Novel Data Protection Model in Healthcare Cloud

Deploying state-of-the-art technologies is vital and inevitable in healthcare industry to cope with emerging services such as healthcare resource sharing and integration, collaborative consultation, and electronic health record. Cloud computing allows simple and easy user access, coping with users´ dynamic and elastic demands, providing metered usage for its resources and hence is increasingly being adopted by individual users as well as enterprise users. The Cloud is being considered as appropriate technology for future healthcare infrastructure. However, in order to use of Cloud services effectively, users´ data and/or resource have to be transferred to the cloud side and this inevitably raises several serious issues concerning losing control of users´ resource, data privacy protection, data ownership and security. This paper addresses security and privacy challenges in healthcare cloud by deploying a novel framework with CPRBAC (Cloud-based Privacy-aware Role Based Access Control) model for controllability, traceability of data and authorized access to system resources. Furthermore, the work seeks to develop a unique active auditing service that is capable of tracing, tracking, and triggering an alarm on any operation, data or policy violations in the Cloud environment.