Abstract

Enforcing in code privacy laws, internal company rules and principles like Privacy by Design is recognized as a challenge for the IT industry. In this paper we analyze the steps required and propose a guide towards this major goal. Our proposal is to emphasize the need to overcome the limits of service orchestration and create strong privacy and security enabling architectures based on two main ideas. The first idea is to use a semantic firewall that is capable to check privacy properties for the communication between applications and cloud and between cloud's sub-systems. The second idea is to improve current SOA architectures with architectures based on executable choreographies that can be formally verified. In this paper we identify three types of executable choreographies. New types of abstraction which machines can verify and humans can trust are enabled by executable choreographies that act like truly verifiable environments for cloud applications.

Recommended Citation

Alboaie, S., Alboaie, L., & Panu, A. (2015). Levels of Privacy for eHealth Systems in the Cloud Era. In D. Vogel, X. Guo, C. Barry, M. Lang, H. Linger, & C. Schneider (Eds.), Information Systems Development: Transforming Healthcare through Information Systems (ISD2015 Proceedings). Hong Kong, SAR: Department of Information Systems. ISBN: 978-962-442-393-8. http://aisel.aisnet.org/isd2014/proceedings2015/Security/2.

Paper Type

Event

Share

COinS
 

Levels of Privacy for eHealth Systems in the Cloud Era

Enforcing in code privacy laws, internal company rules and principles like Privacy by Design is recognized as a challenge for the IT industry. In this paper we analyze the steps required and propose a guide towards this major goal. Our proposal is to emphasize the need to overcome the limits of service orchestration and create strong privacy and security enabling architectures based on two main ideas. The first idea is to use a semantic firewall that is capable to check privacy properties for the communication between applications and cloud and between cloud's sub-systems. The second idea is to improve current SOA architectures with architectures based on executable choreographies that can be formally verified. In this paper we identify three types of executable choreographies. New types of abstraction which machines can verify and humans can trust are enabled by executable choreographies that act like truly verifiable environments for cloud applications.