Risk Analysis of Cloud Sourcing in Healthcare and Public Health Industry

Hina Abrar; Syed Jawad Hussain; Junaid Chaudhry; Kashif Saleem; Mehmet A. Orgun; Jalal Al-Muhtadi; Craig Valli

doi:10.1109/ACCESS.2018.2805919

IEEE Access (Jan 2018)

Risk Analysis of Cloud Sourcing in Healthcare and Public Health Industry

Hina Abrar,
Syed Jawad Hussain,
Junaid Chaudhry,
Kashif Saleem,
Mehmet A. Orgun,
Jalal Al-Muhtadi,
Craig Valli

Affiliations

Hina Abrar: Department of Computer Science and Engineering, HITEC University, Taxila, Pakistan
Syed Jawad Hussain: Department of Computer Science and Information Technology, The University of Lahore, Lahore, Pakistan
Junaid Chaudhry: ORCiD; College of Security and Intelligence, Embry-Riddle Aeronautical University, Prescott, AZ, USA
Kashif Saleem: ORCiD; Center of Excellence in Information Assurance, King Saud University, Riyadh, Saudi Arabia
Mehmet A. Orgun: Department of Computing, Macquarie University, Sydney, NSW, Australia
Jalal Al-Muhtadi: Center of Excellence in Information Assurance, King Saud University, Riyadh, Saudi Arabia
Craig Valli: Security Research Institute, Edith Cowan University, Joondalup, WA, Australia

DOI: https://doi.org/10.1109/ACCESS.2018.2805919
Journal volume & issue: Vol. 6
pp. 19140 – 19150

Abstract

Read online

The task of protecting healthcare information systems (HIS) from immediate cyber security risks has been intertwined with cloud computing adoption. The data and resources of HISs are inherently shared with other systems for remote access, decision making, emergency, and other healthcare related perspectives. In the case of a multitude of requirements by multiple stakeholders, various, and diverse cloud models are being adopted across the healthcare and public health industry, which defies the real essence of sharing and using cloud computing in this domain. The misconception of security is one of the key hurdles in the adoption of cloud as a de facto standard in the healthcare and public health sector. In this paper, we demonstrate the similarity of the security aspects of the cloud computing models, by identifying the critical assets in the HIS, and by assessing their impact on the HIS. We also evaluate the risk exposure of the cloud computing models by performing a critical analysis. To the best of our knowledge, this is the first study of its kind for risk analysis of cloud computing models in order to demonstrate their suitability for the HIS.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords