Developing a Secure Distributed OSGi Cloud Computing Infrastructure for Sharing Health Records

  • Sabah Mohammed
  • Daniel Servos
  • Jinan Fiaidhi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6752)


Cloud Computing has become an emerging computing paradigm which brings new opportunities and challenges to overcome. While the cloud provides seemingly limitless scalability and an alternative to expensive data center infrastructure, it raises new issues in regards to security and privacy as processing and storage tasks are handed over to third parties. This article outlines a Distributed OSGi (DOSGi) architecture for sharing electronic health records utilizing public and private clouds which overcomes some of the security issues inherent in cloud systems. This system, called HCX (Health Cloud eXchange), allows for health records and related healthcare services to be dynamically discovered and interactively used by client programs accessing services within a federated cloud. A basic prototype is presented as proof of concept along with a description of the steps and processes involved in setting up the underlying security services. Several improvements have been added to HCX including a Role-Based Single-Sign-On (RBSSO).


Cloud Computing Distributed OSGi Cloud Security Electronic Healthcare Records 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Vaquero, L., et al.: A break in the clouds: towards a cloud definition. ACM SIGCOMM Computer Communication Review 39, 50–55 (2008)CrossRefGoogle Scholar
  2. 2.
    Urowitz, S., et al.: Is Canada ready for patient accessible electronic health records? A national scan. BMC Medical Informatics and Decision Making 8(1), 33 (2008)CrossRefGoogle Scholar
  3. 3.
    PIPEDA Personal Information Protection and Electronic Documents Act (2000),
  4. 4.
    Ontario Statutes and Regulations, Personal Health Information Protection Act, S.O. 2004 Ch. 3 Schedule A (2004) Google Scholar
  5. 5.
    104th United States Congress, Health Insurance Portability and Accountability Act (HIPAA), P.L.104-191, August 21 (1996) Google Scholar
  6. 6.
    Mohammed, S., Servos, D., Fiaidhi, J.: HCX: A Distributed OSGi Based Web Interaction System for Sharing Health Records in the Cloud. In: IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology, Toronto, Canada, August 31-September 3 (2010)Google Scholar
  7. 7.
    Health Level Seven International. HL7 v3.0,
  8. 8.
    ASTM Subcommittee: E31.25, ASTM E2369 - 05e1 Standard Specification for Continuity of Care Record (CCR), ASTM Book of Standards, vol. 14.01 (2005) Google Scholar
  9. 9.
    Care Management and Health Records Domain Technical Committee, HITSP/C32: HITSP Summary Documents Using HL7 Continuity of Care Document (CCD) Component, Healthcare Information Technology Standards Panel, Version 2.5 (2009) Google Scholar
  10. 10.
    Neuman, B.C., et al.: Kerberos: An authentication service for computer networks. IEEE Communications Magazine 32, 33–38 (1994)CrossRefGoogle Scholar
  11. 11.
    OASIS Open, Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 – Errata Composite (December 2009)Google Scholar
  12. 12.
    Housley, R., et al.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC3280 (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Sabah Mohammed
    • 1
  • Daniel Servos
    • 1
  • Jinan Fiaidhi
    • 1
  1. 1.Department of Computer ScienceLakehead UniversityThunder BayCanada

Personalised recommendations