AN ADAPTIVE ROLE-BASED ACCESS CONTROL APPROACH FOR CLOUD E-HEALTH SYSTEMS

Securing and protecting electronic medical records (EMR) stored in a cloud is one of the most critical issues in e-health systems. Many approaches with different security objectives have been developed to adapt this important issue.This paper proposes a new approach for securing and protecting electronic health records against unauthenticated access with allowing different hospitals, health centres and pharmacies access the system, by implementing role-based access control approach that could be applied smoothly in cloud e-health systems

Towards A Well-Secured Electronic Health Record in the Health Cloud

The major concerns for most cloud implementers particularly in the health care industry have remained data security and privacy. A prominent and major threat that constitutes a hurdle for practitioners within the health industry from exploiting and benefiting from the gains of cloud computing is the fear of theft of patients health data in the cloud. Investigations and surveys have revealed that most practitioners in the health care industry are concerned about the risk of health data mix-up amongst the various cloud providers, hacking to comprise the cloud platform and theft of vital patients’ health data.An overview of the diverse issues relating to health data privacy and overall security in the cloud are presented in this technical report. Based on identifed secure access requirements, an encryption-based eHR security model for securing and enforcing authorised access to electronic health data (records), eHR is also presented. It highlights three core functionalities for managing issues relating to health data privacy and security of eHR in health care cloud

Managing Access to Electronic Health Records in a Cloud Computing Environment

Access control methods are relevant in securing EHR from unauthorised users and access. It is therefore important that proper access control mechanisms are put in place in order to safeguard the privacy and confidentiality of health records. This paper provides a review of the benefits and limitations of individual access control mechanisms. It also indicate the challenges and advantages associated with the use of the individual access control methods vis-a-vis combined access control methods for accessing electronic health records (EHR) in a cloud computing environment. This review concludes that the use of one access control is not sufficient to fully secure EHR in a cloud computing environment. A combined access control methods has the potential to offer strong security to EHR in the cloud setting. Maximising the benefits of the various access controls is essential for enhancing the security of EHR in a cloud computing environment

Evaluation of Attribute-Based Access Control (ABAC) for EHR in Fog Computing Environment

Fog computing - a connection of billions of devices nearest to the network edge- was recently proposed to support latency-sensitive and real time applications. Electronic Medical Record (EMR) systems are latency-sensitive in nature therefore fog computing considered as appropriate choice for it. This paper proposes a fog environment for E-health system that contains highly confidential information of patients Electronic Health Records (EHR). The proposed E-health system has two main goals: (1) Manage and share EHRs between multiple fog nodes and the cloud,(2) Secure access into EHR on Fog computing without effecting the performance of fog nodes. This system will serve different users based on their attributes and thus providing Attribute Based Access Control ABAC into the EHR in fog to prevent unauthorized access. We focus on reducing the storing and processes in fog nodes to support low capabilities of storage and computing of fog nodes and improve its performance. There are three major contributions in this paper first; a simulator of an E-health system is implemented using both iFogSim and our iFogSimEhealthSystem simulator. Second, the ABAC was applied at the fog to secure the access to patients EHR. Third, the performance of the proposed securing access in E-health system in fog computing was evaluated. The results showed that the performance of fog computing in the secure E-health system is higher than the performance of cloud computing

A systematic literature review of cloud computing in eHealth

Cloud computing in eHealth is an emerging area for only few years. There needs to identify the state of the art and pinpoint challenges and possible directions for researchers and applications developers. Based on this need, we have conducted a systematic review of cloud computing in eHealth. We searched ACM Digital Library, IEEE Xplore, Inspec, ISI Web of Science and Springer as well as relevant open-access journals for relevant articles. A total of 237 studies were first searched, of which 44 papers met the Include Criteria. The studies identified three types of studied areas about cloud computing in eHealth, namely (1) cloud-based eHealth framework design (n=13); (2) applications of cloud computing (n=17); and (3) security or privacy control mechanisms of healthcare data in the cloud (n=14). Most of the studies in the review were about designs and concept-proof. Only very few studies have evaluated their research in the real world, which may indicate that the application of cloud computing in eHealth is still very immature. However, our presented review could pinpoint that a hybrid cloud platform with mixed access control and security protection mechanisms will be a main research area for developing citizen centred home-based healthcare applications