Nowadays, a person's medical information is just as important as their financial records as they may include not only names and addresses but also various sensitive data such as their employee details, bank account/credit card information, insurance details, etc. However, this fact is often overlooked when designing a file storage system for storing healthcare data. Storage systems are increasingly subject to attacks, so the security system is quickly becoming a mandatory feature of the data storage systems. For the purpose of security, we are dependent on various methods such as cryptographic techniques, two-step verification, and even biometric scanners. This chapter provides a mechanism to create a secure file storage system that provides two-layer security. The first layer is in the form of a password, through which the file is encrypted at the time of storage, and second is the locations at which the user wants the files to be accessed. Thus, this system would allow a user to access a file only at the locations specified by him/her. Therefore, the objective is to create a system that provides secure file storage based on geo-location information.
TopIntroduction
The ways of the healthcare industry have changed significantly over the previous decade, as those who give health related administrations have started moving from paper-based procedures to electronic strategies. Today, it is not unusual to have a specialist enter an exam room with a portable workstation close by rather than use paper based charts. The medicinal services business produces enormous amount of information and those in the field perceive the advantages of consolidating more computerized procedures into their day to day operations such as cost investment funds, expanded effectiveness, and enhanced interchanges, to name a few.
The class of people who work towards obtaining people’s sensitive information and misuse it have now become more interested in their healthcare records as it provides them not only with their personal details such as name, address etc., but also other valuable information such as employer details, bank accounts/credit card information. By taking a patient's personal information and medical data, they can illicitly get medical goods and services. The victims are then left to manage the specialists, hospitals, insurance agencies etc. to determine the resulting monetary aftermath. Now and again, the victim can even lose their insurance, bringing about unreasonable out-of-pocket instalments to have their insurance re-established. There is additionally the threat of the true patient's medical records being changed or inaccurate data being inserted as a consequence of abuse or carelessness, which may keep them from getting legitimate treatment.
However, this sensitive nature of healthcare information is often overlooked when designing a file storage system for storing healthcare data. Therefore there is a need to implement secure file storage systems for healthcare data. This security can be authorized by utilizing various cryptographic procedures. Along with the assistance of these procedures the imperative documents can be encrypted and the clients can be given their suitable cryptographic keys.
Two-factor authentication systems have usually joined something you know, for example, a secret key or passphrase, with a second component to expand verification quality: either something you have, (for example, an entrance card or token), or something you are, (for example, biometrics). A supplementary component has recently been added to this to improve validation abilities: “somewhere you are”, also called geolocation. Using this feature in a multi-element verification system, we can limit remote access of documents to specific trusted areas.
Geolocation is a term used in information systems security circles to extrapolate the geographical location of a subject (a system or a person), based on available information. This location capability is commonly performed by isolating a host system's IP address from a packet header, identifying the owner of the IP address range associated with the target system, discovering the owner's mailing address, and drilling down further -- with the objective of pinpointing the physical location of the target IP address (What is Geolocation and How Does it Apply to Network Detection?).
The suggested file security system encrypts the files using Rijndael Algorithm (AES), In order for the file to be stored in a more secured manner, the system uses two more security mechanisms (AES: The Advanced Encryption Standard). First, each file has a password associated with it, without which the file cannot be accessed. This password is defined by the user and stored in the database after being hashed using SHA-512 algorithm. Secondly, at the time the user uploads the file, the system records the user’s current location and defines a trusted area, such that the file is accessible only within it. Therefore, when the user tries to access the file the system again captures the user’s location and checks whether it is in the confinement of the trusted area. To provide additional security the location for describing the trusted area is also encrypted using the Rijndael Algorithm (AES).
Various existing techniques used for cloud storage have been discussed.
Identity Based Authentication
In Cloud Computing, resources and services are distributed across numerous consumers. So there is a chance of various security risks. Therefore authentication of users as well as services is an important requirement for cloud security and trust. When SSL Authentication Protocol (SAP) was employed to cloud, it becomes very complex. As an alternative to SAP, proposed a new authentication protocol based on identity which is based on hierarchical model with corresponding signature and encryption schemes (Kahanwal, Dua & Singh, 2012).