Thursday, November 7, 2013

Cloud Storage and Confidentiality

How could Medical Imaging manage the images split across multiple third-party ISPs?

This is a strong point of cloud storage and virtualization, the abstraction away of what specific machine data is stored on. MI doesn’t have to manage how the images are split across the ISPs, since Airange provides transparent aggregation for them. That transparent aggregation allows for there to be rapid scaling and load balancing to provide high availability, even with fluctuating computing needs. (UMUC, 2011, pg 5)

What they do need to manage is that they provide for the confidentiality protection of their images, since they are not direct parties to the security arrangements between the cloud provider and the third party infrastructure. Since the images they are storing should be just be stored, MI should be encrypting their data before uploading it. This is not always useful, or practical though; such as when the cloud is being expected to provide data analytics or manipulation. (Kumar & Lu, 2010) Documents, like those written on Google Docs, cannot be encrypted before uploading if users want to harness the benefits of spelling checks.

How might Medical Imaging (MI) keep other cloud subscribers from accessing MI’s data?

Depending on how their storage situation is occurring, MI may not have any action other than to encrypt their uploads. If, though, they have been provided an entire virtual machine in which to store the images, then they should implement the full gambit of host based protections, just as if it were their own machine. A hardened operating system, if that level of customization is available, such as SELinux or a BSD distro versus Ubuntu. (NSA, 2009) Anti-virus, software firewall, and disabling unnecessary services.


Kumar, K., & Lu, Y. H. (2010). Cloud computing for mobile users: Can offloading computation save energy?. Computer, 43(4), 51-56.

NSA. (2009). Security-Enhanced Linux. National Security Agency. Retrieved from http://www.nsa.gov/research/selinux

UMUC. (2011). Preventive and Protective Strategies in Cybersecurity. CSEC-630. Retrieved from http://tychousa3.umuc.edu/

No comments:

Post a Comment