Chord Based Identity Management fore-Healthcare Cloud Applications

Chord Based Identity Management for

e-Healthcare Cloud Applications

Il Kon Kim, Zeeshan Pervez, Asad Masood Khattak, Sungyoung Lee

Department of Medical Informatics Graduate, Kyung Pook National University,

Department of Computer Engineering, Kyung Hee University, Korea

[email protected], {zeeshan, asad.masood, sylee}@oslab.khu.ac.kr

Abstract - Increase in healthcare awareness has raised the number

of subscriptions for e-Healthcare applications. Consequently e￾Healthcare application providers are adopting Cloud computing to

handle immense processing load and to reduce service delivery

cost. Identity management has been an issue which hinders in

adoption of e-Healthcare applications, due to sensitivity of the data

involved in it. Existing Cloud based e-Healthcare applications

provide access to their services though Single-Sign-On (SSO)

protocols. Traditional SSO uses asymmetric encryption, thus

increasing the execution load on Cloud gateway and on Identity

Provider as well. In this paper we propose a methodology of SSO

for Cloud applications by utilizing Peer-to-Peer concepts to

distribute processing load among computing nodes within Cloud.

The proposed scheme, called Chord for Cloud (C4C), decreases the

number of authentication request send to Identity Provider and

disseminates the authentication process within the federated

environment of Cloud, through Chord algorithm. The effectiveness

of the proposed technique has been shown through argumentation

scenarios.

I.INTRODUCTION

Wireless Sensor Network (WSN) nowadays becomes more

attractive to computer science researchers, due to its low cost

and ease of deployment within the selected areas. Sensors are

used to monitor patient’s health status and movements to

provide health services. Increase in healthcare awareness has

encouraged companies like Microsoft and Google to provide

e-Healthcare applications. Microsoft has developed a platform

to store and maintain health and fitness information, called

Health Vault [1]. It is a cloud service that helps people collect,

store, and share their personal health information. Meanwhile,

Google provides a personal health information centralization

services, known as Google Health [2], which allow users to

volunteer their health records, either manually or by logging

into their accounts at partnered health services providers, into

the Google Health system.

Health Vault and Google Health both are SaaS [3] based

applications, which provides health services to patients,

medical doctors, pharmacies and laboratories. SaaS is

becoming increasingly popular, due to the fact that services

which are offered through SOA can be configured in Cloud,

which makes them the most suitable candidate for Cloud

computing. Service accessibility in SOA is one of the most

important concerns for both service provider and service

consumer. A number of different algorithms have been

proposed in literature and standards have been developed by

the industry. However, algorithms and standards were

developed keeping in view client server architecture of

internet. Employing these standards to Cloud services restrict

service provider to fully avail benefits of Cloud computing.

Single-Sign-On (SSO) provides seamless services

accessibility. SSO methodologies are aligned to SOA, but

when services are hosted to Cloud this ease of accessibility

raises concern like computation service latency and

computation load of asymmetric encryption on service

provider and identity providers end. In order to make existing

solutions work with Cloud there is need to alter the way

session information is manipulated and stored in Cloud. Cloud

provides enormous process and storage power. We can

harness these implicit benefits of Cloud to make hosted

services more responsive and secure, by limiting the

interaction required to provide SSO functionality.

The rest of the paper is organized as follows. Section 2

discusses the related work. Section 3 presents the proposed

algorithm. In Section 4 we will discuss algorithms for Cloud

service provisioning. Section 5 discusses the implementation

strategy of proposed algorithm and in Section 6 we will

conclude the paper.

II. RELATED WORK

Cloud computing is being put to work in variety of services

and solutions like collaborative services, social network,

hosted emails and online backup services. Most significantly

it is being adopted by e-Healthcare applications. In an e￾Healthcare applications sensitive data is manipulated which

includes patient’s medical history, laboratory test report and

medicine prescriptions by the doctor. Numerous

authentication techniques have been proposed in literature and

adopted by service provider. OpenId and SAML are two

authentication mechanisms which have been used by

Microsoft and Google in their e-Healthcare services.

Microsoft Health Vault provides support for OpenId [4],

whereas, Google Health uses it own SAML [5] based

authentication model. Both of these solutions provide

seamless services access through variant SSO techniques.

OpenID and SAML were developed to support SSO in web

services. In most of the cases web services are migrated to

Cloud, but applying the existing authentication techniques do

2010 10th Annual International Symposium on Applications and the Internet

978-0-7695-4107-5/10 $26.00 © 2010 IEEE

DOI 10.1109/SAINT.2010.68

303 352 372 371 379 391