Electronic Health Record (EHR) and Cloud Security

Question: Describe about the Electronic Health Record (EHR) and Cloud Security? Answer: Introduction: Cloud computing is a concept of having facility to share resources to achieve economics of scales and coherence, which is similar to have a nice utilization of network resources. Foundation of cloud computing is the combined concept of shared devices and converged infrastructure. With the help of the cloud, not only the resources are shared among several users, but also as per the availability of the resources users are reallocated dynamically. For example, the facility of having cloud computing enhance the usage of the computing power while on the other hand it helps to reduce the environmental damage with minimum usage of rack space, minimizing air conditioning facility used for system cooling and less power consumption. With cloud computing a single server can be accessed by several users to insert or update data without purchasing license for different application or services provided by cloud. There are 3 platform in the cloud based service, such as- IaaS platform provides users in terms of virtual resources which are able to satisfy the requirement of cup, operating system, storage and memory. Through service level agreement between the service provider and customer, QoS parameters are established. PaaS Platform provides tools designed on cloud based application to provide the services of deploying, collaborating, testing, hosting and maintaining application. SaaS is software model, where providers deliver its software product as services to the customers, based on customer demand. Using traditional SaaS model, software resides there in data center, where the service providers maintains data, related hardware and also the servers. With the coming years, there is the prediction on having more available application on the cloud computing, which will open the door by making technology more accessible than the previous year. Hence better decision taking is possible on stock market or in the patient health care system. Hybrid cloud computing is expected to become more efficient in the context of business in near future. As the incorporation of cloud in business will optimize the business processes by enhancing the application and infrastructure. Background: The word cloud was used as a metaphor as standardized cloud-like shape to denote a network on telephony schematics and in the later period of time it is denoted by the internet in computer network diagrams. In the 1950s the concept of Cloud was introduced where large-scale main frame computers were in picture on the aspect of computing (Kshetri, 2013). This was available for the academic institutions and corporations, where it was accessible through terminal computers, which was often referred as dumb terminal. In 1990s those telecommunication companies who were used to offer dedicated data circuits for point-to-point connection began to offer VPN (Virtual Private Network) with quality service with a low cost. With a balanced use of server the telecommunication companies became able to use the overall network bandwidth effectively (Achampong, 2014). Anyone with a good internet communication and standard web browser can access cloud now a day to share their resources. From its conventional counterpart, there are five key features of cloud computing (Marks and Lozano, 2010): Service-based Shared Scalable Metered by usage Applications of Cloud computing incorporate the under mentioned service models: Infrastructure as a Service: This solution provides users in terms of virtual resources which are able to satisfy the requirement of cup, operating system, storage and memory. Through service level agreement between the service provider and customer, QoS parameters are established. The end users are authorized to have total control over the virtually implemented computer resources. Unlike the purchasing method of physical servers, there are charges are required on IaaS on utility basis depending upon the resource consumption. A well known example in IaaS space is Amazon. Platform as a service: PaaS provides tools designed on cloud based application to provide the services of deploying, collaborating, testing, hosting and maintaining application. It hides hardware complexities and manages the underlying hardware. This service provides the facilities to efficiently complete the lifecycle of making and deploying the web application and its services totally from the internet. With help of the PaaS User can make its new services or application in the cloud. That in turn does not need to run being dependent on the specific platform. Google AppEngine is the well known PaaS Solution(Rountree and Castrillo, 2013). Software as a service: SaaS is software model, where providers deliver its software product as services to the customers, based on customer demand. Using traditional SaaS model, software resides there in data center, where the service providers maintains data, related hardware and also the servers. The customers or the end users access the application remotely with the help of web browser. The SaaS model is designed mainly for multi-client delivery model, here one application is shared by across many clients. This platform gives the opportunity to customize the system as per the needs of different customer. For example, Salesforce.com is a SaaS platform which provides project management services along with Customer Relationship Management. Google Apps provides cloud hosted desktop application which replaces the traditional desktop based on Microsoft Office software. In this document cloud computing security issues are put into concern. The business organization who are willing to incorporate cloud computing to bring the revolution to their business are needed to evaluate the benefits and associated challenges and risk adoption of cloud can bring. Moving the whole conventional physical storage system to virtual cloud system needs evaluation of specific cloud security and data security issues (Kant Hiran, Doshi and Rathi, 2014). Challenges in terms of data security on cloud: With some published researches there are ten security challenges are found when someone think about incorporating Cloud to their business framework. As the business owner loses the control over physical security of data. This is the scenario, where one company is sharing its data with other companies. As the company, sharing data, outside the enterprise, they do not even know up to where the data is reachable. Exposing data to the other companies gives government and other parties a reasonable cause to grab the information (Ahmed and Ashraf Hossain, 2014). Protection mechanism: Information can be encrypted while it is passing through the cloud where the sender and receiver of the information will control the decryption/encryption keys as well. Most of the customers want their data secure with the use of SSL connection (Nwobodo, 2015). Secure transaction logs and data storage: Data transaction logs are stored in the Multi-tiered storage media. Though manual way of moving data gives actual record of when data has been moved and what are the data in concern to be moved. However, with the growing amount of data, it is required to have the facility of Auto-tiering for big data storage management. In this scenario, Auto-tiering mechanism does not keep track of data storage location, which in turn poses new challenges in terms of data security. Real-time security: It always has been a challenge when security is concerned in terms of Real-time security monitoring. When there is alert from those security devices which prompts user to be notified, this kind of notification are generally ignored or clicked away (Hurwitz, 2009). Secure computations in the framework of distributed programming: Distributed programming utilizes the concept of parallel computing and storage to process a lump of data. In this scenario MapReduce framework such as Hadoop is used to split the big amount of data into small chunks. Hence it is required to secure data during the presence of untrusted mappers and also providing security to legitimate mappers (Samani, Reavis and Honan, 2015). Enforcing secure communication and access control with the use of cryptography: to ensure privacy to the most sensitive data it is needed to encrypt the data based on access control policies. To ensure agreement, authentication and fairness among the distributed entities, it is needed to implement secure communication framework (Shahzad and Hussain, 2013). Granular access control: This granular access control property matters from the perspective of preventing the access of data from the unethical user (Furht and Escalante, 2010). Granular audit: In order to get the missed or unchecked information on attacks, it is needed to audit information which is prompted by real time security monitoring. It is not only needed for the checking of mistakes done by us, but it helps in forensics reason. End point input filtering: When lot of data is gathered from many sources (end-point devices), it is required to impose the input data validation constraints (Shi, Li and Zhou, 2013). In order to be sure about whether the input data is containing malicious content and in this scenario security challenges bother a lot in the context of BOYD model, where the information have to take in personal devices or need to give data from the personal devices (Alashoor, 2014). Future trends: With the growing technological trend, it is a big concern to store data in an efficient manner, the facility of having cloud computing enhance the usage of the computing power while on the other hand it helps to reduce the environmental damage with minimum usage of rack space, minimizing air conditioning facility used for system cooling and less power consumption (Vishwakarma, 2012). With the coming years, there is the prediction on having more available application on the cloud computing, which will open the door by making technology more accessible than the previous year (Asadullah and K. Choudhary, 2014). Proactive Application Monitoring: This Proactive Application Monitoring technology is currently unavailable but the predictive technology will make this software robust and accurate soon. Hence companies will be able to forecast disaster and take necessary steps (Wilshusen, 2010). Becoming more robust: Cloud computing is on the way to become more about fit and function than plug surrounding the new technologies (Dahbur, Mohammad and Tarakji, 2011). Ability to validate identities in terms of trust: In future the security system of cloud will be capable to validate the identities through centralized trust. Centralized data: the trend of making data centralized will allow companies to create and maintain a huge database. Hence better decision taking is possible on stock market or in the patient health care system (Evwiekpaefe and Ajakaiye, 2013). More capacity: Mobile devices that rely on cloud will become thinner and more powerful because all the application in future will be web based. All mobile devices will take back up of their data in cloud (Buyya, Broberg and Gos cin ski, 2011). Increased efficiency: Hybrid cloud computing is expected to become more efficient in the context of business in near future. As the incorporation of cloud in business will optimize the business processes by enhancing the application and infrastructure. Low-power processors: in large data centers, it is expected to lower the operational cost by low power processor. In Future it is expected that the advanced data centers will be capable of manipulate complex algorithms with increased speed, with the incorporation of low-cost hardware (Chandrasekhar, Mathew and Devi, 2013). Conclusion: With the help of the cloud, not only the resources are shared among several users, but also as per the availability of the resources users are reallocated dynamically. For example, the facility of having the facility of cloud computing enhance the usage of the computing power while on the other hand it helps to reduce the environmental damage with minimum usage of rack space, minimizing air conditioning facility used for system cooling and less power consumption. With cloud computing a single server can be accessed by several users to insert or update data without purchasing license for different application or services provided by cloud. . With the coming years, there is the prediction on having more available application on the cloud computing, which will open the door by making technology more accessible than the previous year. In future Cloud computing is on the way to become more about fit and function than plug surrounding the new technologies. Proactive Application Monitoring technology is currently unavailable but the predictive technology will make this software robust and accurate soon. Hence companies will be able to forecast disaster and take necessary steps. The trend of making data centralized will allow companies to create and maintain a huge database. Hence better decision taking is possible on stock market or in the patient health care system. Hybrid cloud computing is expected to become more efficient in the context of business in near future. As the incorporation of cloud in business will optimize the business processes by enhancing the application and infrastructure. References: Achampong, E. (2014). Electronic Health Record (EHR) and Cloud Security: The Current Issues. IJ-CLOSER, 2(6). Ahmed, M. and Ashraf Hossain, M. (2014). Cloud Computing and Security Issues in the Cloud. International Journal of Network Security Its Applications, 6(1), pp.25-36. Alashoor, T. (2014). Cloud computing: a review of security issues and solutions. IJCC, 3(3), p.228. Asadullah, M. and K. Choudhary, R. (2014). Data Outsourcing Security Issues and Introduction of DOSaaS in Cloud Computing. International Journal of Computer Applications, 85(18), pp.40-45. Buyya, R., Broberg, J. and Gos cin ski, A. (2011). Cloud computing. Hoboken, N.J.: Wiley. Chandrasekhar, B., Mathew, D. and Devi, K. (2013). A Flexible Interface for Security Issues in Cloud Computing. IJMLC, pp.7-9. Dahbur, K., Mohammad, B. and Tarakji, A. (2011). Security Issues in Cloud Computing. International Journal of Cloud Applications and Computing, 1(3), pp.1-11. Evwiekpaefe, A. and Ajakaiye, F. (2013). The Trend and Challenges of Cloud Computing: A Literature Review. Academic Journal of Interdisciplinary Studies. Furht, B. and Escalante, A. (2010). Handbook of cloud computing. New York: Springer. Hurwitz, J. (2009). Cloud computing for dummies. Hoboken, NJ: Wiley Pub. Kant Hiran, K., Doshi, R. and Rathi, R. (2014). Security Privacy issues of Cloud Grid Computing Networks. International Journal on Computational Science Applications, 4(1), pp.83-91. Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Telecommunications Policy, 37(4-5), pp.372-386. Marks, E. and Lozano, B. (2010). Executive's guide to cloud computing. Hoboken, N.J.: Wiley. Nwobodo, I. (2015). Cloud Computing: A Detailed Relationship to Grid and Cluster Computing. IJFCC, 4(2), pp.82-87. Rountree, D. and Castrillo, I. (2013). The basics of cloud computing. Burlington: Elsevier Science. Samani, R., Reavis, J. and Honan, B. (2015). CSA Guide to Cloud Computing. Waltham: Syngress. Shahzad, A. and Hussain, M. (2013). Security Issues and Challenges of Mobile Cloud Computing. International Journal of Grid and Distributed Computing, 6(6), pp.37-50. Shi, J., Li, H. and Zhou, L. (2013). The technical security issues in cloud computing. International Journal of Information and Communication Technology, 5(3/4), p.272. Vishwakarma, A. (2012). Cloud Computing: Future Generation Computing Systemsas the 5th Utility. IJIEE. Wilshusen, G. (2010). Information security. [Washington, D.C.]: U.S. Govt. Accountability Office.