Towards Scalable, Fine-Grained, Intrusion-Tolerant Data Protection Models for Healthcare Cloud

Despite cloud computing has been widely adopted by most industries, the healthcare industry still reveals a slow development in cloud-based solution due to the raising of user fear that their confidential health data or privacy would leak out in the cloud. To allay users´ concern of data control, data ownership, security and privacy, we propose a robust data protection framework which is surrounded by a chain of protection schemes from access control, monitoring, to active auditing. The framework includes three key components which are Cloud-based Privacy-aware Role Based Access Control (CPRBAC) model, Triggerable Data File Structure (TDFS), and Active Auditing Scheme (AAS) respectively. Our schemes address controllability, traceability of data and authorize access to healthcare system resource. Data violation against access control policies can be proactively triggered to perform corresponding defense mechanisms. Our goal is to bring benefits of cloud computing to healthcare industries to assist them improve quality of service and reduce the cost of overall healthcare.