SlideShare a Scribd company logo

Hipaa auditing in cloud computing enviroment

Parshant Tyagi
Parshant Tyagi

The rise of cloud computing has been driven by the benefits, the cheapest purveyor of application hosting, storage, infrastructure, huge cost savings with low initial investment, elasticity and scalability, ease of adoption, operational efficiency, on-demand resources. With all the security and Privacy Laws in the Health Care field today anyone that works with confidential information should know how to protect that information. The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare data. Governance, compliance and auditing are becoming as important pedagogical subjects as long established financial auditing and financial control. Designing sound IT governance, compliance, and auditing is a challenging task. This Thesis elaborates the concept of HIPAA compliance in cloud computing by taking a look at the history and dynamics and how Cloud computing changes the astir of certain parts of HIPAA Security requirements. We briefly describe the cyber warfare as a premise to enforce the reasons for complying with government regulations for information systems. The purpose of this Thesis is to explain the importance of HIPAA and research what it takes for Healthcare data to be HIPAA Compliant. Also, explaining what is expected of Healthcare industries if there is an audit and how does HIPAA Auditing play a big part in HIPAA compliance. The Cloud is a platform where all users not only store their data but also used the services and software provided by Cloud Service Provider (CSP). As we know the service provided by the cloud is very economical due to which the user pay only for what he used. This is a platform where data owner remotely store their data in the cloud to enjoy the high quality services and applications. The user can access the data, store the data and use the data. In a Corporate world there are large number of client who accessing their data and modifying a data. To manage this data we use third party auditor (TPA), that will check the reliability of data but it increases the data integrity risk of data owner. Since TPA not only read the data but also he can modify the data, therefore a novel approach should be provided who solved this problem. We first examine the problem and new potential security scheme used to solve this problem. Our algorithm encrypt the content of file at user level which ensure the data owner and client that there data are intact.

TechnologyBusiness
1 of 25
The Health Insurance Portability and Accountability Act (HIPAA) Act supports the concepts of Electronic Health Record (EHR) and Health Information Exchange (HIE). Even though HIPAA has been around since 1996 it wasn’t taken seriously until HITECH was put into place in 2010. HITECH extended the HIPAA that was put into place in 1996 which contained two parts: Title I and Title II. •Title I to protect people in case they lost their job or switched jobs so that they could still have healthcare coverage. •Title II called Administrative Simplification was about data protection. From an IT Departments aspect HIPAA/HITECH is to control who can see what data depending on their job position, tracking data, and monitoring data. Also protecting stored data and data while it is being transferred through encryption. Access controls and processes also need to be set up.
What is cloud Computing? • cloud computing has been driven by the benefits, the cheapest purveyor of application hosting, storage, infrastructure, huge cost savings with low initial investment, elasticity and scalability, ease of adoption, operational efficiency, on-demand resources. • the cloud of computers extend beyond a single company or entity. the application and data served by cloud are available to broader group of users, cross enterprise, and cross platform. • access is via internet. any authorized user can access these documents, application from any computer over the internet. • access pay-as-you-go manner .
GENERATION OF HPC
Compliance and Audit in cloud • Compliance is a Conformance with an established standard, specification, regulation, or law. Various types of privacy regulations and laws exist within different countries at the local and global levels, making compliance a potentially complicated issue for cloud computing. • HIPAA in the US is just compliance issues affecting cloud computing, based on the type of data and application for which the cloud is being used. Maintaining and proving compliance when using cloud computing. • Audit is well positioned through its role as an assurance function to help management and the board identifies and considers the key risks of leveraging cloud computing technology.
HIPAA RULES
COMPLIANCE SECURITY
• The traditional cryptographic technologies for data integrity and availability, based on Hash functions and signature schemes. 1. Firstly, traditional cryptographic cannot work on the outsourced data. it is not a practical solution for data validation by downloading them due to the expensive communications, especially for large size files. 2. Secondly, Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc.
In a Corporate world there are large number of client who accessing their data and modifying a data. To manage this data we use third party auditor (TPA), that will check the reliability of data but it increases the data integrity risk of data owner. Since TPA not only read the data but also he can modify the data, therefore a novel approach should be provided who solved this problem. In this thesis we first examine the problem and new potential security scheme used to solve this problem. Our algorithm encrypt the content of file at user level which ensure the data owner and client that there data are intact. 1.Protect the data from unauthorized access. 2.Ensure that our data are intact. 3.Solve the problem of integrity, unauthorized access, privacy and consistency.
modules 1. Client Module: In this module, the client sends the query to the server. Based on the query the server sends the corresponding file to the client. 2. System Module: • User: Users, who have data to be stored in the cloud and rely on the cloud for data computation, consist of both individual consumers and organizations. • Cloud Service Provider (CSP): A CSP, who has significant resources and expertise in building and managing distributed cloud storage servers, owns and operates live Cloud Computing systems,. • Third Party Auditor (TPA): An optional TPA, who has expertise and capabilities that users may not have, is Trusted to assess and expose risk of cloud storage services on behalf of the users upon request.
ALGORITHM
screen shots Eucalyptus Private Cloud Setup
Admin Console
E-mail Confirmation
User Console
Audit Logs
Client request to csp
Cloud Server Login
Verify password if correct send a file that he wants to access
Conclusion • Creating a cost-effective and secure system design when the adversary owns the data is extremely challenging. • To protect the data from unauthorized access and ensure that our data are intact. • Solve the problem of integrity, unauthorized access, privacy and consistency.
Hipaa auditing in cloud computing enviroment

Recommended

Data Security
Data SecurityData Security
Data Securityankita_kashyap
 
Eight principles of consumer data privacy
Eight principles of consumer data privacyEight principles of consumer data privacy
Eight principles of consumer data privacySolix Technologies, Inc
 
Data security in Hybrid Cloud Computing
Data security in Hybrid Cloud ComputingData security in Hybrid Cloud Computing
Data security in Hybrid Cloud ComputingAnushkae0001
 
Ahearn Cloud Presentation
Ahearn Cloud PresentationAhearn Cloud Presentation
Ahearn Cloud Presentationjohnjamesahearn
 
Uganda Cloud Computing Panel
Uganda Cloud Computing PanelUganda Cloud Computing Panel
Uganda Cloud Computing PanelCommonwealth Telecommunications Organisation
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud ComputingMartin Bioh
 
In data security
In data securityIn data security
In data securityadithdev
 

Recommended

Data Security
Data SecurityData Security
Data Securityankita_kashyap
 
Eight principles of consumer data privacy
Eight principles of consumer data privacyEight principles of consumer data privacy
Eight principles of consumer data privacySolix Technologies, Inc
 
Data security in Hybrid Cloud Computing
Data security in Hybrid Cloud ComputingData security in Hybrid Cloud Computing
Data security in Hybrid Cloud ComputingAnushkae0001
 
Ahearn Cloud Presentation
Ahearn Cloud PresentationAhearn Cloud Presentation
Ahearn Cloud Presentationjohnjamesahearn
 
Uganda Cloud Computing Panel
Uganda Cloud Computing PanelUganda Cloud Computing Panel
Uganda Cloud Computing PanelCommonwealth Telecommunications Organisation
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud ComputingMartin Bioh
 
In data security
In data securityIn data security
In data securityadithdev
 
Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud AKHIL969626
 
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure FaxingHIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure FaxingeFax Corporate®
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware anAKHIL969626
 
CloudSecurity
CloudSecurityCloudSecurity
CloudSecurityUtkarsh Kumar
 
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGijsptm
 
Ss
SsSs
SsDukeLss
 
Enhancing Availability of Data in Mixed Homomorphic Encryption in Cloud
Enhancing Availability of Data in Mixed Homomorphic Encryption in CloudEnhancing Availability of Data in Mixed Homomorphic Encryption in Cloud
Enhancing Availability of Data in Mixed Homomorphic Encryption in Cloudijtsrd
 
eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?Mario Drobics
 
Compliant Email Solutions for HIPAA & SOX regulations
Compliant Email Solutions for HIPAA & SOX regulationsCompliant Email Solutions for HIPAA & SOX regulations
Compliant Email Solutions for HIPAA & SOX regulationsSherWeb
 
IoT_Implemented
IoT_ImplementedIoT_Implemented
IoT_ImplementedBrandon Walston
 
Lkm 2011
Lkm 2011Lkm 2011
Lkm 2011Anandavasagan
 
Secure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLPSecure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLPSecure Islands - Data Security Policy
 
Access control policy
Access control policyAccess control policy
Access control policyBsmah Fahad
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Brochure Imperva Vormetric
Brochure Imperva VormetricBrochure Imperva Vormetric
Brochure Imperva VormetricMichelle Guerrero Montalvo
 
What is IRM? bright talk
What is IRM? bright talkWhat is IRM? bright talk
What is IRM? bright talkritupande
 
Secure cloud storage privacy preserving public auditing for data storage secu...
Secure cloud storage privacy preserving public auditing for data storage secu...Secure cloud storage privacy preserving public auditing for data storage secu...
Secure cloud storage privacy preserving public auditing for data storage secu...rajender147
 
HIPAA
HIPAAHIPAA
HIPAADruce MacFarlane
 
Security in electronic health records
Security in electronic health recordsSecurity in electronic health records
Security in electronic health recordssamuelerie
 
Achieving Secure, sclable and finegrained Cloud computing report
Achieving Secure, sclable and finegrained Cloud computing reportAchieving Secure, sclable and finegrained Cloud computing report
Achieving Secure, sclable and finegrained Cloud computing reportKiran Girase
 
iaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocoliaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocolIaetsd Iaetsd
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesKresimir Popovic
 

More Related Content

What's hot

Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud AKHIL969626
 
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure FaxingHIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure FaxingeFax Corporate®
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware anAKHIL969626
 
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGijsptm
 
Enhancing Availability of Data in Mixed Homomorphic Encryption in Cloud
Enhancing Availability of Data in Mixed Homomorphic Encryption in CloudEnhancing Availability of Data in Mixed Homomorphic Encryption in Cloud
Enhancing Availability of Data in Mixed Homomorphic Encryption in Cloudijtsrd
 
eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?Mario Drobics
 
Compliant Email Solutions for HIPAA & SOX regulations
Compliant Email Solutions for HIPAA & SOX regulationsCompliant Email Solutions for HIPAA & SOX regulations
Compliant Email Solutions for HIPAA & SOX regulationsSherWeb
 
Access control policy
Access control policyAccess control policy
Access control policyBsmah Fahad
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
What is IRM? bright talk
What is IRM? bright talkWhat is IRM? bright talk
What is IRM? bright talkritupande
 
Secure cloud storage privacy preserving public auditing for data storage secu...
Secure cloud storage privacy preserving public auditing for data storage secu...Secure cloud storage privacy preserving public auditing for data storage secu...
Secure cloud storage privacy preserving public auditing for data storage secu...rajender147
 
Security in electronic health records
Security in electronic health recordsSecurity in electronic health records
Security in electronic health recordssamuelerie
 

What's hot (19)

Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud
 
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure FaxingHIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware an
 
CloudSecurity
CloudSecurityCloudSecurity
CloudSecurity
 
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
 
Ss
SsSs
Ss
 
Enhancing Availability of Data in Mixed Homomorphic Encryption in Cloud
Enhancing Availability of Data in Mixed Homomorphic Encryption in CloudEnhancing Availability of Data in Mixed Homomorphic Encryption in Cloud
Enhancing Availability of Data in Mixed Homomorphic Encryption in Cloud
 
eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?
 
Compliant Email Solutions for HIPAA & SOX regulations
Compliant Email Solutions for HIPAA & SOX regulationsCompliant Email Solutions for HIPAA & SOX regulations
Compliant Email Solutions for HIPAA & SOX regulations
 
IoT_Implemented
IoT_ImplementedIoT_Implemented
IoT_Implemented
 
Lkm 2011
Lkm 2011Lkm 2011
Lkm 2011
 
Secure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLPSecure Islands Case Study - Financial Firm Implements Enhanced DLP
Secure Islands Case Study - Financial Firm Implements Enhanced DLP
 
Access control policy
Access control policyAccess control policy
Access control policy
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
 
Brochure Imperva Vormetric
Brochure Imperva VormetricBrochure Imperva Vormetric
Brochure Imperva Vormetric
 
What is IRM? bright talk
What is IRM? bright talkWhat is IRM? bright talk
What is IRM? bright talk
 
Secure cloud storage privacy preserving public auditing for data storage secu...
Secure cloud storage privacy preserving public auditing for data storage secu...Secure cloud storage privacy preserving public auditing for data storage secu...
Secure cloud storage privacy preserving public auditing for data storage secu...
 
HIPAA
HIPAAHIPAA
HIPAA
 
Security in electronic health records
Security in electronic health recordsSecurity in electronic health records
Security in electronic health records
 

Similar to Hipaa auditing in cloud computing enviroment

Achieving Secure, sclable and finegrained Cloud computing report
Achieving Secure, sclable and finegrained Cloud computing reportAchieving Secure, sclable and finegrained Cloud computing report
Achieving Secure, sclable and finegrained Cloud computing reportKiran Girase
 
iaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocoliaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocolIaetsd Iaetsd
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesKresimir Popovic
 
Data Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationData Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationIJSRD
 
Cloud Information Accountability Frameworks for Data Sharing in Cloud
Cloud Information Accountability Frameworks for Data Sharing in CloudCloud Information Accountability Frameworks for Data Sharing in Cloud
Cloud Information Accountability Frameworks for Data Sharing in CloudIOSR Journals
 
Accountability in Distributed Environment For Data Sharing in the Cloud
Accountability in Distributed Environment For Data Sharing in the CloudAccountability in Distributed Environment For Data Sharing in the Cloud
Accountability in Distributed Environment For Data Sharing in the CloudEditor IJCATR
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkIOSR Journals
 
Paper id 212014106
Paper id 212014106Paper id 212014106
Paper id 212014106IJRAT
 
A Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
A Trusted TPA Model, to Improve Security & Reliability for Cloud StorageA Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
A Trusted TPA Model, to Improve Security & Reliability for Cloud StorageIRJET Journal
 
Enhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage SecurityEnhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage SecurityEditor IJMTER
 
Ieeepro techno solutions 2011 ieee dotnet project -secure role based data
Ieeepro techno solutions 2011 ieee dotnet project -secure role based dataIeeepro techno solutions 2011 ieee dotnet project -secure role based data
Ieeepro techno solutions 2011 ieee dotnet project -secure role based dataASAITHAMBIRAJAA
 
Ieeepro techno solutions 2011 ieee java project -secure role based data
Ieeepro techno solutions 2011 ieee java project -secure role based dataIeeepro techno solutions 2011 ieee java project -secure role based data
Ieeepro techno solutions 2011 ieee java project -secure role based datahemanthbbc
 
Improve HLA based Encryption Process using fixed Size Aggregate Key generation
Improve HLA based Encryption Process using fixed Size Aggregate Key generationImprove HLA based Encryption Process using fixed Size Aggregate Key generation
Improve HLA based Encryption Process using fixed Size Aggregate Key generationEditor IJMTER
 
Blockchain-Based Data Preservation System for Medical Data
Blockchain-Based Data Preservation System for Medical DataBlockchain-Based Data Preservation System for Medical Data
Blockchain-Based Data Preservation System for Medical DataSwarup Saha
 
Enablingdatadynamicandindirectmutualtrustforcloudcomputingstoragesystems 1310...
Enablingdatadynamicandindirectmutualtrustforcloudcomputingstoragesystems 1310...Enablingdatadynamicandindirectmutualtrustforcloudcomputingstoragesystems 1310...
Enablingdatadynamicandindirectmutualtrustforcloudcomputingstoragesystems 1310...Karyavardhi Sandra
 
Security threats in cloud computing
Security threats in cloud computingSecurity threats in cloud computing
Security threats in cloud computingPuneet Arora
 

Similar to Hipaa auditing in cloud computing enviroment (20)

Achieving Secure, sclable and finegrained Cloud computing report
Achieving Secure, sclable and finegrained Cloud computing reportAchieving Secure, sclable and finegrained Cloud computing report
Achieving Secure, sclable and finegrained Cloud computing report
 
iaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocoliaetsd Shared authority based privacy preserving protocol
iaetsd Shared authority based privacy preserving protocol
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 
Data Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud ApplicationData Stream Controller for Enterprise Cloud Application
Data Stream Controller for Enterprise Cloud Application
 
Cloud Information Accountability Frameworks for Data Sharing in Cloud
Cloud Information Accountability Frameworks for Data Sharing in CloudCloud Information Accountability Frameworks for Data Sharing in Cloud
Cloud Information Accountability Frameworks for Data Sharing in Cloud
 
Accountability in Distributed Environment For Data Sharing in the Cloud
Accountability in Distributed Environment For Data Sharing in the CloudAccountability in Distributed Environment For Data Sharing in the Cloud
Accountability in Distributed Environment For Data Sharing in the Cloud
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
 
Paper id 212014106
Paper id 212014106Paper id 212014106
Paper id 212014106
 
A Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
A Trusted TPA Model, to Improve Security & Reliability for Cloud StorageA Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
A Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
 
Enhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage SecurityEnhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage Security
 
Ieeepro techno solutions 2011 ieee dotnet project -secure role based data
Ieeepro techno solutions 2011 ieee dotnet project -secure role based dataIeeepro techno solutions 2011 ieee dotnet project -secure role based data
Ieeepro techno solutions 2011 ieee dotnet project -secure role based data
 
Ieeepro techno solutions 2011 ieee java project -secure role based data
Ieeepro techno solutions 2011 ieee java project -secure role based dataIeeepro techno solutions 2011 ieee java project -secure role based data
Ieeepro techno solutions 2011 ieee java project -secure role based data
 
1784 1788
1784 17881784 1788
1784 1788
 
1784 1788
1784 17881784 1788
1784 1788
 
Improve HLA based Encryption Process using fixed Size Aggregate Key generation
Improve HLA based Encryption Process using fixed Size Aggregate Key generationImprove HLA based Encryption Process using fixed Size Aggregate Key generation
Improve HLA based Encryption Process using fixed Size Aggregate Key generation
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Blockchain-Based Data Preservation System for Medical Data
Blockchain-Based Data Preservation System for Medical DataBlockchain-Based Data Preservation System for Medical Data
Blockchain-Based Data Preservation System for Medical Data
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Enablingdatadynamicandindirectmutualtrustforcloudcomputingstoragesystems 1310...
Enablingdatadynamicandindirectmutualtrustforcloudcomputingstoragesystems 1310...Enablingdatadynamicandindirectmutualtrustforcloudcomputingstoragesystems 1310...
Enablingdatadynamicandindirectmutualtrustforcloudcomputingstoragesystems 1310...
 
Security threats in cloud computing
Security threats in cloud computingSecurity threats in cloud computing
Security threats in cloud computing
 

Recently uploaded

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 

Recently uploaded (20)

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 

Hipaa auditing in cloud computing enviroment

  • 1.
  • 2.
  • 3. The Health Insurance Portability and Accountability Act (HIPAA) Act supports the concepts of Electronic Health Record (EHR) and Health Information Exchange (HIE). Even though HIPAA has been around since 1996 it wasn’t taken seriously until HITECH was put into place in 2010. HITECH extended the HIPAA that was put into place in 1996 which contained two parts: Title I and Title II. •Title I to protect people in case they lost their job or switched jobs so that they could still have healthcare coverage. •Title II called Administrative Simplification was about data protection. From an IT Departments aspect HIPAA/HITECH is to control who can see what data depending on their job position, tracking data, and monitoring data. Also protecting stored data and data while it is being transferred through encryption. Access controls and processes also need to be set up.
  • 4. What is cloud Computing? • cloud computing has been driven by the benefits, the cheapest purveyor of application hosting, storage, infrastructure, huge cost savings with low initial investment, elasticity and scalability, ease of adoption, operational efficiency, on-demand resources. • the cloud of computers extend beyond a single company or entity. the application and data served by cloud are available to broader group of users, cross enterprise, and cross platform. • access is via internet. any authorized user can access these documents, application from any computer over the internet. • access pay-as-you-go manner .
  • 5.
  • 6.
  • 8. Compliance and Audit in cloud • Compliance is a Conformance with an established standard, specification, regulation, or law. Various types of privacy regulations and laws exist within different countries at the local and global levels, making compliance a potentially complicated issue for cloud computing. • HIPAA in the US is just compliance issues affecting cloud computing, based on the type of data and application for which the cloud is being used. Maintaining and proving compliance when using cloud computing. • Audit is well positioned through its role as an assurance function to help management and the board identifies and considers the key risks of leveraging cloud computing technology.
  • 11. • The traditional cryptographic technologies for data integrity and availability, based on Hash functions and signature schemes. 1. Firstly, traditional cryptographic cannot work on the outsourced data. it is not a practical solution for data validation by downloading them due to the expensive communications, especially for large size files. 2. Secondly, Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc.
  • 12. In a Corporate world there are large number of client who accessing their data and modifying a data. To manage this data we use third party auditor (TPA), that will check the reliability of data but it increases the data integrity risk of data owner. Since TPA not only read the data but also he can modify the data, therefore a novel approach should be provided who solved this problem. In this thesis we first examine the problem and new potential security scheme used to solve this problem. Our algorithm encrypt the content of file at user level which ensure the data owner and client that there data are intact. 1.Protect the data from unauthorized access. 2.Ensure that our data are intact. 3.Solve the problem of integrity, unauthorized access, privacy and consistency.
  • 13.
  • 14. modules 1. Client Module: In this module, the client sends the query to the server. Based on the query the server sends the corresponding file to the client. 2. System Module: • User: Users, who have data to be stored in the cloud and rely on the cloud for data computation, consist of both individual consumers and organizations. • Cloud Service Provider (CSP): A CSP, who has significant resources and expertise in building and managing distributed cloud storage servers, owns and operates live Cloud Computing systems,. • Third Party Auditor (TPA): An optional TPA, who has expertise and capabilities that users may not have, is Trusted to assess and expose risk of cloud storage services on behalf of the users upon request.
  • 23. Verify password if correct send a file that he wants to access
  • 24. Conclusion • Creating a cost-effective and secure system design when the adversary owns the data is extremely challenging. • To protect the data from unauthorized access and ensure that our data are intact. • Solve the problem of integrity, unauthorized access, privacy and consistency.