Healthy Living Combining Cloud Computing, Client-Server As Well As New Pub/Sub Mesh Node Network Architectures (Part 2 Of 2)

In my previous post, I described 3 fundamental architectures for deploying wellness information technology software programs together with exchanging patient information inwards a national wellness information network (NHIN). They are:

1. Cloud computing
2. Client server
3. Publish/subscribe mesh node networks.

In this ship service I force the utilisation cases of each, equally good equally cautions to live taken in their implementation.

Cloud Computing Architecture Use Cases

The cloud is most useful inwards utilisation cases where (a) Internet bandwidth is high together with connectivity is constant together with consistent; (b) information together with technology standards are well-established; together with (c) at that spot is concrete assurance that if a spider web service provider goes out of business, the healthcare organization volition conduct hold ample chance to recover all the information stored there. Influenza A virus subtype H5N1 primary do goodness of cloud computing is lower upfront terms compared to client-server architectures. That is, if your local estimator doesn't conduct hold the resources necessary to run a software program, it may live cheaper, faster, or to a greater extent than convenient to run the programme inwards the cloud than through traditional client-server architecture.

Cloud Computing Security Concerns

When cloud computing is used, however, caution should live taken to protect sensitive patient information inwards a cloud through end-to-end encryption or past times storing only de-identified patient data. Because it is together with so important, I've included the next quotes from several sources close cloud safety issues:

• "[Trend Micro, the] safety company, inwards its in its predictions for 2010 predictions study for 2010, identified cloud computing equally a tendency that volition amplify threats to companies over-reliant on cloud computing vendors. It… warned the nature of the cloud makes it an attractive target to hackers, who are drawn to the repose of going later on a unmarried cloud serving diverse customers together with taking downwardly 'multiple systems secured the same way'…The increased amounts of information handed over to cloud providers volition likewise pose risks inwards terms of availability together with information privacy, it said. Companies opened upward themselves to the possibility of service providers going out of business, or having physical together with internal breaches…It highlighted the importance of avoiding cloud lock-in together with beingness able to switch providers "at volition or inwards line alongside concern needs", together with so equally to retain command over the company's information technology processes…Beyond the information center, threats prevarication inwards connectivity to the cloud…Web protocol technologies such equally SSL (Secure Sockets Layer), DNS (Domain Name System) together with BGP (Border Gateway Protocol) are soundless plant inwards progress, beingness 'developed earlier safety was a consideration'. Security researchers conduct hold been identifying flaws inwards these technologies--last year, a BGP vulnerability was revealed to conduct hold been known inwards the manufacture for over a decade, but remained an inherent problem…'The enquiry is whether whatever cloud vendor could reasonably ensure that unauthorized access is non possible, that a hacker volition never live able to re-create millions of user records, login credentials, online banking information, billing information, transaction records together with the like." [Reference]
• "DATA PROTECTION: cloud computing poses several information protection risks for cloud customers together with providers. In simply about cases, it may live hard for the cloud client (in its role equally information controller) to effectively depository fiscal establishment lucifer the information treatment practices of the cloud provider together with thence to live certainly that the information is handled inwards a lawful way. This occupation is exacerbated inwards cases of multiple transfers of data, e.g., betwixt federated clouds…INSECURE OR INCOMPLETE DATA DELETION: when a asking to delete a cloud resources is made, equally alongside most operating systems, this may non outcome inwards truthful wiping of the data. Adequate or timely information deletion may likewise live impossible (or undesirable from a client perspective), either because extra copies of information are stored but are non available, or because the disk to live destroyed likewise stores information from other clients. In the illustration of multiple tenancy together with the reuse of hardware resources, this represents a higher adventure to the client than alongside dedicated hardware…MALICIOUS INSIDER: spell normally less likely, the harm which may live caused past times malicious insiders is oft far greater. Cloud architectures postulate certainly roles which are extremely high-risk. Examples include CP scheme administrators together with managed safety service providers." [Reference]
• "…[B]usiness technology pros what worries them close cloud computing, safety concerns…[may] destination upward sinking whatever motility to the cloud… information technology departments…aren't equally confident of where hurting points such equally safety flaws may be. What novel intrusion points are introduced? How tin a companionship live certainly that its information sitting inwards the vendor's information centre is safe? When should information live encrypted?...[S]ecurity defects inwards the technology…[is] a peak concern alongside cloud computing …One of the biggest risks of cloud computing is that of the unknown… One can't assume that encryption is available inwards all cloud services…Encryption creates a lot of overhead, together with suppliers don't desire to degrade application performance or absorb the terms if customers don't position a premium on it…[C]ompanies demand to intend of their networks instantly extending beyond their ain physical environments together with into the supplier's information center. As companies sew together to a greater extent than cloud services together, that challenge multiplies. Influenza A virus subtype H5N1 related complication comes from the fact that cloud services conduct hold been designed inwards vacuums, alongside each vendor securing its ain connections but non the others…[T]he to a greater extent than information that goes into the cloud, together with the to a greater extent than valuable that data, the to a greater extent than appealing it becomes equally an laid on target…That's why companies, in 1 lawsuit they've worked their agency through the network safety issues of transferring information to together with from a cloud provider, demand to probe the vendor's information centre operations…[C]ompanies must create upward one's heed how comfortable they experience putting information together with applications inwards the cloud…Only a brave few dive in…completely…Vendors admit the fear…[and a] lack of trust close cloud service security." [Reference]
• Not only do safety concerns be exterior the cloud, but equally discussed below, privacy concerns be within the cloud since cloud vendors are able to hold off at your database. “'Cloud computing is a trap, warns GNU founder Richard Stallman…It’s stupidity. It’s worse than stupidity: it’s a marketing hype campaign'…Somebody is proverb [that cloud computing] is inevitable – together with whenever you lot listen individual proverb that, it’s real probable to live a laid of businesses campaigning to arrive true…Amazon’s marketing of a ‘VPN to the cloud’…as the solution to a company’s safety concerns…[but] Amazon simply doesn’t teach it…’It’s them against us…thousands of hackers attacking together with nosotros simply don’t conduct hold the resources.’…We tin easily guesstimate that at whatever given indicate inwards fourth dimension we’d conduct hold at to the lowest degree 1,000,000 hackers willing to compromise whatever mega corporation...Amazon’s answer appears to live focused on creating a moat inwards forepart of their cloud, together with spell that’s non a bad idea, inwards no agency does this alleviate the threats within of the cloud itself non to advert an array of other reasons…’Computer safety researchers had previously shown that when 2 programs are running simultaneously on the same operating system, an assailant tin pocket information past times using an eavesdropping programme to analyze the agency those programs portion retention space. They posited that the same kinds of attacks mightiness likewise piece of work inwards clouds when dissimilar virtual machines run on the same server…The bottom line is, how tin you lot defend the exterior of your cloud when you lot mightiness non fifty-fifty live able to trust the within of your cloud...Is a cloud provider willing to allow you lot to perform an in-depth penetration exam to ensure you lot come across compliance? For now, tin fifty-fifty forget close the exterior threat to your cloud, those threats volition e'er exist, what tin you lot do to defend the insider? Seriously…So when a provider states that: ‘We reserve the correct to invade your privacy at whatever given indicate inwards time,’ it simply doesn’t audio together with so appealing, peculiarly when companies are looking to potentially shop client information inwards the cloud. Do you lot honestly desire a 3rd political party viewing your client database?...[When Amazon states that] ‘It’s of import to annotation that nosotros conduct hold the privacy of our customers real seriously, together with don’t inspect the contents of instances’…[and] ‘Abusers who conduct to run their software inwards an surroundings similar Amazon EC2, arrive easier for us to access together with disable their software’…how would Amazon know whether something is a rogue or a misconfigured application, without taking a look?...they’d HAVE TO hold off at it.” [Reference]
• "…[Y]ou tin transfer adventure but never responsibility…no cloud provider volition give you lot the safety you lot need. There tin never live a cloud computing provider who tin give you lot the sort of safety protections that an in-house safety squad tin together with the logic behind this controversy is a elementary together with factual one: a cloud provider won't lose equally much equally you lot would at the destination of the day. Therefore the incentives to conk 'above together with beyond' tin never together with volition never exist…Cloud computing providers tin only comprehend together with so much Blue Planet when it comes to safety together with what they volition comprehend is oft a baseline based on oft obsolete guidelines. Even if they could comprehend all the necessary bases, the virtualized surroundings itself would forever live at odds alongside forensics…When a machine is virtualized, its states alter chop-chop together with the possibilities of doing forensics is out of one's hands together with out of your company's command together with inwards fact, fifty-fifty exterior of the cloud providers' control. Influenza A virus subtype H5N1 cloud provider volition not…take dozens if non hundreds of other virtualized machines offline to brand a forensic replica should the demand arise…Cloud services are peculiarly hard to investigate, because logging together with information for multiple customers may live co-located together with may likewise live spread across an ever-changing laid of hosts together with information centers. If you lot cannot teach a contractual commitment to back upward specific forms of investigation, along alongside show that the vendor has already successfully supported such activities…[you're] worse off [with the cloud] than keeping things inwards solid from a forensics indicate of thought together with an incident answer indicate of view." [Reference]
• "There are e'er risks involved when dealing alongside working online, regardless of how secure a host mightiness say a spider web application is, that fact of the affair stands that the safety adventure of running an application of the Internet is to a greater extent than meaning than when running an application on a standalone desktop computer. Some applications require to a greater extent than safety than others, playing Sudoku on a spider web application would stimulate lilliputian concern, but dealing alongside sensitive corporate formulas or accounting details inwards a spider web surroundings mightiness live determined risky." [Reference]
• "Web applications are exposed to to a greater extent than safety risks than desktop applications. You tin conduct hold a total command over the standalone applications together with protect it from diverse vulnerabilities. This may non live the illustration alongside spider web applications equally they are opened upward to a large number of users inwards the Internet community thence widening the threat." [Reference]
• "Working online has its ain laid of risks similar hacking together with virus threats. The adventure is higher compared to a desktop computer, since a malfunction of the desktop tin outcome inwards loss of partial data. The crash of a spider web server tin outcome inwards consequences beyond the command of a business." [Reference]
• "Local applications installed on your estimator give you lot meliorate safety together with do non require a connexion to the web. Also, inwards many cases, local applications furnish meliorate integration alongside the operating system." [Combining Cloud Computing, Client-Server together with Novel Pub/Sub Mesh Node Network Architectures (Part 1 of 2)
• The force for ‘push’ technology for the NHIN
• A Novel Way for Everyone inwards the Nation to Exchange Health Data Simply, Inexpensively together with Securely
• Simple, Low-Cost, Secure Health Data Exchange
• Who should Own a Patient’s Health Data, Where should they live Stored, together with How should they live Exchanged (Part 1 of 2)
• Who should Own a Patient’s Health Data, Where should they live Stored, together with How should they live Exchanged (Part 2 of 2)
• Health IT: Comparing Cloud Computing together with Desktop Applications (Part 1)
• Health IT: Comparing Cloud Computing together with Desktop Applications (Part 2)
• Health IT: Comparing Cloud Computing together with Desktop Applications (Part 3)
• Dueling Data Formats
• Knowledge, Standards together with the Healthcare Crisis: Part 6  
• Introducing our disruptive CP Split technology

Share this post