We found 101 articles that addressed thosecharacteristics. We identified four main research topics: proposal/developed systems, PHR recommendations for development, system integration and standards, and security and privacy. Integration is tackled with HL7 CDA standard. Information reliability is based in ABE security-privacy mechanism. Cloud-based technology access is achieved via SOA.CONACYT - Consejo Nacional de Ciencia y TecnologíaPROCIENCI