Applied Information Technology
Advanced Encryption Standard (AES) Protecting Cloud Computing Healthcare Data
Information Technology Infrastructure
Dr. Raza Hasan
Healthcare organizations are tremendously adapting cloud computing system to their organization for storing sensitive information as well as applications. The efficiencies and cost-savings made possible by cloud environments directly support the need to slow the growth of healthcare costs. As cloud computing has created convenient, effective, and more efficient healthcare services to the people, the security level for protected health information has been listed on the top risk in cloud computing infrastructure. Millions of users are using the Cloud for various purposes, therefore healthcare and cloud service providers need to focus on adapting highly secure and protected data encryption algorithm in order to assure security of their personal or health related information stored in the cloud. Advanced Encryption Standard (AES) is the safest and protected algorithm recommended by American Medical Association that healthcare provider need to adapt for the patients’ health related information. AES has been integrated by Intel into their software and hardware for healthcare information security.
Cloud computing is a new computing model that lets an organization pay for only the resources they need, when they are needed. In cloud computing, the data, resources and applications exist on a “cloud” of Web servers, which creates a highly flexible environment for different units of an organization. Cloud Computing has been a new model for healthcare service and medical organizations to improve the delivery of healthcare service. It has enabled them to operate with greater efficiency, cost-effectiveness, and agility. Though, healthcare is a highly regulated environment, and has adapted cloud computing model to drive efficiencies, streamline workflow and increase the breadth and quality of patient care, the concern level over privacy, security, access and compliance have always been high. Cloud computing can improve the healthcare program performances, but it also requires a highly secure and auditable computing platform to meet statutory and regulatory requirements governing the handling of protected health information. Cloud computing security risks can be multi tenancy, data loss and leakage, easy accessibility of cloud, identity management, unsafe API’s, patch management, internal threats, and so on. Therefore, data encryption is one of the possible ways to safeguard data as it moves in and out of the cloud, which makes data unusable if compromised. Advanced Encryption Standard (AES) is one of the highest levels of encryption recommended by American Medical Association (Kaner, 2013). The AES was selected by NIST in a competition and is stronger and faster than earlier encryption standards. This paper describes how AES benefits cloud computing healthcare organizations and strengthened the security and compliance considerations that healthcare IT infrastructures must meet. Literature Review
Cloud computing technologies can be delivered in various ways, but it is important to know what an organization’s cloud strategy is expected to accomplish, in order to determine the service and deployment model that is best suited for the organization. Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) are three popular Healthcare models that Healthcare organization uses (Hitachi Data Systems, 2012). Infrastructure as a Service (IaaS) provides healthcare organization with the infrastructure needed to run its service and business, which include networks, computing resources, such as servers or storage, and staffing expertise (Hitachi Data Systems, 2012)....
Cited: Cloud Security Alliance. (2010, 03). Top Threats to Cloud Computing. Retrieved 12 03, 2014, from https://cloudsecurityalliance.org: https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf
Federal Information Processing Standards Publication 197. (2001, 11 26). Announcing the ADVANCED ENCRYPTION STANDARD (AES). Retrieved 12 1, 2014, from csrc.nist.gov: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Hitachi Data Systems. (2012, 05). How to Improve Healthcare with Cloud Computing. Retrieved 12 3, 2014, from http://docs.media.bitpipe.com/io_10x/io_108673/item_650544/cloud%20computing%20wp.pdf
Intel IT Center. (2013, 01). Healthcare Cloud Security. Retrieved 12 3, 2014, from www.intel.com: http://www.intel.com/content/dam/www/public/us/en/documents/solution-briefs/cloud-computing-securing-cloud-financial-brief.pdf
Kaner, J. (2013, 02 27). 5 Steps to Ensuring Hospital Data Security. Retrieved 12 3, 2014, from http://www.beckershospitalreview.com/: http://www.beckershospitalreview.com/healthcare-information-technology/5-steps-to-ensuring-hospital-data-security.html
Penchalaiah, P. N. (2010). Effective Comparison and Evaluation of DES and Rijndael Algorithm (AES). International Journal on Computer Science and Engineering, 1641-1645.
Sachdev, A. (2013). Enhanching Cloud Computing Security using AES Algorithm. Internaltional Journal of Computer Applications, 19-23.
Please join StudyMode to read the full document