Page
54
Configuration of A
ccess Control and Implicit Authentication Methods to Support
Electronic Health Records Systems within a Cloud Computing Environment
Emmanuel Kusi Achampong1 and Clement Dzidonu2
1 Department of Medical Education & IT, School of Medical Sciences, Universit
y of Cape
Coast, Cape Coast
2Accra Institute of Technology (AIT)
ABSTRACT
Objective:
The paper proposes an advanced
-
access control (A2C) method that combines the strengths of
various access controls and implicit authentication to secure electronic health
records (EHR)
in cloud environment.
Background:
Current access controls methods have security loopholes and are not flexible in its use and
application in the healthcare setting. Flexibility of access control methods are very important
for easy implement
ation and use by the intended users. The introduction of implicit
authentication into the access control methods adds additional security and flexibility. Thus
security and flexibility are not only ensured on desktop and laptop computers, but also mobile
d
evices which are used to access EHR in cloud environments.
Method:
The paper review problems associated with the current access control methods (DAC, MAC,
RBAC, and TBAC) and implicit authentication and propose how to resolve these problems
through the c
ombination of these access controls and implicit authentication. The approach
adopted combines the strengths of these access controls whilst minimizing their weaknesses
to make them more flexible without compromising on security in the cloud computing
envi
ronment. The paper argues that this combination of access controls and implicit
authentication will not make only the EHR secure in the cloud computing environment but
will also make it more flexible.
Results:
On the basis of these analyses, the paper pr
oposes methods for combining the access control
methods and implicit authentication to enhance security and improve flexibility. The
approach employed will help develop architecture for the combined access control methods
and implicit authentication. The p
aper describes a prototype implementation of the
architecture with EHR in a cloud computing environment.
Conclusion:
Advanced
-
access control method and implicit authentication offers a more secured and
flexible architecture for implementation of EHR in a
cloud computing environment.