Towards Scalable, Fine-Grained, Intrusion-Tolerant Data Protection Models for Healthcare Cloud

The Institute of Electrical and Electronics Engineers, Inc.
Publication Type:
Conference Proceeding
2011 IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2011, pp. 126 - 133
Issue Date:
Full metadata record
Files in This Item:
Filename Description SizeFormat
2010007041OK.pdf2.41 MBAdobe PDF
Despite cloud computing has been widely adopted by most industries, the healthcare industry still reveals a slow development in cloud-based solution due to the raising of user fear that their confidential health data or privacy would leak out in the cloud. To allay users' concern of data control, data ownership, security and privacy, we propose a robust data protection framework which is surrounded by a chain of protection schemes from access control, monitoring, to active auditing. The framework includes three key components which are Cloud-based Privacy-aware Role Based Access Control (CPRBAC) model, Triggerable Data File Structure (TDFS), and Active Auditing Scheme (AAS respectively. Our schemes address controllability, trace ability of data and authorize access to healthcare system resource. Data violation against access control policies can be proactively triggered to perform corresponding defense mechanisms. Our goal is to bring benefits of cloud computing to healthcare industries to assist them improve quality of service and reduce the cost of overall healthcare.
Please use this identifier to cite or link to this item: