Developing a Secure Distributed OSGi Cloud Computing Infrastructure for Sharing Health Records
Cloud Computing has become an emerging computing paradigm which brings new opportunities and challenges to overcome. While the cloud provides seemingly limitless scalability and an alternative to expensive data center infrastructure, it raises new issues in regards to security and privacy as processing and storage tasks are handed over to third parties. This article outlines a Distributed OSGi (DOSGi) architecture for sharing electronic health records utilizing public and private clouds which overcomes some of the security issues inherent in cloud systems. This system, called HCX (Health Cloud eXchange), allows for health records and related healthcare services to be dynamically discovered and interactively used by client programs accessing services within a federated cloud. A basic prototype is presented as proof of concept along with a description of the steps and processes involved in setting up the underlying security services. Several improvements have been added to HCX including a Role-Based Single-Sign-On (RBSSO).
KeywordsCloud Computing Distributed OSGi Cloud Security Electronic Healthcare Records
Unable to display preview. Download preview PDF.
- 3.PIPEDA Personal Information Protection and Electronic Documents Act (2000), http://laws.justice.gc.ca/en/P-8.6/index.html
- 4.Ontario Statutes and Regulations, Personal Health Information Protection Act, S.O. 2004 Ch. 3 Schedule A (2004) Google Scholar
- 5.104th United States Congress, Health Insurance Portability and Accountability Act (HIPAA), P.L.104-191, August 21 (1996) Google Scholar
- 6.Mohammed, S., Servos, D., Fiaidhi, J.: HCX: A Distributed OSGi Based Web Interaction System for Sharing Health Records in the Cloud. In: IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology, Toronto, Canada, August 31-September 3 (2010)Google Scholar
- 7.Health Level Seven International. HL7 v3.0, http://www.hl7.org
- 8.ASTM Subcommittee: E31.25, ASTM E2369 - 05e1 Standard Specification for Continuity of Care Record (CCR), ASTM Book of Standards, vol. 14.01 (2005) Google Scholar
- 9.Care Management and Health Records Domain Technical Committee, HITSP/C32: HITSP Summary Documents Using HL7 Continuity of Care Document (CCD) Component, Healthcare Information Technology Standards Panel, Version 2.5 (2009) Google Scholar
- 11.OASIS Open, Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 – Errata Composite (December 2009)Google Scholar
- 12.Housley, R., et al.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC3280 (2002)Google Scholar