1

CHAPTER 1

INTRODUCTION

1.1 Concepts of Cloud Computing

1.1.1 Introduction to Cloud Computing

Cloud computing is a kind of Information Technology/Business

application benefits that any organization's offer for a pay-per-use or rental
premise. Storage, servers, and applications fall in this domain of cloud
computing and are an accessible on-demand premise. Therefore securing
hardware, programming and applications can essentially be executed in, dislike
the conventional methodologies of establishing a data center before one could
concentrate on building/conveying the business solutions.

Cloud Computing gets rid of the requirement for expensive data center
and administration, because the Cloud merchant provides, manages and
monitors the health and accessibility of the framework.

A registering cloud is an arrangement of network empowers

administrations giving versatility, Quality of Service (QoS) ensured, for the
most part, customized, less expensive computing infrastructures on demand,
which can be accessed in a simple and pervasive manner.

Cloud computing is a model for empowering convenient, on-demand

network access to a common pool of configurable computing assets (e.g.,
systems, servers, storage, applications, and administrations) that may be fast
provisioned and discharged with negligible management exertion or cloud
service provider interaction.
 2

The expression “cloud” has its establishment from the web which has its
schematic representation as a cloud. It refers to the various particular sorts of
services and applications have been conveyed in the internet cloud, and the
way that, on numerous occasions, the devices used to get to these offerings and
now applications do not require any extraordinary applications.

Figure 1.1 shows the three – Layer Cloud Architecture

Applications SaaS

PaaS
Development Environment

Resources Storage Bandwidth

IaaS

Hardware / OS

Figure 1.1 Three- Layer Cloud Architecture

1.1.2 Cloud Architecture

The rise of cloud computing is rapidly changing a business and

innovation idea with various implications for different individuals.

For utility and IT clients’, IT as an administration (ITaaS) – that

is, conveyance of computing, storage, and applications over the
web from a centralized data center.
For the Internet, software developers, it's a web – scale
programming advancement stage and runtime environment.
For infrastructure providers and administrators, it’s the huge,
distributed data center infrastructure connected by IP networks.
 3

The Top layer (Application Layer): Top layer applications

delivered on demand in the Software-as-a- Service (SaaS) model.
The Middle layer (Platform Layer): Middleware provides an
application service and a Platform-as-a-Service (PaaS) at runtime
environment for cloud applications.
The Bottom layer (Infrastructure Layer): A bendy infrastructure
of distributed data center services connected via Internet Style
Networking.

Figure 1.2 shows the Cloud Computing System comprised of four

deployment models and three service models.

Figure 1.2 Cloud Computing Systems

 4

1.1.3 Cloud Computing Functionality

Figure 1.3 illustrates the cloud computing services. Conceptually, users

accumulate computing platforms or IT infrastructures from computing clouds
after which run their applications internally. Consequently, computing Clouds
render users with offerings to access hardware, software and data resources,
thereafter an integrated computing platform as a service in a transparent way:

IaaS

APIaaS PaaS

STaaS
NaaS Cloud
Computing
Services

DaaS
SaaS

TEaaS SEaaS

Figure 1.3 Cloud Computing Service Models

 5

Figure 1.4 shows the functional aspects of Cloud Computing are as

follows:

Example

Google Apps, on-line

Software as a Service
email, Salesforce.com,
Backup as a Service

Microsoft Azure,
Platform as a Service Force.com, Google App
Engine, Tibco Silver,
IBM sMash(AMI)

Data Services, Identify

Software Infrastructure
mgmt., Security services
as a Service
providers, CDN

AWS/EC2, System
hosting providers ( BT,
Hardware Infrastructure
as a Service AT & T, Sprint) +
Virtualization vendors

Figure 1.4 Cloud Tier Architecture

(i) Software as a Service (SaaS)

In this service model, consumers buy the capability to access and use an
application or providers that are hosted inside the cloud. The applications are
accessible from various client devices through a thin consumer interface
together with an internet browser (e.g., web-based email). The consumer is no
longer managing or manages the underlying cloud infrastructure, including
network, servers, operating systems, storage, or even individual application
 6

abilities, with the viable exception of confined user-unique software

configuration settings.

An example of that is Salesforce.com in which information about the

interaction between the consumer and the services are hosted as part of the
service in the cloud.

(ii) Platform as a Service (PaaS)

In this service model the consumers purchase access to the platforms,

enabling them to set up their own software and applications in the cloud. The
consumer does not manipulate or control the underlying cloud infrastructure,
together with the network, servers, operating systems, or storage. But has
control over the deployed applications and likely hosting, application
environment configurations. In this, there might be constraints as to which
applications may be used, i.e. consumer can deploy applications created the
usage programming languages and tools supported by the provider.

(iii) Infrastructure as a Service (IaaS)

In this service model, The consumer is no longer controlling or

manipulate the underlying cloud infrastructure but has control over operating
systems; storage, deployed applications, and possibly constrained manage of
choosing networking components (e.g., host firewalls).

(iv) Hardware as a Service (HaaS)

‘Hardware as a Service’ introduction in 2006. Because the result of fast

advances in hardware virtualization, IT automation and utilization metering
and pricing, users should buy IT hardware, or may be an entire data
 7

center, as a pay-as-you-go subscription service. The HaaS is bendy, scalable

and possible to satisfy needs.

Other service models include:

(v) DaaS: DATA AS A SERVICE

Data as a Service (DaaS) is a cloud strategy used to offer records and

distribution model wherein data files such as text, images, sounds, and videos
are made to be had customers over the internet to pay on the usage basis. DaaS
allows the accessibility of business-crucial information in a well-timed,
protected and lower priced manner. DaaS is predicted to facilitate new and
more powerful methods for distributing and processing data.

(vi) TEaaS: TECHNOLOGY AS A SERVICE

TEaaS is an operational model which gives technology as a service on

demand. TEaaS model lowers the price of business solution possession,
reduces the chance of the era and presents predictability of prices over the
years. Many businesses these days are continuously searching for superior.
Main-aspect era solutions to assist improve performance and hold aggressive
gain.

It is particularly well-suited for developing businesses, in that it provides

the ability to guide agile, rapidly-changing companies while being scalable
sufficient to accommodate growth.

(vii) APIaaS: APPLICATION INTERFACE AS A SERVICE

In APIaaS model, application programming, graphical user interface

components can be provided as a service to pay for use basis. Application
Interfaces can specify in lots of forms, together with an International Standard
 8

which includes POSIX, vendor documentation such as the Microsoft Windows

API. Web APIs is also an essential and widely used aspect of state-of-the-art
web fabric.

(viii) SEaaS: SECURITY AS A SERVICE

SEaaS is an outsourcing version for security management, which

facilitates at ease all the types of computing. Massive service providers
coordinate the security benefits directly into a corporate framework on a
membership premise. A security administration incorporates verification, anti-
virus, and hostile to malware/spyware, interruption identification, and security
event management.

(ix) NaaS: NETWORK AS A SERVICE

In NaaS model, system and transport availability is given as an

administration, however, the cloud supplier. NaaS involves the enhancement
of resources allotments by utilizing considering network and computing
resources assets as a brought together entirety.

Conventional NaaS services comprise of adaptable and augmented VPN

and transfer speed on demand. NaaS idea appearance furthermore incorporates
the accessibility of a virtual network service through the owners of the network
infrastructure to a third party.

1.1.4 Deployment Models of Cloud Computing

Cloud Computing deployment has especially flowing four deployment

models from the factor of view of structure, each with precise characteristics
that help the needs of the services and customers of the cloud in a particular
ways:
 9

(i) Private Cloud: The cloud infrastructure is kept up and worked by

a specific business enterprise. It may be controlled with the aid of the
organization or a third party and can exist on premise or off premise.

(ii) Community Cloud: The cloud infrastructure is shared with the

aid of several organizations and helps a selected network that has shared
worries (e.g., security requirements, policy, and compliance considerations). It
could be controlled via the organizations or a third party and might exist on
premise or off premise.

(iii) Public Cloud: The cloud infrastructure is to be had to the general

public on a commercial basis by the cloud service provider. A consumer can
develop and deploy a service in the cloud with very little or no financial outlay
as compared to the capital expenditure requirements related to different
deployment alternatives.

(iv) Hybrid Cloud: The cloud infrastructure is a composition of more

than one clouds (private, community, or public) that continue to be precise
entities, but are sure collectively through standardized or proprietary era that
permits information and application portability.
 10

While there are special pricing models, but the consumption-based

models also referred to as “Pay As You Go” (PAYG), are pretty popular and
measure the resources used to determine charges, e.g.,

Computing time, measured in device hours

Transmissions to and from the data center, measured in GB

Storage capacity, measured in GB

Transactions measured as application requests

In these kinds of measures, consumers are not tied to month-to-month

subscription rates or other advance payments; they pay most effective for what
they use.
 11

1.1.5 Properties of Cloud Computing Services

Table 1.1 Properties of Cloud Computing Services

Service Provider Amazon web Google App

Windows Azure Salesforce.com
Features service Engine
Elastic compute Google’s Internet-scale Multitenant
cloud (EC2) geo-distributed cloud services Architecture
Computing Architecture public architecture platform hosted Allowing single
Architecture cloud in Microsoft data application to
center private serve many
cloud customers
Service IaaS PaaS PaaS SaaS
Load Balancing Automatic Built-in Load Balancing
algorithm used are scaling and Hardware load Among tenants
Load Balancing round –robin load Load Balancing balancing
balancing, HA
Proxy
Interoperability Inter-operability Interoperable Application-level
Among EC2, between Platform can be integration
platforms and used to build new between clouds
Interoperability Eucalyptus, etc, -
horizontal different application from
programming the cloud
Interoperability language
Simple storage Proprietary SQL Server data Database stored
Storage service (s3)and Database Service (SSDS) regarding
simpleDB different fields
Type II (SAS 70 SDC uses STS(Token Sys Trust SAS 70
Type II) RSA/128bit or Service)creates Type II
Certification, higher AES- Security
Security firewall.x.509 CBC/SHS, Assertion
Certification Google secure
data connector Mark-up
Language
Amazon Machine Supports Microsoft.NET Apex Language
Image(AMI) Python, Java, for database
Programming moreover, Amazon Java Servlet service and
Framework Map API JDO and supports .Net, C#,
Reduce framework JPA java, C++
 12

1.1.6 Features of Cloud Computing

The capabilities of cloud computing are that it lets in for the sharing and
scalable deployment of services, as wished, from almost any location and for
which the client may be billed based on real usage.

Some fundamental functions of cloud computing is given under:

(i) On-demand self-service: A consumer can provide computing

capabilities, such as server time and network storage, as needed automatically
without requiring human interaction with service providers.

(ii) Broad network access: As the capabilities are available over the
network and accessed through standard mechanisms, it can be accessed
through heterogeneous thin or thick client platforms. In other words, access to
a user is available through the internet from a broad range of devices such as
PCs, laptops, and mobile devices.

(iii) Resource pooling or shared Infrastructure: The computing

resources of service providers are pooled to serve multiple consumers using a
multi-tenant model, with different physical and virtual resources dynamically
assigned and reassigned according to consumer demand. There is a sense of
location-independence in that the customer generally has no control or
knowledge over the exact location of the provided resources, but may be able
to specify location at a higher level of abstraction (e.g., country, state, or data
center).

(iv) Rapid Elasticity: Capacities can be quickly and flexibly

provisioned, in general consequently, making a buyer feel that the abilities
accessible for provisioning are boundless and can be acquired in any amount
whenever.
 13

(v) Measured Service: Cloud frameworks automatically control and

streamline asset use by utilizing a measuring/metering ability proper to the type
of service (e.g., storage, handling, data transfer capacity, and dynamic client
accounts). Resource utilization can be checked, controlled, and reported giving
transparency to both the provider and consumer of the utilized service.

1.1.7 Benefits of Cloud Computing

The following benefits are offered or available in cloud computing based

services and applications:

(i) Cost Savings: Cloud computing lets in for customers to reduce

their capital expenditures and use operational expenses for increasing their
computing competencies. It lowers the barrier to entry for brand new services
and additionally requires fewer in-residence IT resources to provide support.

(ii) Scalability/Flexibility: The flexibility of cloud computing

permits corporations to apply extra resources at peak times, enabling them to
satisfy consumer demands.

(iii) Reliability: Services the use of multiple redundant websites can

guide, business continuity and disaster restoration.

(iv) Maintenance: Cloud provider, providers do the system

renovation, and access is through APIs that do not require application
installations onto PCs for that reason, also decreasing preservation necessities.

(v) Mobile Accessible: Mobile workers have improved productivity

due to systems reachable in an infrastructure available from everywhere.
 14

1.2 Mobile Cloud Computing in Healthcare

1.2.1 Mobile Cloud Computing

Mobile computing presents new opportunities to personal users of

healthcare services. Mobile and cloud technologies are at the heart of
healthcare’s data transformation. Mobile devices are considered as a service
platform for mobile healthcare data, access, and communication. Figure 1.5,
mobile cloud computing systems described as follows:

Mobile Cloud
Computing

Figure 1.5 Mobile Cloud Computing Systems

The usage of cloud computing in combination with mobile devices is

known as mobile cloud computing. It is a combination of mobile networks and
cloud computing, thereby providing optimal services for mobile users. Cloud
computing exists when tasks are saved on the internet opposed to on individual
devices, providing on-demand access.
 15

Features of Mobile Cloud:

Anywhere Access

Data is available from any device.

Apps, state & settings can follow from device to device.

The need for native vs. web apps.

Computing Power

Optimize tasks for using both the device and cloud

computing.

Enables impossible scenarios for mobile (offload

computationally intensive tasks to the cloud).

Seamless Enterprise Mobility

Mobile access enterprise apps and data are become easier.

Lessens the need for Virtual Private Network (VPN), and

the complexities of “behind the firewall” access.

Analysis the use of the same device for both work and
personal scenarios.

1.2.2 Mobile Healthcare

The healthcare industry is a well-known user of mobile cloud

computing. The industry had advanced applications which permit patients and
doctors access to information anywhere, at any time, the ability to monitor
patients remotely and enhance emergency response. Because of the sensitive
nature of health information, mobile cloud computing in the healthcare
industry faces many challenges which include data storage, heterogeneous
resources, and last however no longer least, security.
 16

Nonetheless, in line with (Hashim et al., 2009) mobile cloud computing

is being diagnosed as one of the “key factors contributing to higher fitness take
care of the society”. Mobile cloud computing applied in fields like the
healthcare industry provides improved efficiency and progressed quality
(Whitney, 2011).

Figure 1.6 Healthcare Information Systems

Figure 1.6 describes the healthcare terminologies:

(i) Electronic Healthcare Record (EHR) An electronic record of

health-associated information on an individual that conforms to nationally
recognized interoperability standards and that may be created, controlled and
consulted by authorized clinicians and staff throughout more than one
healthcare organization.

(ii) Personal Healthcare Record (PHR) An electronic record of

health-associated information on an individual that follows to nationally
recognized inter-operability requirements and that can be drawn from multiple
 17

assets at the same time as being controlled, shared, and managed with the aid
of the individual.

While an Electronic Health Record (EHR) is a computer- based record

that originates with and is managed by doctors, a Personal Health Record
(PHR) can be generated by a general practitioner, patients, hospitals,
pharmacies, and different assets but is controlled by the affected person.

(iii) Electronic Medical Record (EMR) is normal digitized medical

information which might be maintained better in the health facility where an
individual is being handled model of the conventional paper primarily based
medical report for an individual. The EMR signifies a medical record within a
single facility, which includes a health practitioner's workplace or a hospital.

(iv) Health Information System (HIS) is the detail of health

informatics that focuses particularly on the administration needs of hospitals.
HIS is an incorporated information system designed to control all the aspects
of health center operation along with medical, administrative, financial and
legal issues.

(v) Health Information Exchange (HIE) is the transmission of

healthcare associated data amongst facilities, health records, and company and
authorities, agencies in line with national standards for interoperability,
security, and confidentiality.

(vi) Healthcare Professional who offers services related to health

care, e.g., physician, doctors, pharmacists and so forth.

(vii) A healthcare Provider place where health care services are

offered e.g. the hospital.
 18

(viii) Digital Imaging and Communications in Medicine (DICOM) is

a standard for handling, storing, printing and transmitting information in
clinical imaging. It consists of a file format definition and a network
communications protocol.

The communication protocol is a utility protocol that uses TCP/IP to

communicate between systems. DICOM documents can be exchanged
between two entities which are able to receive image and patient data in
DICOM format

(ix) Picture Archiving and Communication System (PACS) is a

medical imaging technology, which gives the budget storage and convenient
access to images from multiple modalities. The Universal format for (PACS)
image storage and transfer is DICOM.

A PACS consists of four important additives: The imaging

modalities consisting of X-Ray, Computed Tomography (CT) and Magnetic
Resonance Imaging (MRI), a secured network for the transmission of patient
data, workstations for decoding and reviewing images, and files for the storage
and retrieval of images and reports.

(x) Computerized Physician Order Entry (CPOE) is the process of

medical professional entering medicine orders electronically instead of paper
charts.

1.2.3 Mobile Cloud in Healthcare

In recent years, mobile devices have started out becoming abundant in

lots of healthcare applications. The purpose of the growing use of mobile
computing is its ability to provide a tool to the consumer while and where its
miles wished no matter user movement, subsequently, helping location
 19

independence. However, it suffers a few inherent problems, including

restricted scalability of users and devices, the restrained availability of software
applications, resources scarceness in embedded devices, common
disconnection and finite strength of mobile devices.

In the healthcare sector, the impact of these limitations is magnified

because of the large size, excessive complexity, and rapid generation of
healthcare data. As a result, a wide variety of healthcare applications is tough
to run on mobile devices such as radiology processing and recognition,
patients' social networking information control, genomic information and
sensor data applications. Further, progress in interoperation and sharing data
among unique EMR systems has been extremely slow because of the high
price and poor usability. What is needed is an environment that is capable of
capturing, storing, searching, sharing and analyzing healthcare big data
efficiently to provide right intervention to the right patient at the right time.

Cloud computing (Armbrust, 2009) gives an attractive IT platform to

reduce down the cost of EHR systems in terms of both ownership and IT
renovation burdens for many medical practices. Cloud environment can host
EHRs and permits sharing, interoperability, high availability, and rapid
accessibility of healthcare data. Cloud Computing (CC) systems own the
capacity to conquer the discrepancies of mobile computing with they are
scalable, highly available and useful resource pooling computing assets.

The main concepts in the back on cloud computing is to offload

information and computation to a remote resource provider (i.e., the Internet)
which offers extensive network access. The idea of offloading data and
computations in the Cloud is used to deal with the inherent problems in mobile
computing by using resource providers (i.e., cloud resources) aside from the
 20

embedded devices themselves to host the execution of user programs and store
users’ records.

The troubles are addressed as follows:

(i) By way of exploiting the computing and storage capabilities

(resource pooling) of the cloud, mobile intensive applications may be
performed on low useful resource and limited energy mobile devices.

(ii) The broad network access to the cloud overcomes the restricted
availability and common disconnection issues because the cloud resources are
to be had everywhere and at any time.

(iii) The infrastructure of cloud computing is very scalable, cloud

providers can add new nodes and servers to cloud with minor modifications to
a cloud infrastructure, therefore; extra services can be brought to the cloud, this
permits extra mobile users to be served and greater portable devices to be
connected (Ahmed, 2013).

A study by Juniper studies states that the consumer and agency market
for cloud-primarily based mobile applications is anticipated to upward thrust to
$9.5 billion with the aid of 2014 (Perez, 2010). In the healthcare sector, we
believe that these surroundings may be very promising and is anticipated to
change how healthcare services are provisioned.

Mobile cloud computing generation will make a contribution to

healthcare sectors within the following approaches:

(i) Integrating healthcare information dispersed among exceptional

healthcare organizations and social media.
 21

(ii) Presenting a shared pool of computing resources this is capable

of storing and analysing healthcare big data correctly to take smarter selections
at the proper time.

(iii) Providing dynamic provision of reconfigurable computing

resources which can be scaled up and down upon user demand. This could
reduce the cost of cloud-based total healthcare systems.

(iv) Improving user and device scalability and data availability and
accessibility in healthcare systems.

Healthcare cloud can offer two deployment models. Those models

describe the extent of information sharing among distinctive healthcare
providers, patients, and practitioners when the usage of the cloud.

Those models are:

Private healthcare cloud: The cloud infrastructure is owned

completely by a healthcare company or hospitals. It can be controlled by the
healthcare providers or a Cloud Service Provider (CSP) may exist on-premise
or off- premise.

Community healthcare cloud: The cloud infrastructure is shared

by way of numerous healthcare organizations and supports a specific network
that has shared concerns (e.g., mission, security requirements, and policy). It's
far managed via a CSP or by the healthcare organizations may also exists
on-premise or off- premise.

Healthcare services provided by means of healthcare clouds are

categorized as follows:
 22

Software as a Service (SaaS): Healthcare applications, inclusive

EHRs, are hosted as a service and provided to practitioners, healthcare
providers, and patients throughout the internet, with no need to install and run
on their own computer. Hosted applications can be accessed through web
browsers from numerous consumer devices which include laptops, PDAs, and
mobile phones. A couple of customers can share the applications and avoid the
hassle related to software program maintenance, upgrading and the need for
added licenses.

Platform as a Service (PaaS): PaaS is an improved platform that

lets in healthcare providers to know not only install but additionally design,
model, expand and take a look at healthcare applications immediately on the
cloud. It helps to work with organizations on collaborative healthcare projects
where project team participants are geographically allotted. This requires PaaS
to provide development infrastructure consisting of tools and programming
languages.

Infrastructure as a Service (IaaS): Healthcare providers can at

once use independent virtual machines that isolate the underlying physical
hardware of the cloud from them. They are able to dynamically provide virtual
computing resources based totally on their increasing/decreasing useful
resource demand.

1.2.4 Healthcare Cloud and Virtual Private Network

Virtual Private Network (VPN) technologies are preferred in healthcare

industries because of its secure transmission of data, lower cost, and dedicated
outlines. VPN, in particular affords secure solution for mobile users. It is
based totally on IP protection and offers extra security services like
authentication, encryption and key control, and many others. A VPN has
 23

configuration files which include security-level definitions and secure network

map files.

The first file includes the authentication types, encrypting scheme, and
so on. The second file describes the extract gateway for the perfect VPN node.
Authentication schemes presented by VPN are as follows Handshake Message
Authentication code, RSA records protection Public-Key cryptosystem,
Message Digest 5, secure Hash algorithm and shared a secret. Encryption
technology supports Blowfish algorithm, Data Encryption Standard (DES),
Triple DES, RSA, and RC5.

Electronic Healthcare Monitoring System (EHMS) based on VPN

security provides records of healthcare records like EHR, EMR, and PHR.
It also provides information on data sharing and its integration with healthcare
cloud. While accessing the data, various private and secured issues are
managed under VPN security. This security also ensures secure transmission,
Manage integrity VPN connection over a public network, with the help of
various security measures and tools.

1.3 Mobile Cloud Security in Healthcare

Many healthcare companies organizations are grasping cloud

computing to improve data, performance and minimize managerial expenses
The cloud lets healthcare professional access patient information from any
Wi-Fi-enabled tool at any location.

This straightforward entry makes it simpler for healthcare specialists,

healthcare centers, and protection corporations to rapidly share patient records.
Crisis responders can give patient care faster by the method for having entry to
fundamental healthcare data off-site. Doctors can assess new patients' entire
medical histories online without sitting tight for physical records to be
 24

exchanged. Patients could have direct get entry to their healthcare records on
the web. The sharing of data through the cloud reduces authoritative costs as a
result of the decreased requirement for paper information.

Those points of interest and more have prompted the developing

prominence of cloud computing in the healthcare industry. In any case, cloud
computing must be successful if the cloud is secure and patient security is
ensured.

1.3.1 Importance of Cloud Security

Cloud security is vital to secure patient protection, agree to human

service legal guidelines, and assure that one of a kind accepted social insurance
specialists get to the right information. Some health organizations are hesitant
to undertake cloud computing because of the complexity of structuring cloud
computing to comply with the Health Insurance Portability and Accountability
Act (HIPAA), which regulates how health organizations protect private
healthcare information. Others are resistant to adopt cloud computing due to
issues over unauthorized access to data. Patients are not always viewing their
medical records online because of network security concerns.

A successful cloud healthcare community ought to use data security

measures that comply with HIPAA, prevent unauthorized access, and shield
proper patient records. There should be no question of the authenticity of
patient data, which could make the distinction ineffective medical treatment.
Each healthcare professionals and patients must trust the cloud network
security to protect personal data for it to work. Powerful cloud security will
gain this vital agree with.
 25

1.3.2 Challenges of Cloud Security

Effective cloud security must handle with key challenges in the

following areas:

(i) Preventing unauthorized access: It is fundamental that only

authorized client's get right of entry to record in a healthcare cloud. This can
be troublesome in a virtual domain with such a great deal of remote clients and
different remote devices.

(ii) Accessing data safely from mobile devices: Health professionals

and patients need to be able to access information securely from mobile
devices like cell phones, tablets, or laptops. If network protection isn't always
ultimate, susceptible data can be misplaced or stolen while accessed via an
unsecured mobile device.

(iii) Protecting databases from malware and attacks: A cloud needs

to have a secure database that effectively protects opposition to cyber-attacks
and malware. Security forums and professionals are humming approximately
the newly decided internet bug referred as Heart bleed which exposes a flaw in
Open SSL, a cryptographic tool that gives conversation security and privacy
over the internet for applications which include the web, e-mail, instant
messaging and a few Virtual Private Networks. It is also vital to have an
incident restore and response system in place to reply fast to block any attacks
or breaches.

(iv) Preventing data loss: A cloud has to have a terrific device

to prevent data loss and a manner to retrieve lost information while feasible. A
 26

cyber-attack, an encryption error, or natural disasters are some of the ways

records can be lost.

1.3.3 Overcoming Cloud Security Challenges

The healthcare organizations can believe cloud computing to be a secure

and powerful device to deliver expert services, share data, and keep patient
data.

The key challenges to cloud network security can be overcome with

encryption, two-key factor identification, and security intelligence.

Encryption: Encryption changes information in a secure format

that only an authorized user with an appropriate encryption key can access.
Information must be encrypted when it's far in use, in transit, and at rest to
ensure that the facts are unreadable if it's far misplaced or stolen. Split-key
encryption presents even greater network security because it is protected by
encryption keys, in which through the healthcare corporation and the cloud
service provider. Each key ought to be used that allows you to get entry to
facts.

Two-key factor identification: Unique usernames and passwords

aren't sufficient to identify authorized users. Requiring an additional method
of identification like a fingerprint or specialized software token provides an
additional layer of security to make sure simplest authorized users access the
cloud data.

Security Intelligence System: A security intelligence system that

monitors the logs of all of the cloud servers and firewalls for any unusual
activities can discover and block cyber-attacks and malware and prevent
capability information breaches or record loss.
 27

By analyzing these three methods, the security intelligence system taken

for this research work because it provides more security and reliable data
communication in the cloud computing.

1.4 Introduction to Cryptography

Cryptography is the examine of the secret (crypto-) writing (-graphy)

this is concealing the content of the message from all besides the sender and
the receiver and to authenticate the correctness of message to the recipient. It
is involved with making sure that nosy humans cannot examine, or worse,
modify messages intended for other recipients (Tanenbaum, 2000).

Cryptography is the sector of network security which provides methods

or algorithms for securing the data through hiding its that means. It's the way
that cryptography can convert the information from its readable form to
unreadable form. If everyone attempts to change or read information illegally
then he can not achieve this due to the fact the information, isn’t always
readable until it’s far reconverted to readable form that is only possible by the
mechanism of cryptography. Commonly, cryptography is a place which has
been used around for centuries and has helped in securing information. The
process of cryptography are described in determining figure 1.7

Figure 1.7 Symmetric Cryptography

 28

From figure 1.7, it is observed that it is useful to have a notation for

relating plain text, cipher text, and keys. The term C = EK (P) represents the
encryption of the plaintext P using key K gives the cipher text C. Similarly,
P = DK(C) represent of decryption of C to get the plaintext P again. It follows
that

DK (EK (P)) = P

1.4.1 Basic terms used in Cryptography

Plain Text: The original message (text, audio, and video) that the
person needs to communicate with the others are defined as Plain Text.

Cipher Text: The message that can’t understand by using everybody or

meaningless message is called as Cipher Text. The purpose of cipher textual
content is hiding the details of the plain text. For example,
“Adh6@779e45$^&kl8*^5%” is a Cipher text produced for Mingy Aden (Pal,
2015)

Encryption: The process of conversion of plain text into cipher text is

known as Encryption. Cryptography makes use of various encryption
strategies to send confidential messages through an insecure channel.

Decryption: The reverse technique of encryption is known as

Decryption. The procedure of changing cipher text into plain text on the
receiver’s aspect to get the original message in a readable form is known to be
decryption.

Key: A Key incorporates a numeric, alphanumeric text or a special

symbol. The Key is used to encrypt and decrypt text. The key selection is for
the security of encryption algorithm depends directly on it.
 29

1.4.2 Goals of Cryptography

Cryptography provides some security goals to make certain the privacy

of data, no alteration of information cryptography. It is far extensively used
nowadays due to the security benefits of it.

Here the various goals of cryptography:

(i) Confidentiality: Making sure that information is not determined

to unauthorized persons.

(ii) Integrity: Ensuring that information held in a system is a proper

representation of the data implied and that can’t be altered by an unauthorized
person.

(iii) Availability: Making sure that the information processing assets

aren't made unavailable by malicious action.

(iv) Non-Repudiation: Ensuring that agreements made electronically

can be verified.

1.4.3 Types of Cryptography

Cryptography is split into two categories first is symmetric key

cryptography (sender and receiver share the same key) and the second is
asymmetric key cryptography (sender and receiver share a different key). The
forms of cryptography are described in determining figure 1.8
 30

Cryptography

Symmetric key Asymmetric key

Cryptography Cryptography

DES, Blowfish, RSA, DSA,

RC5, 3DES,AES Diffie-Hellman,
ElGamal

Figure 1.8 Fields of Cryptography

1.4.4 Symmetric Key Cryptography

Symmetric Key cryptography is referred to as conventional

cryptography or secret key cryptography. Here, the sender and the receiver
will each have a common secret key. However , both the parties must agree
upon the key before any transmission begins, and nobody else should know
about it. The sender and receiver should specify the shared key in the
beginning, after which they can start to encrypt and decrypt messages among
them the use of that key. The strength of current secret key encryption
methods rests in the secrecy of the encryption key, now not in the algorithm
getting used. The process of symmetric key cryptography are described in
determining figure 1.9
 31

Secret Key Secret Key

Plain Text
Plain Text Encryption Decryption
Message
Message Algorithm Algorithm

Transmitted
Cipher Text

Figure 1.9 Process of Symmetric Key Cryptography

The two specific types of secret key cryptography are mentioned below:

(i) Block Cipher

A block cipher is a deterministic algorithm which operates on fixed-

length groups of bits, called blocks, with an unvarying transformation that is
unique by using a symmetric key. Block ciphers take some of the bits and
encrypt them as a single unit, padding the plaintext, so that it is far a more than
one of the block size. Blocks of 64 bits have normally been used.

(ii) Stream Cipher

A stream cipher is a symmetric key cipher wherein plaintexts are

combined with a pseudorandom cipher key stream. In a stream cipher, each
plaintext digit is encrypted one by one with the corresponding digit of the key
stream, to present a digit of the cipher text stream. An alternative name for
stream cipher is stated cipher because the encryption of each digit is dependent
on the current stage.
 32

1.5 Problem Statement

There is a growing demand for information security because the huge

volume of sensitive data transmission is through mobile networks. So
encryption and decryption play an important role. Since health record
manipulation affects human lifestyles, secured data transmission is crucial. As
a result, many encryption schemes had been proposed consisting of DES,
3DES, Blowfish, AES, and many others. The existing algorithm does not
provide the required level of security for healthcare data in cloud storage.

The proposed technique promises high-level security and it’s far, as

compared with various different existing algorithms. Within the present
framework, if the decoding secret key is known, then the information can be
recovered effectively from the cloud. There are a few techniques to be needed
to hack the decryption key. Some of the methodologies are Key Search
strategy, Brute Force assault, Crypt Analysis and Systems-Based assault. The
current framework gives a single layer protection to the EHRs. If that single
layer is surpassed, then the information might be without difficulty recovered
from the cloud.

1.6 Problem Solution

The research work gives a double layered protection wherein the EHRs
are stored within the cloud server through Virtual Private Network. Blowfish
algorithm is used for transferring patient healthcare records and images in an
encrypted format. This can be stored in a cloud server through Virtual Private
Network.
 33

Here, MATLAB is used for DICOM image processing and VHSIC

HDL is used for Blowfish encryption and decryption. All encrypted data and
images are securely stored in cloud server via Virtual Private Network.

The secure data transmissions have accomplished with modern

cryptography. The records are accessed by both in-patients and out-patients
and the doctors who manage them are also allowed to access it. In this
research work is to provide the excellent results of security and performance
trade-off over the existing symmetric algorithms. To obtain this end result
specific parameters are compared inclusive of processing time, bandwidth,
correlation, entropy and many others, to measure the level of security the usage
of the above referred to algorithms.

1.7 Objectives of Research Work

Mobile and cloud technologies are the heart of healthcare's

information transformation. Cloud computing has numerous dangers like
information security, information secrecy and overhead. The information
handled in the cloud is exceedingly secret, for example, business records,
patient records, and military records, and so forth hence an appropriate
encryption standard must be connected so as to secure the sensitive
information.

Healthcare records Like EHRs, EMR, PHR., etc., had been extensively
adapted to permit healthcare professionals and patients to make, manipulate
and get to medicinal services data from wherever and whenever. Cloud
services offer the important framework at lower expense and high quality.

The electronic health record includes of images of the patient’s record

that are highly confidential. The EHRs in the healthcare consist of the scan
images, DNA reports, X-rays and so forth, which might be considered because
 34

the patient’s private data. Providing security for a large extent of data with
excessive efficiency is required.

An EHR contains individual sensitive personal information, such as

person's health records, images, and other health related information. This
information is the maximum confidential ones and needs to be protected.

1.8 Research Motivation

The power of mobile devices with cloud computing are combined to

form mobile cloud computing. It thus provides users with unlimited resources.
The authorities, military, monetary institutions, hospitals and private agencies
deal with confidential data and images approximately hospitals, topographical
areas, defence, product, consumer and economic reputation. It is stored on
electronic computer systems and transmitted throughout networks to different
computer systems.

If this confidential data and images about the patient, topographical

areas, and enemy positions fall into the wrong hands, then this kind of breach
of security could prompt the declination of war, inaccurate treatment and so on.
Defensive confidential information and images is a good and legitimate
prerequisite. To make the information more secure from different attacks and
for the integrity of data it ought to be encrypted before it is transmitted or
stored it directly into a cloud server.

A healthcare user can store healthcare information and medical DICOM

images of cloud and different authenticated users can read and see the images,
however, there is the possibility to manipulate the data and images by the
hackers, for that reason affecting the person privacy and integrity. So data and
medical images stored in the cloud should be encrypted, disallowing
unauthorized users to access stored data and medical images. The present
 35

algorithms used for encrypting healthcare data and medical images of the
cloud aren’t efficient for managing security issues.

1.9 Methodology for Solving the Problem

An integrated mechanism for healthcare data and image protection for

healthcare is obtainable with the aid of blowfish algorithm. Here healthcare
data and images are analysed in two methods. (i) Healthcare data encryption
and decryption (ii) DICOM image encryption and decryption.

The encrypted form of healthcare data is stored on a cloud which

provides a high level of security. So, simplest decrypted model of healthcare
data and an image of a patient record are viewed by a doctor primarily based
on authentication.

DICOM images are tested by way of the image encryption procedure

using ModelSim in VHDL Code which uses blowfish algorithm. Normally the
histogram of the encrypted image is less dynamic and altogether unique in
relation to the separate histograms of the original images. So the encrypted
image does not give any clue to utilize any statistical attack on the encryption
of an imaging procedure, which makes statistical attacks difficult.

1.10 Organization of Thesis

The rest of the thesis is prepared as follows:

Chapter 2 - This chapter describes in detail the literature survey

accomplished to examine the ideas of secure healthcare data transfer in the
cloud computing, authentication, existing methods of secured records transfer
in the cloud and secure information transfer through Virtual Private Network in
the cloud.
 36

Chapter 3- This chapter describes the healthcare data security within the
cloud which includes privacy and information security in the cloud, distinctive
cryptographic algorithms and blowfish implementation the use of VHSIC
HDL, ModelSim and MATLAB and also explained cloud-based services for
exchanging secured healthcare records through VPN and how the cloud VPN
enables to transfer the patient information greater securely inside the public
network.

Chapter 4 - This chapter describes the comparisons of symmetric key

cryptographic algorithms and overall performance evaluation of blowfish
algorithm. The experimentation is carried out with different sizes and this
would also allow statistical comparison, such as multiple t-Tests which are
necessary to give an indication of the performance differences.

Chapter 5 - This chapter describes the architectural design of healthcare

data security in the cloud which affords a double layered protection to the
healthcare records and DICOM medical images.

Chapter 6 - This chapter recognition of the implementation of healthcare

information and image encryption and decryption using the blowfish algorithm
with the help of MATLAB, VHDL, ModelSim, Wavelet Transform for cloud
and cloud reports in healthcare; snapshots of the proposed mechanisms
designed to study the cryptographic technique.

Chapter 7 - This chapter describes the conclusion and future research

direction.