Trends in Cloud-Based Storage
Currently, there has been an increasing trend for the most organisation to store their data in the cloud bases system due to the dramatic increase in the digital information especially with customer’s personal data or advanced company wanting to back up their data to prevent loss in case of fire outbreak or cyber-attacks. A cloud-based storage system, in particular, has drowned the attention of most large organizations with large storage needs. Also, the cloud-based storage offers extensive storage at an inexpensive rate in the long-run. By outsourcing, customer data to the cloud storage, companies can concentrate on other factors like improving design function to advance user experience without worrying about the loss of information due to the high level of trust in the cloud-based storage. Cloud-based system also offers on-demand storage which leads to the reduced maintenance costs for the organizations. Moreover, Cloud storage system offers a flexible and convenient way for an individual to access their information from any location and on any device [1].
However, according to the recent survey indicate that 88% of potential cloud system customers are worried about the security of their private data. Security of the cloud system is the major issue hindering its adoption rate. The cloud-based system includes different types of infrastructures. A public cloud system is one which is allocated to the general public and allocation or resource is a pay-as-you-go type. A private cloud system is an internal cloud storage designed and operated by a specific organization [1]. The company has a full controlled of their private cloud hence it cannot be accessed by an external party. Therefore, many people claim that a private cloud system is more secure and can be trusted when it comes to privacy of information. According to the recent survey, more than 43% of companies have confessed to using private cloud system with about 37% claiming to adopt private cloud in the next two years.
This paper will address issues associated with security of the data with cloud storage. a public cloud storage system is formed by a single or a variety of data centres often distributed to different geographical locations. The user may have no idea of where the data is store and there is a common perception that the various cloud users may lose control of their data after uploading to a public cloud system.
In order to manage and control access and control of public clouds, there is a need for organizations to develop mechanisms and access control policies. Such control policies need to restrict the access of data specified to those authorized by the organization. But the cloud system is supposed to implement such policies for them to be an operation to various organizations. But in current healthcare public cloud system, patients have to assume that their records are in the safe hands or those authorized to access their data [2].
In a Role-Based Healthcare Cloud-Based System model, roles are drawn to access and upload permission while the authorized personnel are mapped with appropriate roles. To illustrate, users have tasked membership to the cloud roles according to their responsibilities as well as professionalism. Access permits are granted to qualified individuals rather than any individual staff. Furthermore, Role-Based Healthcare Cloud-Based System, a responsibility can gain permission from other functions hence the health organization can design a hierarchal structure of various roles [2].
Security Concerns in Cloud-Based Storage
In traditional access management systems, execution is done by trusted personnel which in normally the service provider. In a public cloud data system, data can be reserved in distributed data centres. In other words, it may lack a single control panel for data control and distribution. To protect the privacy of the data, there is need to have a specified role-based access control system hence only authorized staffs are allowed to access the data as a specification from the policies. The authorized personnel who satisfy the implemented role-based access will be able to access the data using their personal keys. Hence, the problem of managing public cloud data will be transformed from the management to individual management of access keys according to the implemented cloud data policies.
This paper presents the design of a Secure Role-Based Healthcare Cloud-Based System where the access control procedures are enforced by the new role-based system. The policy grants permission only to the users who are experts in their roles and can also revoke the permission from the current user in case of any malpractice. The cloud storage provides will be able to view the content of the data in case the user is not given the appropriate role. In the new Secure Role-Based Healthcare Cloud-Based System, revocation of a user for malpractice will have an effect on another user in the healthcare setting. The paper will also address several data security issues such as data transfer privileges between on healthcare provider to another.
The paper will also address the advantages of Secure Role-Based Healthcare Cloud-Based System web integration such as reduced cost, improved privacy, reduced medical errors etc. the role-based security of the cloud system will include the security requirements for access, overview, and limitation of the current approaches, role-based key structure and privacy/security analysis. Moreover, there will be a comprehensive analysis of the confidentiality of patient data via healthcare records, information privacy, and disclosure of health information. Finally, the paper will have a comprehensive view of the project requirement as well as analysis and specifications [2].
There has been an increase in concerns over the privacy and security of electronic driven healthcare system that handles many of electronic health information. These concerns have revolved around two areas, which are; information released in an inappropriate way and issues on how information flows in a system. Information released inappropriately has been linked to authorized users manipulating their right to access information intentionally or unintentionally and sharing that information. Other relates to the system where it openly disclosed a patient’s identifiable health data.
- Does connectivity, a quality of a securely based system impact on the performance of the healthcare providers?
- How does the use of a secure cloud-based system reduce the cost of operating an electronic healthcare system?
- Does this secure cloud-based system have measures to ensure security and privacy?
- Do the healthcare providers or fraternity consider a secure cloud-based healthcare system as efficient and reliable?
A number of healthcare organizations have made efforts to implementing mobile devices, and diversifying their digital storage options, which has made it a need for the healthcare industry to consider cloud computing security [5].
The push by the healthcare industry to diversify their digital storage options and improve data security of their customers has seen rising considerations to adopt a cloud-based security system. The complexity of this industry is evident in the vast amount of patient data that is prone to attacks and there is need to have it secured [9].
Role-Based Healthcare Cloud-Based System Model
The adoption of electronic health records saw the industry transformed for the better in terms of patient care and efficiency and for once, the industry had come across a powerful way to store its gigantic health records but forgot to check on security and privacy issues that have increased over the recent years [5].
The replacement of medical systems by healthcare organizations is costly for them and there is a growing need to cut down on the budgetary allocations on the purchase of systems that are cost-effective in terms of management and replacement [4].
The fraternity has for a long time ignored the cybersecurity risks that are aimed at their computers and servers which could cripple these organizations if such an attack occurs. The growing data breach and loss of data by these healthcare organizations has shown the need for them to consider a proactive risk mitigation in order to cut costs of data management and uphold reputation and goodwill [9].
Inter-connectivity of the healthcare industry which makes small targets (small hospitals) an easy way for hackers to infiltrate into systems of larger organizations. This may lead to massive attacks on healthcare data that is valuable like credit card and bank account numbers which might be sold to other people [4].
- The main objective is to assess the role of a secure cloud-based system in ensuring privacy and security in the healthcare sector.
- To establish if a cloud-based system quality of connectivity has any impact on the performance of healthcare providers.
- To assess if a secure cloud-based system can reduce the cost of operating an electronic healthcare system.
- To assess the measures applied by this system to ensure security and privacy is maintained.
- To establish if a secure cloud-based system is considered efficient and reliable by healthcare providers
A number of healthcare organizations have made efforts to implementing mobile devices, and diversifying their digital storage options, which has made it a need for the healthcare industry to consider cloud computing security [5].
The push by the healthcare industry to diversify their digital storage options and improve data security of their customers has seen rising considerations to adopt a cloud-based security system. The complexity of this industry is evident in the vast amount of patient data that is prone to attacks and there is need to have it secured [9].
The adoption of electronic health records saw the industry transformed for the better in terms of patient care and efficiency and for once, the industry had come across a powerful way to store its gigantic health records but forgot to check on security and privacy issues that have increased over the recent years [5].
The replacement of medical systems by healthcare organizations is costly for them and there is a growing need to cut down on the budgetary allocations on the purchase of systems that are cost-effective in terms of management and replacement [4].
The fraternity has for a long time ignored the cyber security risks that are aimed at their computers and servers which could cripple these organizations if such an attack occurs. The growing data breach and loss of data by these healthcare organizations has shown the need for them to consider a proactive risk mitigation in order to cut costs of data management and uphold reputation and goodwill [9].
Inter-connectivity of the healthcare industry which makes small targets (small hospitals) an easy way for hackers to infiltrate into systems of larger organizations. This may lead to massive attacks on healthcare data that is valuable like credit card and bank account numbers which might be sold to other people [4].
Design of a Secure Role-Based Healthcare Cloud-Based System
The paper includes a comprehensive understanding of the exact needs to develop a role-based cloud access infrastructure. Both healthcare institution and the cloud service provider need to have a successful development and implementation of cloud services that will be the source of their IT operation for years. The architect for the Secure Role-Based Access Control Cloud system will require both the hardware and software components of development of the cloud infrastructure. This section will have an overview of the hardware and software requirements with analysis and specifications of the project as well as the project budget [5].
Healthcare Computer system needs to have an operating system that allows diversified cloud computing to allow implementation of a Secured Role-Based Healthcare Cloud-Based System in which the application and data live and run on the internet rather than external or internal storage. Cloud storage can be installed and integrated with other operating systems depending on the computer specs used. Sometimes, the cloud can act as a stand-alone OS although it has a low hardware requirement. Healthcare organization need to build a data centers with redundancies and fault tolerance to implement cloud models to make it available for various apps [5].
Cloud management solution requires the latest hardware, software, virtualization and support data center for the current infrastructures. Early cloud migration included the basing of the solution to commodity and open sources; the current requirements include both commodity and proprietary system. In other words, the intended cloud management provision needs to be integrated with the traditional system in order to achieve the objectives of the Secured Role-Based Healthcare Cloud-Based System. Therefore, healthcare institutions that do not support technologies like NetApp, Microsoft, Cisco, and Red Hat may fall short of this project [9].
To produce the functionality of a Secured Role-Based Healthcare Cloud-Based System, it is necessary that the healthcare administration own a simple tool for metering and defining service offered. A service offering can be viewed as a quantified set of application and services that the final user can consume via the cloud provider- whether public or private cloud. For this project to function effectively, service providers should include other factors such as resource management, billing cycles, resource guarantee and metering rules. The functionality of the service management should reciprocate factors of both software and hardware requirements [9].
Many compositions of the traditional cloud data management require some level of integration with other software in order to achieve the objectives of Secured Role-Based Healthcare Cloud-Based System as the best way of healthcare organization consuming IT. Within an integrated data centers, various tools are utilized in the provision, user care, system management, directory as well as security. Since the main objective of the paper is to improve the security of the cloud computing by having authorized people to access cloud data, it is important for the integration of Application Program Interface that will facilitate the filtering of users on the online storage [9].
In a Role-Based Healthcare Cloud-Based System model, roles are drawn to access and upload permission while the authorized personnel are mapped with appropriate roles. To illustrate, users have tasked membership to the cloud roles according to their responsibilities as well as professionalism. Access permits are granted to qualified individuals rather than any individual staff. Furthermore, Role-Based Healthcare Cloud-Based System, a responsibility can gain permission from other functions hence the health organization can design a hierarchal structure of various roles [14].
Advantages of Secure Role-Based Healthcare Cloud-Based System Web Integration
This paper presents the design of a Secure Role-Based Healthcare Cloud-Based System where the access control procedures are enforced by the new role-based system. The policy grants permission only to the users who are experts in their roles and can also revoke the permission from the current user in case of any malpractice. The cloud storage provides will be able to view the content of the data in case the user is not given the appropriate role. In the new Secure Role-Based Healthcare Cloud-Based System, revocation of a user for malpractice will have an effect on another user in the healthcare setting. The paper will also address several data security issues such as data transfer privileges between on healthcare provider to another. The paper will also address the advantages of Secure Role-Based Healthcare Cloud-Based System web integration such as reduced cost, improved privacy, reduced medical errors etc. the role-based security of the cloud system will include the security requirements for access, overview and limitation of the current approaches, role-based key structure and privacy/security analysis [14].
The paper includes a comprehensive understanding of the exact needs to develop a role-based cloud access infrastructure. Both healthcare institution and the cloud service provider need to have a successful development and implementation of cloud services that will be the source of their IT operation for years. The architect for the Secure Role-Based Access Control Cloud system will require both the hardware and software components of development of the cloud infrastructure. This section will have an overview of the hardware and software requirements with analysis and specifications of the project as well as the project budget [5].
This section presents the use cases to demonstrate the functionality that will be offered by the Secure Role Based Healthcare Cloud Based System and the role of each users associated with the system. The intent of use case is to illustrate how the system will be operated by each user to fulfill their desired requirements. There are four main users who will be using the system and their roles are Patient, Nurse, Doctor and Administrator. The use cases illustrated below also reflects the default role permissions that are allocated for each user. The use cases prepared for each user role are presented as below:
Patient: The above use case illustrates that a patient has the right to only modify own data. The patients can make their own account and access the system using their login credentials. After logging in, the patients can view and update the information of their own profile. The contact information of hospital and previous visit record can be also accessed by the patient. The patients can also view prescriptions of their previous visit.
Nurse: In the above use case diagram, the illustration is done of the permissions that are being granted to Nurses using the system. The Nurses can collect vital information of the patients for example, blood pressure and pulse rate along with respiratory rate. A Nurse can also attach an artifact to the record of patient during their visit at the hospital. The Nurse is also able to view the prescriptions attached with patient record to ensure that there is no error in dosage of medicines.
Confidentiality of Patient Data in Healthcare Records
Doctor: In the above illustrated use case, it has been illustrated that the Doctor has the same roles and permissions to that of a Nurse. The Doctor will additionally use the system for writing prescriptions and allowing to carry out surgery so that the associated medical staff can be aware on status of the assignment.
Administrator: The above use case demonstrates the role played by an administrator in which he/she is able to grant or revoke permissions of operations to the other users of the system. The administrator can make modifications in the facilities provided to users of the system such as the administrator can revoke the permission of doctor to write prescription for patients. The administrator can also allow permission to the nurse for writing prescriptions. Hence, the main role of Administrator is to control the access permissions of each user of the system.
The early studies related to early states of cloud computing load forecasting contributed to the current improved state of clouding world. Such studies such as Kalman Filtering included not the only prediction of algorithms but also utilized linear regression prediction as well as neutral network prediction. In other words, the health cloud storage provider can successfully predict the next phase of task loads. Secure Role-Based Healthcare Cloud-Based System proposes the forecasting algorithm especially for the user who accesses the public cloud storage for the health records. The procedure will result in a more accurate and reflective cloud computing curve. The establishment of the role as well as profile login will provide more predictive and secure health records. In other words, the Kalman filtering will only allow specific or authorized personnel to access the health records hence having a predictive and secured health records. The Kalman filtering will trace and verify the ability of the health organisation to have a secured role-based access to the health record through the prediction of accuracy [2].
To secure the privacy of health records, the paper proposes a role-based access control techniques according to the idea of access control list. Traditionally, various factors were used to filter several incoming traffic so that to block unauthorized access to the cloud system. In this solution, there will be an incorporation of the role of the users and the identity attributes to have an approval for access credentials. In other words, the role-based access system will not only have personal keys but also identity verification for the approval of the access. The rule identifier point for this methodology will include creating, verify, retrieve and delete operation on each role of the user. The cloud provider will have the role to create, verify, retrieve or even delete the role-based access credentials for the user. Once, the user role and profile is validated, the cloud system then generates access token to the specific cloud user and share it to the individual as well as the service provider. This mechanism will help reduce Authentication issues that lead to the loss of privacy and security of healthcare cloud storage [2].
Data Security in Healthcare Cloud-Based Systems
Rule dictionary methodology is proposed to describe the security policy of this projected system. The rule dictionary will explain the access privileges offered to the role-based user credentials. In this healthcare cloud storage solution, a rule identifier is defined then stored against each profile and role. The identifier views the rule dictionary and implements the security policy defined by each role in the verification of the public record access. The advantage of this mechanism is that it would allow the system managers to update any changes of policies regarding the access verification based on the roles of the user. This will not only minimize the management and implementation cost of the new techniques but also guarantees safety of patient records. In addition, the rule dictionary for the Secured Role-Based Healthcare Cloud-Based System can describe the access policies for various deployment models which contribute to the access credentials of various cloud networks [2].
The Access Control List mechanism will include the opposition of access lists in different parts, unlike the traditional methods that include one big list of roles. The proposed access control list for Secure Role-Based Healthcare Cloud-Based System will offer the healthcare providers with the advantages of reduction composition as well as minimization of administration costs. The new proposed version is also simple to implement in cloud storage setting where rules are offered in form of services. In other words, the paper presents a new role-based access control strategy. The management of Secure Role-Based Healthcare Cloud-Based System will require fewer management efforts and minimal complexity compared to the previous traditional styles. Furthermore, this solution provides a reduced role-based access data time done in an authentication way. That is if the user accessing the health records fails to perform a task in the cloud task in one minute, the system will automatically log off the individual. This is a great step in ensuring that personal information of patients is at top attention [3].
User personalization isn’t a new concept in the cloud computing world. Today, personalization concept is widely used in the technological aspects in the customize content to improve the user experience. In this cloud record security solution, the paper develops a role-profile based access control system. The user profile is seen as an entity that contains predefined freedoms to access the cloud service. When an individual accesses the cloud computing service by inputting login keys as well as personal identification, the authentication system approves the user credentials and validates the user profile. Consequently, the access token will be granted to the cloud user according to their role assigned to the specific user. This will inhibit user form recurrent access to each authorized service. Furthermore, it will improve the overall security since specific services will be matched with the user role as well as their profiles. Considering the hierarchal structure of health organizations, the profile-role based access control list best fits its necessities [3].
|
WEEK |
AZHARUDDIN MOHAMMED |
MOHAMMED AMER UDDIN |
VIJAY NAMPALLY |
PAVAN REDDY AENUGU |
TELAKAPELLY PRAVALLIKA |
|
Week 1 |
Met with A/Prof Savitri Bevinakoppa and selected Quantum IT Enterprise web design and implementation from the available options. |
Meeting with the supervisor, Industry Client and selection of the project. |
Meeting with the supervisor, Industry Client and selection of the project. |
Meeting with the supervisor, Industry Client and selection of the project. |
Conducted meeting with the first lecture met with Savitri mam and discussed about the group members and understood the process of selecting industry based project marking. |
|
Week 2 |
Researched about the selected project, learnt the proposal of project and met with industry client and project supervisor. |
Studied on the basics of Web designing and the importance of a website to any industry. |
We looked on web designing and implementation to the project scope. |
Introduced to project and told what it looks like and researched about it. |
Great impact to meeting with the supervisor and industry client meeting ,talked about the different topics finally concluded the topic that is Quantum IT Enterprises Web Designing &Implementation. |
|
Week 3 |
Researched two journals about the business requirements for developing a website, and process of securing it. |
Researched about the software and other components required for the web designing. |
We found the website requirements, outcomes, functional and nonfunctional website recovery. |
Researched about the project details how a web site is designed its ways of designing. |
We learned about the about the how website can done. What the section can be marketing field. |
|
Week 4 |
Researched and learnt how to write literature review by collecting data online. |
Researched on similar journals online and collected information. |
We looked about the researched questions and found the effective articles. |
Getting information of web designing by referring papers and other materials. |
We searched many other journals, conferences, articles related to our scope and qualified our researched questions. |
|
Week 5 |
Tested a mock website created by industry client and contributed information security issues under his supervision. |
Used a mock website created by our industry client to get some more valuable information. |
We had a mock website to got some effective results to found the what the main key features and structure of website |
Worked on website outline a sample outline creation and research the ways of outline formats. |
We have a mock website created by a industry client we got more information to the key elements, how the website build. |
|
Week |
Azharuddin Mohammed |
Mohammed Amer Uddin |
Pravallika |
Vijay |
Pavan |
|
Week 6 |
Received feedback from the Project coordinator A.Prof Savitri Bevinakoppa and learnt about the topics to be included in the Project. |
Submitted assignment 1 and got feedback from A.Prof Savitri Bevinakoppa and made changes to the project as advised. |
We had a workshop with an industrial professional and discuss the project management concepts and how to face interview also , discussed possible questions we faced when you start work in an industry. |
I came forward with some of the strategies and designs (Planning’s), along with architecture and user interface design. And showed it to our tutor where he has given us some major corrections and add-ons. |
In this we had project workshop and also working on assignment and also had some research question findings. |
|
Week 7 |
Researched online on the new topics and aspects of the project and the work was divided as per the roles of the group members. |
Researched on the new topics to be included in the assignment and the work was organized and divided among the group members. |
Discussed about the project plan , figured out the some project management methodologies discussed about the main points: Future ways of working, Job search organization, Project management issues. |
In this Week we have finalized a web design. Started designing our website as well. |
The project workshop continues in this week and preparing the slides for presentation and the research methodologies and assignment. |
|
Week 8 |
As an administrator of the project, I have learnt online on how to manage and select the ideal software and hardware required. |
As a developer, selected software according to the requirement of the website and learnt how to develop it. |
We had a presentation and every team had a new concepts in different subject scope. We had a meeting with savitri mam we need to change some requirements about the assignment 2 . |
In this week All the group members has given our project presentation in the class and shown how we are planning to design our website. |
In this week we gave presentation and savathri mam asked meet and change the assignment and to add more topics to it. |
|
Week 9 |
Included all the aspects told by A.Prof Savitri and tested the output and the working of the project. Everything required was covered and design was created. |
Covered all the aspects of the project as advised to meet the requirement of MIT. Developed and programmed using appropriate tools. |
Worked with assignment 2 and following some new requirements we are sharing some tasks Web integration tasks, Clinical administrative tasks, Reduced medical errors, Patient data security, and Healthcare process integration. |
We have started working on assignment and as per my role in the project I did some design and architecture works in the assignment. |
In this week we are working on assignment and I took responsibility for hardware devices and fixing the hardware faults. |
|
Week10 |
Working on project report |
Working on project report |
Working on project report |
Working on project report |
Working on project report |
|
Week11 |
Preparing for presentation and next stage methods |
Preparing for presentation and next stage methods |
Preparing for presentation and next stage methods |
Preparing for presentation and next stage methods |
Preparing for presentation and next stage methods |
|
Team Member |
Respective Role |
|
Azharuddin Mohammed |
Administrator: Responsible for assembly of more information on cloud computing, Project requirement collecting. |
|
Pravallika |
Analysing the project and testing in real time. |
|
Mohammed Amer uddin |
Developer Responsible for Project methodology analysis and implement the kalman filtering based algorithm and filtering process. |
|
Vijay |
Operator Responsible for planning and design of the project. Assess the system in an actual situation. |
|
Pavan |
Responsible for hardware device buying according to the project requirement and also responsible for categorizing hardware faults and fixing errors. |
|
WEEK |
TASKS/IMPLEMENTATION STAGES |
|
WEEK 1 |
Determining the Research Questions |
|
WEEK 2 |
Initial review of Literature |
|
WEEK 3 |
Collecting study to a researchable problem |
|
WEEK 4 |
Continued review of Literature |
|
WEEK 5 |
Formulation of Hypothesis |
|
WEEK 6 |
Determining the basic research approach |
|
WEEK 7 |
Identifying the total number of Samples |
|
WEEK 8 |
Designing the Data collection Plan |
|
WEEK 9 |
Selecting Data collection Instruments |
|
WEEK 10 |
Choosing the Method of Data Analysis |
|
WEEK 11 |
Implementing the Research Plan |
|
WEEK 12 |
Interpreting the Results |
|
Team Member |
Respective Role |
|
Azharuddin Mohammed |
Administrator: Responsible for assembly of more information on cloud computing, Project requirement collecting. |
|
Pravallika |
Analysing the project and testing in real time. |
|
Mohammed Amer uddin |
Developer Responsible for Project methodology analysis and implement the kalman filtering based algorithm and filtering process. |
|
Vijay |
Operator Responsible for planning and design of the project. Assess the system in an actual situation. |
|
Pavan |
Responsible for hardware device buying according to the project requirement and also responsible for categorizing hardware faults and fixing errors. |
|
Task |
start date |
duration (days) |
|
|
Project Analysis |
1-May |
31 |
|
|
Project Requirement |
15-May |
60 |
|
|
purchasing of Physical Devices |
15-Jul |
30 |
|
|
Projection and Planning |
30-Jul |
92 |
|
|
The implication of the design |
30-Aug |
30 |
|
|
Unit Testing |
30-Nov |
90 |
This study used a descriptive research design. A descriptive study attempts to describe or define a subject, often by creating a profile of a group of problems, people, or events, through the collection of data and tabulation of the frequencies on research variables or their interaction, descriptive design method will provide quantitative data from the respondents. The data collected answered questions concerning the current status of the subject under study.
Summary of Findings
The next stage, MN692 will be the implementation phase of a Secure Role Based Cloud Storage to Health institution. For a successful implementation, a practical research will be done including both qualitative and quantitative analysis of the current security status of cloud computing in Health Care. The selection of the sampling technique in this stage will be Stratified Random Sampling. On the other hand, primary data collection will be through questionnaire and Interviews of both healthcare staff and the administration.
The research in MN692 will use stratified random sampling to select 30% of the MSE’s for the sample of this study from the target Healthcare institution. Thus the sample size 30/100x 147=44; that is 44 MSE’s formed the sample size of the study recommended 30% of a small target population to be representative sample size for a study. The manager or administrator of each of the selected MSE’s will be interviewed. Therefore, 44 MSE’s formed the sample size of the study. Each location will form a stratum. The sizes of the samples from the different strata will be kept proportional to the sizes of the strata. This method will help improve the representation of each stratum within the population, as well as ensure that these strata are not over-represented. Each Healthcare organization will be given a number out of which 44 will be picked randomly using Microsoft Office Excel. A random sample is preferential because it is free from bias as each unit has an equal chance to be included in the sample.
Primary data on the need for improved security on cloud storage will be collected using a questionnaire that was administered by the researcher. A questionnaire enables the researcher to get first-hand information about the problem. It also provided the opportunity for anonymity to promote a high response rate. The researcher will also interview the respondents in order to get greater insight into the subject under investigation. A certain degree of flexibility was permitted to allow the respondents ask questions and raise issues as this enriched in trying to solve the problem.
This section presents the methodology that will be followed implementation of the project to carry out the research on Secure Role Based Healthcare Cloud Based System. The research methodology that has been chosen for this project is mixed method comprising of qualitative and quantitative method. The mixed methodology is an emerging trend for any research which involves integration or mixing of quantitative and qualitative methodologies to achieve desired outcomes from the research [3]. This research method enables suitable integration of data and utilizing them so that the research can be carried out successfully based on the determined objectives. This method provides a more accurate process of data collection and analysis so that the outcomes achieved from the research project are in context to the determined aims and objectives.
The mixed methodology for research was first originated in social sciences and it has been constantly growing in different research areas through the past years. This methodology has been chosen for this particular research topic as it can be modified so that it is related to the questions being designed for the research. The chosen methodology for the project is helpful as this kind of research method has an advantage such that a research problem can be explored in multiple ways [6]. In this methodology, the problems identified in the research can be designed as research questions but the sample size for data collection will vary depending upon the chosen approach. The implementation of project can be carried out easily with the help of this methodology and it will be also supportive in case unexpected results are achieved from the study.
Conclusion
For this particular research topic, descriptive design has been taken as the methodology so that extended results can be achieved from the exploration on cloud based healthcare system and the impact that it will have on the users. In this specific topic chosen for the research, explanatory design will be avoided as it restricts the validity of information and sometimes unexpected results may be achieved from the study [1]. The descriptive design will help to illustrate on the detailed application and benefits that will be achieved by implementing cloud based healthcare system.
Data collection is considered as an essential element for any research which helps the researcher in planning the examination theme professionally so that better results can be achieved from the study [5]. Hence, the collected information will be validated with the help of the appropriate tools and techniques for analysis to get to the result. Two diverse research sources are there, for example, primary and secondary which can be used for gathering of information and acquire the outcomes with respect to determined objectives. Essential information sources assist the analysts by collecting valid information that concentrates on the chosen topic for the research [7]. There is a requirement for clarification, validation and proper quality if there is occurrence of other information sources while; in the event of optional information sources, the indirect elements should be evaluated with respect to the exploration theme. If there should be an occurrence of essential source the specialists ensure that the connection among the healthcare organizations and customers are clear and compact. The other sources of information that is available in writing are also taken for acquisition of data to ensure that gathered information from online surveys are correct and valid [2]. The optional sources of information comprises of the various items such as online sources for example, journals, articles, books along with websites or blogs.
The investigation will be carried by collecting primary data with the help of online survey questionnaires which will help to determine the benefits that will be achieved from the research. The questionnaire will help the researcher to identify the importance of cloud based healthcare system. The methodology chosen for the research will utilize stratified arbitrary examining the chosen research topic for the example investigation from selected Healthcare foundation. Along these lines the example measure determined for this research is 44 participants which will be populated as the sample for investigation means that 30% will be chosen to be illustrative example estimate in context to this particular examination. The supervisors or managers associated with various healthcare organizations will be gathered to receive feedback through the online survey questionnaires. The size of the population for this particular research will be diverse in nature and they will be categorized according to their user role. The difficulties faced by them while handling medical records using existing systems will be evaluated as data and the analysis will be carried out on those facts to design a suitable cloud based healthcare system. The study will be conducted by ensuring that involvement of the participants are kept confidential [5]. The collected data will be analysed with the help of data analysis tools available in Microsoft Excel application. For the specific chosen topic for research, primary data collection and analysis technique will be utilized to assemble and investigate data as indicated by the necessity.
References
Conclusion
This paper describes the security issues that the healthcare cloud storage system. Various studies have been advocated with the aim of improving the security of data in a public cloud storage system. The current traditional cloud computing security solution does not guarantee the safety of private data. In an effort of improving the traditional healthcare cloud storage, this paper describes the new secure role-based healthcare cloud-based system. The proposed cloud system presents a role-based access control where only those with expertise skills and credentials are authorized to access the cloud storage. The proposed system also presents the concept of role as well as a profile that defines the security of medical institutions. This approach will contribute to client satisfaction when it comes to ensuring data safety and privacy. The approach is expected to build the reputation of healthcare organization since there will be a minimal leakage of private data to the public due to the advanced policies of a secure role-based healthcare cloud-based system.
It is necessary to be mindful of the service provided by the host before introducing the role-based access system. Just because the cloud provider provides particular software doesn’t mean that it will be compatible with the research on improving the security via the role-based factor. Therefore, health providers need to evaluate the service they are paying for to determine whether they are compatible with the new system.
Although cloud providers are aware of the malware and virus attack on their consumer system, they assume that they have a critical role in providing a solution to secure the cloud storage system. Cloud provider may not be willing propose solutions on preventing an adverse attack on the cloud system. The reluctance of the cloud providers could hinder the project from improving the security of the health system.
References
[1]Chang, V., Kuo, Y. H., & Ramachandran, M. (2016). Cloud computing adoption framework: A security framework for business clouds. Future Generation Computer Systems, 57, 24-41.
[2] Kavuri, S. K., Kancherla, G. R., & Bobba, B. R. (2014, September). Data authentication and integrity verification techniques for trusted/untrusted cloud servers. In Advances in Computing, Communications and Informatics (ICACCI, 2014 International Conference on (pp. 2590-2596). IEEE.
[3]Lee, A., & Fu, C. (2013). U.S. Patent No. 8,387,136. Washington, DC: U.S. Patent and Trademark Office.
[4]Liu, J. K., Liang, K., Susilo, W., Liu, J., & Xiang, Y. (2016). Two-factor data security protection mechanism for cloud storage system. IEEE Transactions on Computers, 65(6), 1992-2004.
[5]Mon, E. E., & Naing, T. T. (2011, October). The privacy-aware access control system using attribute-and role-based access control in private cloud. In Broadband Network and Multimedia Technology (IC-BNMT), 2011 4th IEEE International Conference on (pp. 447-451). IEEE.
[6]Namasudra, S., Nath, S., & Majumder, A. (2014, March). Profile based access control model in cloud computing environment. In Green Computing Communication and Electrical Engineering (ICGCCEE), 2014 International Conference on (pp. 1-5).
[7]Park, N. (2011). Secure data access control scheme using type-based re-encryption in cloud environment. In Semantic methods for knowledge management and communication (pp. 319-327). Springer, Berlin, Heidelberg.
[8]Wang, G., Liu, Q., & Wu, J. (2010, October). Hierarchical attribute-based encryption for fine-grained access control in cloud storage services. In Proceedings of the 17th ACM conference on Computer and communications security (pp. 735-737). ACM.
[9]Wang, Q., Wang, C., Li, J., Ren, K., & Lou, W. (2009, September). Enabling public verifiability and data dynamics for storage security in cloud computing. In European symposium on research in computer security (pp. 355-370). Springer, Berlin, Heidelberg.
[10]Yang, J., Qiu, J., & Li, Y. (2009, September). A profile-based approach to just-in-time scalability for cloud applications. In Cloud Computing, 2009. CLOUD’09. IEEE International Conference on (pp. 9-16). IEEE.
[11]Yang, K., & Jia, X. (2014). DAC-MACS: Effective data access control for multi-authority cloud storage systems. In Security for Cloud Storage Systems (pp. 59-83). Springer, New York, NY.
[12]Yang, K., Jia, X., & Ren, K. (2013, May). Attribute-based fine-grained access control with efficient revocation in cloud storage systems. In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security (pp. 523-528). ACM.
[13]Yu, Y., Au, M. H., Ateniese, G., Huang, X., Susilo, W., Dai, Y., & Min, G. (2017). Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Transactions on Information Forensics and Security, 12(4), 767-778.
[14]Zhou, L., Varadharajan, V., & Hitchens, M. (2011). Enforcing role-based access control for secure data storage in the cloud. The Computer Journal, 54(10), 1675-1687.
[15] Zhou, L., Varadharajan, V., & Hitchens, M. (2013). Achieving secure role-based access control on encrypted data in cloud storage. IEEE transactions on information forensics and security, 8(12), 1947-1960.
[16]Lewis, S. (2015). Qualitative inquiry and research design: Choosing among five approaches. Health promotion practice, 16(4), 473-475.
[17]Mackey, A., & Gass, S. M. (2015). Second language research: Methodology and design. Routledge.
[18]McCusker, K., & Gunaydin, S. (2015). Research using qualitative, quantitative or mixed methods and choice based on the research. Perfusion, 30(7), 537-542.
[19]Mertens, D. M. (2014). Research and evaluation in education and psychology: Integrating diversity with quantitative, qualitative, and mixed methods. Sage publications.
[20]Morse, J. M. (2016). Mixed method design: Principles and procedures. Routledge.
[21]Palinkas, L. A., Horwitz, S. M., Green, C. A., Wisdom, J. P., Duan, N., & Hoagwood, K. (2015). Purposeful sampling for qualitative data collection and analysis in mixed method implementation research. Administration and Policy in Mental Health and Mental Health Services Research, 42(5), 533-544.
[22]Taylor, S. J., Bogdan, R., & DeVault, M. (2015). Introduction to qualitative research methods: A guidebook and resource. John Wiley & Sons.
