Software as a Service (SaaS) applications fully-exploiting the potential of elastic Cloud computing infrastructures naturally are enabling new ubiquitous access scenarios for nomadic users, such as market salesmen and home healthcare medical assistants. SaaS applications typically require to transfer data and resources to the Cloud infrastructure site; that raises several challenging issues spanning from access control to resources to privacy protection, ownership, and security of the data of the final SaaS users. However, although encryption of personal and enterprise data is strongly recommended by existing Cloud infrastructures, such as Amazon Web Services (AWS), typically they do not provide yet adequate encryption and key management support. This paper presents a real use case of Vitaever, a home healthcare SaaS application deployed on Amazon AWS, and discusses the challenges and changes needed to add cryptography and key management capabilities to the standard AWS Web/database offer so to enable SaaS data protection. We also show experimental results that benchmark the new security functions over Amazon, demonstrating their applicability to SaaS production deployments.

Bracci F., Corradi A., Foschini L. (2012). Database Security Management for Healthcare SaaS in the Amazon AWS Cloud. PISCATAWAY, NJ : IEEE Computer Society Press [10.1109/ISCC.2012.6249401].

Database Security Management for Healthcare SaaS in the Amazon AWS Cloud

BRACCI, FABIO;CORRADI, ANTONIO;FOSCHINI, LUCA
2012

Abstract

Software as a Service (SaaS) applications fully-exploiting the potential of elastic Cloud computing infrastructures naturally are enabling new ubiquitous access scenarios for nomadic users, such as market salesmen and home healthcare medical assistants. SaaS applications typically require to transfer data and resources to the Cloud infrastructure site; that raises several challenging issues spanning from access control to resources to privacy protection, ownership, and security of the data of the final SaaS users. However, although encryption of personal and enterprise data is strongly recommended by existing Cloud infrastructures, such as Amazon Web Services (AWS), typically they do not provide yet adequate encryption and key management support. This paper presents a real use case of Vitaever, a home healthcare SaaS application deployed on Amazon AWS, and discusses the challenges and changes needed to add cryptography and key management capabilities to the standard AWS Web/database offer so to enable SaaS data protection. We also show experimental results that benchmark the new security functions over Amazon, demonstrating their applicability to SaaS production deployments.
2012
Proceedings of the 17th IEEE International Symposium on Computers and Communications (ISCC'12)
812
819
Bracci F., Corradi A., Foschini L. (2012). Database Security Management for Healthcare SaaS in the Amazon AWS Cloud. PISCATAWAY, NJ : IEEE Computer Society Press [10.1109/ISCC.2012.6249401].
Bracci F.; Corradi A.; Foschini L.
File in questo prodotto:
Eventuali allegati, non sono esposti

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/118600
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 20
  • ???jsp.display-item.citation.isi??? 6
social impact