Table of Contents Author Guidelines Submit a Manuscript
The Scientific World Journal
Volume 2014, Article ID 146970, 7 pages
http://dx.doi.org/10.1155/2014/146970
Review Article

Proposal for a Security Management in Cloud Computing for Health Care

Persicon Corporation, Friedrichstraße 100, 10117 Berlin, Germany

Received 16 December 2013; Accepted 5 January 2014; Published 19 February 2014

Academic Editors: R. Colomo-Palacios, M. Niedermayer, and V. Stantchev

Copyright © 2014 Knut Haufe et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. R. Zhang and L. Liu, “Security models and requirements for healthcare application clouds,” in Proceedings of the 3rd IEEE International Conference on Cloud Computing (CLOUD '10), pp. 268–275, July 2010. View at Publisher · View at Google Scholar · View at Scopus
  2. M. Almorsy, J. Grundy, and I. Müller, “An analysis of the cloud computing security problem,” in Proceedings of the Asia Pacific Cloud Workshop, Colocated with Asia Pacific Software Engineering Conference (APSEC '10), Sydney, Australia, 2010.
  3. R. Buyya, C. S. Yeo, S. Venugopal, J. Broberg, and I. Brandic, “Cloud computing and emerging IT platforms: vision, hype, and reality for delivering computing as the 5th utility,” Future Generation Computer Systems, vol. 25, no. 6, pp. 599–616, 2009. View at Publisher · View at Google Scholar · View at Scopus
  4. R. Colomo-Palacios, E. Fernandes, M. Sabbagh, and A. de Amescua Seco, “Human and intellectual capital management in the cloud: software vendor perspective,” The Journal of Universal Computer Science, vol. 18, no. 11, pp. 1544–1557, 2012. View at Google Scholar
  5. J. J. Rodrigues, I. de la Torre, G. Fernández, and M. López-Coronado, “Analysis of the security and privacy requirements of cloud-based Electronic Health Records Systems,” Journal of Medical Internet Research, vol. 15, no. 8, 2013. View at Google Scholar
  6. D. J. Solove, “HIPAA turns 10: analyzing the past, present, and future impact,” SSRN Scholarly 2245022, Social Science Research Network, Rochester, NY, USA, 2013. View at Google Scholar
  7. J. Kwon and M. E. Johnson, “Security practices and regulatory compliance in the healthcare industry,” Journal of the American Medical Informatics Association, vol. 20, no. 1, pp. 44–51, 2013. View at Google Scholar
  8. M. Böhm, S. Leimeister, C. Riedl, and H. Krcmar, “Cloud Computing—Outsourcing 2.0 or a new Business Model for IT Provisioning?” in Application Management, F. Keuper, C. Oecking, and A. Degenhardt, Eds., pp. 31–56, Gabler, 2011. View at Google Scholar
  9. B. Rochwerger, D. Breitgand, E. Levy et al., “The Reservoir model and architecture for open federated cloud computing,” IBM Journal of Research and Development, vol. 53, no. 4, pp. 535–545, 2009. View at Google Scholar · View at Scopus
  10. M. Armbrust, A. Fox, R. Griffith et al., “A view of cloud computing,” Communications of the ACM, vol. 53, no. 4, pp. 50–58, 2010. View at Publisher · View at Google Scholar · View at Scopus
  11. L. Wang, J. Tao, M. Kunze, A. C. Castellanos, D. Kramer, and W. Karl, “Scientific cloud computing: early definition and experience,” in Proceedings of the 10th IEEE International Conference on High Performance Computing and Communications (HPCC '08), pp. 825–830, September 2008. View at Publisher · View at Google Scholar · View at Scopus
  12. K. U. Ruhse and M. Baturova, “Cloud computing: cloud computing as an integral part of a modern IT strategy,” ISACA Journal, vol. 3, p. 6, 2012. View at Google Scholar
  13. M. Böhm, S. Leimeister, C. Riedl, and H. Krcmar, Cloud Computing and Computing Evolution, TUM Technische Universität München, 2010.
  14. P. M. Mell and T. Grance, “Sp 800-145. the nist definition of cloud computing,” 2011.
  15. K. Petruch, V. Stantchev, and G. Tamm, “A survey on IT-governance aspects of cloud computing,” International Journal of Web and Grid Services, vol. 7, no. 3, pp. 268–303, 2011. View at Publisher · View at Google Scholar · View at Scopus
  16. V. Sambamurthy, A. Bharadwaj, and V. Grover, “Shaping agility through digital options: reconceptualizing the role of information technology in contemporary firms,” MIS Quarterly, vol. 27, no. 2, pp. 237–264, 2003. View at Google Scholar · View at Scopus
  17. A. Martins and J. Elofe, Information Security Culture, Springer, 2002.
  18. German Federal Office for Information Security, BSI-Standard 100-1, Bonn, Germany, 2008.
  19. “International Organization for Standardisation and International Electrotechnical Commission,” ISO/IEC, 27001, Geneva, Switzerland, 2013.
  20. “International Organization for Standardisation and International Electrotechnical Commission,” ISO/IEC, 27002, Geneva, Switzerland, 2005.
  21. German Federal Office for Information Security, IT-Grundschutz Catalogues, Bonn, Germany, 13th edition, 2013.
  22. F. Sabahi, “Cloud computing security threats and responses,” in Proceedings of the IEEE 3rd International Conference on Communication Software and Networks (ICCSN '11), pp. 245–249, May 2011. View at Publisher · View at Google Scholar · View at Scopus
  23. S. Yassa, R. Chelouah, H. Kadima, and B. Granado, “Multi-objective approach for energy-aware workflow scheduling in cloud computing environments,” The Scientific World Journal, vol. 2013, Article ID 350934, 13 pages, 2013. View at Publisher · View at Google Scholar
  24. R. A. Caralli, J. F. Stevens, B. J. Willke, and W. R. Wilson, “The Critical Success Factor Method: Establishing a Foundation for Enterprise Security Management,” July 2004.
  25. H. Takabi, J. B. D. Joshi, and G.-J. Ahn, “Security and privacy challenges in cloud computing environments,” IEEE Security and Privacy, vol. 8, no. 6, pp. 24–31, 2010. View at Publisher · View at Google Scholar · View at Scopus
  26. I. Foster, Y. Zhao, I. Raicu, and S. Lu, “Cloud Computing and Grid Computing 360-degree compared,” in Proceedings of the Grid Computing Environments Workshop (GCE '08), pp. 1–10, November 2008. View at Publisher · View at Google Scholar · View at Scopus
  27. W. Hau and R. Araujo, Virtualization and Risk-Key Security Considerations for Your Enterprise Architecture, McAfee, 2007.
  28. X. Xi, Y. Xu, and H. Todo, “The Present Situation of IT Outsourcing and Countermeasure,” 2013.
  29. X. Yu and Q. Wen, “A protect solution for data security in mobile cloud storage,” vol. 8784, pp. 87841F1-87841F-6, 2013.
  30. M. Missbach, J. Stelzel, C. Gardiner, G. Anderson, and M. Tempes, “Change and configuration management,” in SAP on the Cloud, pp. 83–100, Springer, Berlin, Germany, 2013. View at Google Scholar
  31. A. Parveen, S. Habib, and W. Ahmad, “The cloud-changing the Indian Healthcare System,” 2013.
  32. International Organization for Standardisation and International Electrotechnical Commission, ISO/IEC, 27000, Geneva, Switzerland, 2009.
  33. International Organization for Standardisation and International Electrotechnical Commission, ISO, 9000, Geneva, Switzerland, 2005.
  34. International Organization for Standardisation and International Electrotechnical Commission, ISO/IEC, 27003, Geneva, Switzerland, 2010.
  35. BSI UK, Moving from ISO/IEC, 27001:2005 to ISO/IEC, 27001:2013, Keynes, Milton, Ga, USA, 2013.
  36. M. Meingast, T. Roosta, and S. Sastry, “Security and privacy issues with health care information technology,” in Proceedings of the 28th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBS '06), pp. 5453–5458, September 2006. View at Publisher · View at Google Scholar · View at Scopus
  37. W. B. Runciman, J. A. H. Williamson, A. Deakin, K. A. Benveniste, K. Bannon, and P. D. Hibbert, “An integrated framework for safety, quality and risk management: an information and incident management system based on a universal patient safety classification,” Quality and Safety in Health Care, vol. 15, no. 1, pp. i82–i90, 2006. View at Publisher · View at Google Scholar · View at Scopus
  38. A. Rosenthal, P. Mork, M. H. Li, J. Stanford, D. Koester, and P. Reynolds, “Cloud computing: a new business paradigm for biomedical information sharing,” Journal of Biomedical Informatics, vol. 43, no. 2, pp. 342–353, 2010. View at Publisher · View at Google Scholar · View at Scopus