User-centered Security for Protecting Patient Privacy for E-health Cloud Computing

E-health is the present communication structure in medicine especially in developed countries.  Toward enhancing the quality of care and reduce the health care delivery cost, cloud Computing technology has been adopted.  In recent times services such as exchange and share medical data among staff and then to the patients are one the main reasons behind using this technology in e-health. Hence, using cloud computing in e-health has many challenges particularly when dealing with electronic healthcare records (EHR).  Cloud computing is an agglomeration of technologies, operating systems, storage, networking, virtualisation, each fraught with inherent security issues. For example, browser-based attacks, denial of service attacks and network intrusion become carry-over risks into cloud computing. It differs from traditional computing paradigms as it is scalable which can be encapsulated as an abstract entity to provide different levels of services to the clients. In this paper, we identified the users of e-health such as doctors, nurses and family members and then their security requirements are identified. An application with five stages toward encryption and decryption process is designed. Since trust is a critical factor in cloud computing, this project will investigate the obstacles that cause this technology lose its credibility in certain clouds. To enhance user authentication process, two-tier mechanisms are used to identify the user’s identity. While in confidentiality, it should be assured that information is shared only among authorised people or vendors by applying powerful cryptographic concepts. In this prototype application, the user will be able to protect his/her data and is responsible for providing a high level of security as long as these data are highly private and important.