Enabling location-based policies in a healthcare cloud computing environment

In a multi-stakeholder cloud computing environment, data access control is of essential importance. Nowadays, it is usually handled in and deployed by every single cloud service on its own which makes the configuration of fine-grained access privileges cumbersome and economically expensive. In this paper, we introduce a novel cloud ecosystem architecture featuring an overall lightweight data access control model. This model is enabling data access policies based on location information of service consumer devices. We apply our architecture in the sensitive healthcare domain, which itself comprises multiple parties with complex data access privileges. Here, we define high-level requirements driven from current data protection regulations and guidelines as well as practice requirements in this area, which we address in the design of our architecture. We implement and test the main components. The results demonstrate the feasibility of our architecture and the applicability of our approach even in the healthcare application domain.