Database security management for healthcare SaaS in the Amazon AWS Cloud

Software as a Service (SaaS) applications fully-exploiting the potential of elastic Cloud computing infrastructures naturally are enabling new ubiquitous access scenarios for nomadic users, such as market salesmen and home healthcare medical assistants. SaaS applications typically require to transfer data and resources to the Cloud infrastructure site; that raises several challenging issues spanning from access control to resources to privacy protection, ownership, and security of the data of the final SaaS users. However, although encryption of personal and enterprise data is strongly recommended by existing Cloud infrastructures, such as Amazon Web Services (AWS), typically they do not provide yet adequate encryption and key management support. This paper presents a real use case of Vitaever, a home healthcare SaaS application deployed on Amazon AWS, and discusses the challenges and changes needed to add cryptography and key management capabilities to the standard AWS Web/database offer so to enable SaaS data protection. We also show experimental results that benchmark the new security functions over Amazon, demonstrating their applicability to SaaS production deployments.