CHAPTER 1

INTRODUCTION
Cloud computing is a computing paradigm, where a large pool of systems are connected in private
or public networks, to provide dynamically scalable infrastructure for application, data and file
storage. With the advent of this technology, the cost of computation, application hosting, content
storage and delivery is reduced significantly. Cloud computing is a practical approach to
experience direct cost benefits and it has the potential to transform a data center from a capital-
intensive set up to a variable priced environment. The idea of cloud computing is based on a very
fundamental principal of „reusability of IT capabilities'. The difference that cloud computing
brings compared to traditional concepts of “grid computing”, “distributed computing”, “utility
computing”, or “autonomic computing” is to broaden horizons across organizational boundaries.
Forrester defines cloud computing as: “A pool of abstracted, highly scalable, and managed
compute infrastructure capable of hosting endcustomer applications and billed by consumption.”
1.1
(EMRs) are digital versions of the paper charts in clinician offices, clinics, and hospitals. EMRs
contain notes and information collected by and for the clinicians in that office, clinic, or hospital
and are mostly used by providers for diagnosis and treatment. EMRs are more valuable than paper
records because they enable providers to track data over time, identify patients for preventive visits
and screenings, monitor patients, and improve health care quality.
Electronic Health Records (EHR’s) are also widely known as Electronic Medical Records
(EMR’s) and
Many people use the term interchangeably (Torrey, 2011). An EHR is an electronic version of a
patient’s health
Record that was historically created, used, and stored in a paper chart. A patient EHR is created,
managed, and held
By a healthcare organization (Roman, 2009). Only healthcare professionals who are involved in
a patient's care can
Access and use an electronic health record (Roman, 2009). A Personal Health Record (PHR) is a
health record that medical records have been around since the advent of healthcare. In the very
early days, the medical
Record was used to record the disease and the probable cause of that disease (National Institutes
of Health, 2006). In
The early part of the twentieth-century, medical records were kept on three by five cards (Hufford,
1999). The
1960’s and 1970’s saw a rapidly changing era in healthcare when the federal government
passed legislation that
Established Medicare (Hufford, 1999). At the same time, other third-party payers entered the
healthcare market,
Healthcare lawsuits starting immerging, healthcare quality became important, and the government
passed more
Stringent laws regulating the industry (Hufford, 1999). This is the time frame when medical
records really became
A necessity in healthcare, and the first electronic health record appeared (History of the Electronic
Medical Record,
n.d.)

The use of electronic health records was slow to catch on with physicians and healthcare
providers. It was
Estimated in 2009 that less than 8% of hospitals had an electronic health record (Ford,
Menachem, Huerta, Yu,
2010). Some of the reasons for the slow adoption of EHR’s are the immense cost of the systems,
lack of national
standards, and because healthcare providers spend an immense amount of time and money
complying with
Government regulations and patient privacy requirements (Morissette, 2011).

In 2005, President Bush gave a speech at the National Institutes of Health, and he said this
about today’s
st th
Healthcare system: “We’ve got a 21 century medical practice but a 19 century paperwork
system.” He also went
on to add, “Electronic medical records are going to be one of the great innovations in medicine”
(ehrCentralHome,
2012).
In 2009, Congress passed the American Recovery and Investment Act of 2009. In this
act, the US
government offers incentives to all healthcare providers to implement Electronic Health Records
(EHR) to replace
paper based systems. Healthcare systems that successfully implement an EHR system will make
their facilities
eligible for bonus incentive payments and penalizes facilities that do not implement
EHRtechnology (Information
Week, 2009).Under this law, hospitals and physicians will get incentive payments from Medicare
and Medicaid if
they become meaningful users of health information by 2014 (AHA News, 2010). The federal
government plans to
spend $27 billion in incentive payments to help get hospitals and physicians using and sharing
EHR’s (cms.gov,
2010). The meaningful use requirements are core criteria that are to be implemented in
three stages. This
meaningful use is the standards that the government has spelled out as a minimum for healthcare
providers to be
able to receive incentive payments (Jarousse, 2010). The meaningful use criteria require that the
EHR must meet
fourteen core requirements and an additional five objectives from a list of ten (Jarousse, 2010).
The requirements
include quality data reporting, computerized physician order entry, and electronic pharmacy
orders. Healthcare
providers must also be able to share the EHR with other healthcare providers electronically. The
major goal of the medical record is to serve as a repository of the clinician’s observations and
analysis of the patient. Any clinician’s recorded interactions with a patient usually begin with the
history and physical examination. The history typically contains the patient’s chief complaint (i.e.,
chest pain, skin rash), history of the present illness (other pertinent symptoms related to the chief
complaint), past medical history, social history, family history, and review of systems (other
symptoms unrelated to the present illness). The physical examination contains an inventory of
physical findings, such as abdominal tenderness or an enlarged lymph node. The history and
physical are usually followed by an assessment which usually adheres to the problem-oriented
approach advocated by Weed ( 1969), with each problem analyzed and given a plan for diagnosis
and/or treatment. Despite the documented benefits of the EMR, most clinical encounters are still
recorded by hand in a paper record. This is not without reason. Dick and Steen ( 199 1) note that
the traditional paper record is still used due to its familiarity to users, portability, ease of recording
“soft” or “subjective” findings, and its browsability for non-complex patients. There is also a sense
of ownership of paper records, due to their being only one copy, which increases the sense of their
security (although it will be noted below that this may be a false sense of security). Nonetheless,
there are many problems with paperbased medical records. The first is that the record can only be
used in one place at one time. This is a problem for patients with complex medical problems, who
interact with numerous specialists, nurses, physical therapists, etc. Another problem is that paper
records can be very disorganized. Not only can they be fragmented across different physician
offices and hospitals, as noted above, but the record at each location itself can often be
disorganized, with little overall summary. In most paper records, pages are added to the record as
they are generated chronologically, making the viewing of summarized data over time quite
difficult. Another problem with the paper record is incompleteness. In an analysis of U.S. Army
outpatient clinics, Tufo and Speidel ( 197 1) found as many as 20% of charts had missing
information, such as laboratory data and radiology reports, a finding consistent with more recent
observations ( Korpman & Lincoln, 1988; Romm & Putnam, 1981). A final problem with the
paper-based record is security and confidentiality. Although usually ascribed as a problem of the
EMR, there are attributes of the paper record that increase its vulnerability to access by
nonprivileged outsiders. Its difficulty in duplication leads to a great deal of photocopying and
faxing among providers and institutions. Furthermore, abstractions of the paper record are stored
in large databases, such as those of the Medical Information Bureau, which are maintained by
health insurance companies to prevent fraud but contain medical information of more than 12
million Americans ( Rothfeder, 1992). Although the complete EMR does not currently exist,
portions of the medical record have been computerized for many years. The most heavily
computerized aspects are the administrative and financial portions. On the clinical side, the most
common computerized function has been the reporting of laboratory results, usually made easier
with the installation of automated equipment for laboratory specimen testing. As more information
recording functions become computerized (i.e., clinician dictations transcribed into word
processing systems), increasing proportions of the record are computerized as well. Dick and Steen
note that all comprehensive EMR’s share several common traits ( Dick & Steen, 199 1). First, they
all contain large data dictionaries that define their contents. Second, all data are stamped with time
and date so that the record becomes a permanent chronological history of the patient’s care. Third,
the systems have the capability to display data in flexible ways, such as flowsheets and graphical
views. Finally, they have a query tool for research and other purposes. A number of successful
EMR implementations have been in place for decades. One of the earliest ambulatory care record
systems was COSTAR (Computer-Stored Ambulatory Record), developed at Massachusetts Gem
eral Hospital in Boston ( Barnett et al., 1979). It allows patient registration and scheduling, storage
and retrieval of clinical data, and financial capabilities such as billing. The core COSTAR system
is in the public domain so that other vendors and institutions can modify and enhance it. Another
well-known ambulatory system is the Regenstrief Medical Record System at Indiana University
(McDonald, Blevins, Tierney, & Martin, 1988)> which implements similar functions but is also
wellknown for its capacity for physician decision support (see below). There have also been a
number of long-standing EMR systems for hospitals. The HELP (Health Evaluation through
Logical Processing) system was developed at the University of Utah and Latter-Day Saints (LDS)
Hospital in Salt Lake City (Warner, Olmsted, & Rutherford, 1972). Similar to the Regenstrief
system, it attempts to actively assist physician decision-making by providing alerts of potentially
problematic situations and reminders for routine care.
1.11
In this section we are going to introduce some important nouns and basic sense in this field we are
discussing. Cryptography is the study of mathematical techniques related to information security
aspects such as confidentiality, data integrity, entity authentication, and data authentication.
Cryptology is the study of cryptography and cryptanalysis. Cipher is the way to encrypt data.
Plaintext is the original data before being encrypted and the data of the encryption output is called
ciphertext or cryptogram. The methods which used to encrypt plaintext is called ciphers.
encryption Plaintext ciphertext key Fig.1 Figure.1 Plaintext and Ciphertext Cryptanalysis is the
study of methods of breaking ciphers. And the way to attack the cipher can be simply divided into
two parts described below. ˙exhaustive attack: Also called Brute-force attack which is an attack
that would try all possible keys until the attacker hits the right key. For example: encrypting by a
3-digits-number key, the exhaustive attack for the encryption is trying from 000 to 999 until the
right key hit. ˙statistics attack: Comparing to the exhaustive attack, statistics attack is a kind of
systematical attack after observing input and output or some other effects. For example: power

consuming. We will discuss cryptanalysis later. (2)Family of Alice and Bob： When cryptologists

talk about encryptions, there are some roles involved inside such as message sender, receiver or
attackers. There is a simple way to distinct these roles by naming the roles. Starting with the
alphabet are Alice and Bob, two parties wanting to communicate in a secure manner. When more
people are in the communication group, Carol and Dave will be used. Eve is a passive attacker
who can get the information from Alice and Bob. Mallory is another attacker who can get the
information and even modify the data between Alice and Bob. Trent is a person who is trusted by
all involved parties. Walter is a man who would protect Alice and Bob with some aspect. This is
the basic sense about the communication family. For more information and detail about this, we

can go checking out the reference [1] and [3]. 3 (3) Some basic sense of Data Encryption： There

are three main purposes in cryptography listed as following: First, creating confidentiality. Second,
giving authentication which is used to recognize if the message sender is the legal one or not. And
the third is integrity. Modern cryptography relies on Kerckhoff Principle: we should always
assume that all details about the cipher are known to the enemy, the exact algorithm and all its
inner workings, except one small piece of data called key. We will mention it after in the
cryptanalysis section. 2 Secret Key & Public Key Cryptography In this section, we talk about the
main idea that how data encryption process processes. Then we discuss the difference between
two cipher ways that are symmetric cipher (secret key cryptography) and the asymmetric cipher
(public key cryptography). Generally speaking, the two cipher ways above are the two key systems
we use to encrypt in cryptography field. Moreover, we can even implement the symmetric cipher
with two kinds of cipher, that is the block cipher and the stream cipher. (1) Cipher classes for Data

encryption： Data encryption main process: encryption Plaintext ciphertext key Fig.1 Figure.2

Plaintext and Ciphertext Symmetric cipher(secret key cryptography)：1key(secret key) Cipher

public key to encrypt Asymmetric cipher(public key cryptography)：2keys Secret key to decrypt

Fig.2 Figure.3 Symmetric cipher and Asymmetric cipher In the secret key system, we use only one
key to encrypt and decrypt. The 4 transmitters and the receivers have to own the same secret key.
The concept of secret key is simple and fast. But it is hard to keep the key safety because as the
involved parties number increase, the security of the secret key becomes unsafe. In order to solve
this problem, someone invented the public key system or so called asymmetric cipher. There are
two keys used in the cipher algorithm. The man owning the public key can encrypt the data, and
only the man owning the secret key can decrypt the encrypted data. Asymmetric cipher is easy for
key management, but the drawback is the computing speed is rather slow and complicated. Table.1
advantage and disadvantage of symmetric cipher and asymmetric cipher advantage Disadvantage
Symmetric cipher fast and simple key management is not easy Asymmetric cipher key
management is easy slow and complicated 3 Transposition Ciphers and Substitution Ciphers From
the encryption algorithm point of view, there are two main techniques we used to implement in
the secret key cryptography (symmetric cipher) system: Substitution cipher and Transposition
cipher. Substitution ciphers replace bits, characters, or blocks of characters with substitution.
Transposition ciphers rearrange bits or characters in the data. We now describe some details about
the two kinds of cipher and simply introduce some examples that we use very often in the two
kinds of cipher. SUBSTITUTION TECHNIQUES Substitution technique is one that the letters in
the plaintext will be replaced by other letters or by numbers or symbols. [Caesar Cipher] The
earliest use of substitution cipher is also the simplest one that is proposed by Julius Caesar, called
Caesar Cipher. The Caesar Cipher works with replacing each letter with the letter standing three
places further down of the alphabet order. For example: plaintext: a b c d e f g h w x y z ciphertext:
e f g h i j k l z a b c So if the plaintext is “meet me after the party”. The ciphertext would be “phhw
ph diwhu wkh sduwb”. 5 plaintext: meet me after the party ciphertext: phhw ph diwhu wkh sduwb
If we assign each letter a number from 0 to 25(from A to Z). Take the Ciphertext as C, Encryption
as E, and plaintext as P. Then we can describe the Caesar Cipher as below C=E(p)=(p+3)mod(26)
(1) A shift could be any amount, so the general Caesar algorithm is C=E(p)=(p+k)mod(26) (2)
where k takes on a value in the range from 1 to 25. And the decryption algorithm is simply p
=D(C)=(C-k)mod(26) (3) If it is known that a given ciphertext is a Caesar cipher, then a brute-
force cryptanalysis will be easily performed. Just try all the 25 for the possible value of k. In this
example, there are three reasons for us to use the brute-force cryptanalysis. First is that the
encryption and the decryption algorithms are known. Second is that there are only 25 keys to try.
Third is that the language of the plaintext is known and easily recognizable. For general cases, we
always assume that the first condition is held, that is the algorithms of encryption and decryption
are always known by the enemy who want to break the cipher. What really makes the brute-force
attack impractical is that most of the algorithms use a large number of keys, that is, the second
condition. For example, the triple DES algorithm uses a 168-bit key which makes people who
choose to use the brute-force attacking way wasting resources or time. And the third condition is
also important. If the language of the plaintext is unknown, we do not have any idea to recognize
that if the key we try is right even in the trial that is right. [Polyalphabetic cipher] Simple
substitution ciphers like Caesar cipher use a single mapping from plaintext to ciphertext letters,
that is the same plaintext will have the same ciphertext. This characteristic is always not good in
cryptography from the security point of view. Polyalphabetic cipher solves this problem by using
multiple substitutions. Image a cipher disk with two circles (outer and inner circle) and they are
movable between each other. Every time we randomly turn around the inner circle, we will get a
response pair from each alphabet. Then we record where the &(or any sign different from alphabets
and numbers) sign stand. That is the simple way to produce a substitution cipher which works and
avoid the single mapping from plaintext to ciphertext problem.
TRANSPOSITION TECHNIQUES
Transposition technique is achieved by performing some kind of permutation on the plaintext
letters. It is very simple to realize this kind of cipher. We can do it by the example. If the plaintext
is “meet me after the party”, we can rearrange it by this way: m e m a t r h p r y e t e f e t e a t So
we get the plaintext and the ciphertext like this: plaintext: meet me after the party ciphertext:
mematrhpryetefeteat [Columnar transposition] Another simple transposition cipher is called
Columnar transposition. If the plaintext is “data encryption”, we will compose the sentence into a
3*5 matrix. For example: key: 4 1 2 3 5 plaintext : d a t a e n c r y p t i o n ciphertext: anttciarodep
yn Of course, the transposition cipher can be made more secure by performing more than one stage
of transposition. For example, doing the Columnar transposition 2 or 3 times and it will efficiently

to increase the security of this cipher. ECB(electronic codebook mode)： The simplest sense of

Block cipher is ECB mode. In ECB mode, each encryption and decryption of the data blocks are
independent from one another. It means that the speed of ECB mode is very fast because the
parallel inputs and parallel outputs could be used. And the transmission errors will be confined
inside the single block, and will not influence on the other blocks. The drawback of ECB mode is
that the same plaintext input will have the same ciphertext output. It would be an advantage that
the attackers could take on. Figure.6 ECB mode encryption.
1.2.1

The cloud computing exhibits, remarkable potential to provide cost effective, easy to man-
age, elastic, and powerful resources on the fly, over the Internet. The cloud computing,
upsurges the capabilities of the hardware resources by optimal and shared utilization.
The above mentioned features encourage the organizations and individual users to shift
their applications and services to the cloud. Even the critical infrastructure, for example,
power generation and distribution plants are being migrated to the cloud computing
paradigm. However, the services provided by third-party cloud service providers entail
additional security threats. The migration of user’s assets (data, applications, etc.) outside
the administrative control in a shared environment where numerous users are collocated
escalates the security concerns. This survey details the security issues that arise due to the
very nature of cloud computing. Moreover, the survey presents the recent solutions pre-
sented in the literature to counter the security issues. Furthermore, a brief view of security
vulnerabilities in the mobile cloud computing are also highlighted. In the end, the discus-Cloud
computing has more to offer businesses and individuals than ever before. Many are moving to
the cloud to take advantage of the on-demand nature of documents, applications and services. An
area of cloud computing that is starting to garner more attention is cloud security, as well as
Security-as-aService (SECaaS). These security areas are increasing in attention in response to
businesses move to the cloud – cyber thieves follow data and confidential information. Similar to
on-premise computer and server security, cloud security adoption has lagged behind cloud
service adoption. However, the SECaaS area is beginning to growing rapidly, and will continue
to grow. Many individuals move to the cloud without considering what possible security pitfalls
may be present, and who could be reading their sensitive information. Services like email
(Gmail, Hotmail, etc.) and social networks have always been housed in the cloud, and have long
been a personal security threat. Conversely, many organizations are paralyzed with regard to
cloud services, not realizing that there are security solutions that can protect confidential
information as it passes through the cloud stack (Penn). These organizations have robust security
options, as many familiar names in IT security have products for cloud security. SECaaS
products include Identity and Access Management, Data Loss Prevention, Web Security, and
Intrusion Management, and more (Orans, MacDonald). The cloud is going to continue to grow
for the foreseeable future. Mobile access to company assets is a trend that will continue to grow
at a fast rate. Governments are moving their data to the cloud, and purchasing cloud security
solutions to protect themselves and their agents all over the world; about 30% of cloud security
solutions are purchased by government entities at this point. Cloud Computing Security Page 4
Although SECaaS currently accounts for only 2-3% ($463MM) of the overall security market,
we forecast that it will continue to grow to ~5-6% ($1.5B) of the security market by 2015, and
possibly as much as ~20%($9B) by 2021 (Technavio Insights, Penn). Cloud computing is a hot
trend. Going to the cloud is not only fashionable, but it saves time, money, and resources. The
move to the cloud shows no signs of slowing down, and cloud security products will need to
continue to keep up with demand. SECaaS has the potential for exponential growth and
expansion in the ever-evolving cloud computing market.
sion on the open issues and future research directions is also presente Cloud computing is not a
new technology but
rather a new delivery model for information
and services using existing technologies. It
uses the internet infrastructure to allow com-
munication between client side and server side
services/applications (Weiss, 2007). Cloud
service providers (CSP’s) offer cloud platforms
for their customers to use and create their web
services, much like internet service providers
offer costumers high speed broadband to access
the internet. CSPs and ISPs both offer services.
The cloud provides a layer of abstraction be-
tween the computing resources and the low
level architecture involved. The customers do
not own the actual physical infrastructure but
merely pay a subscription fee and the cloud
service provider grants them access to the clouds
resources and infrastructure. A key concept is
that the customers can reduce expenditure on
Cloud Computing Security
Sean Carlin, University of Ulster, UK
Kevin Curran, University of Ulster, UK
ABSTRACT
In this paper, the authors focus on Cloud Computing, which is a distributed arch
itecture that centralizes server
resources on quite a scalable platform so as to provide on demand’ computing r
esources and services The
authors outline what cloud computing is, the various cloud deployment models an
d the main security risks
and issues that are currently present within the cloud computing industry.
resources like software licenses, hardware and
other services (e.g., email) as they can obtain
all these things from one source, the cloud
services provider. Recent studies have found
that disciplined companies achieved on aver-
age an 18% reduction in their IT budget from
cloud computing and a 16% reduction in data
centre power costs (McFedries, 2008). This
paper provides an overview of the key aspects
of Cloud Computing
patient controls and can change (Roman, 2009). EHR’s are protected under a federal law called
Health Insurance
Portability and Accountability Act (HIPAA); PHR’s are not covered under HIPAA (Roman,
2011).