Security challenges and solutions using healthcare cloud computing

Cloud computing is among the most beneficial solutions to digital problems. Security is one of the focal issues in cloud computing technology, and this study aims at investigating security issues of cloud computing and their probable solutions. A systematic review was performed using Scopus, Pubmed, Science Direct, and Web of Science databases. Once the title and abstract were evaluated, the quality of studies was assessed in order to choose the most relevant according to exclusion and inclusion criteria. Then, the full texts of studies selected were read thoroughly to extract the necessary results. According to the review, data security, availability, and integrity, as well as information confidentiality and network security, were the major challenges in cloud security. Further, data encryption, authentication, and classification, besides application programming interfaces (API), were security solutions to cloud infrastructure. Data encryption could be applied to store and retrieve data from the cloud in order to provide secure communication. Besides, several central challenges, which make the cloud security engineering process problematic, have been considered in this study.


INTRODUCTION
Recently, clinical service demand on technology has been increased; cloud computing solutions, telemedicine, artificial intelligence, and electronic health can frequently provide better services [1]. Cloud computing is the delivery of different services through the Internet. These resources include tools and applications such as data storage, servers, databases, networking, and software [2]. Rather than owning their computing infrastructure or data centers, companies and organizations can lease access to whatever consists of storage or processing by the cloud service providers [3]. Shared resources, including servers, networks, storage tools, and application software, JOURNAL of MEDICINE and LIFE use cloud computing significantly [4,5]. Also, cloud computing users can access their programs and information using the Internet as a conduit. The adoption of cloud technology has been increased in all industries, including healthcare [6,7].
Healthcare organizations generate a wide range of data and information. Big data in the field of health need infrastructure for better storage and management. Patient data availability is one of the most vital needs in the health and medical industry [8]. Also, health researchers need easy access to extensive data for scientific analysis. Cloud technologies are applied in healthcare fields, such as mobile apps, patient portals, electronic medical records, devices with the Internet of Things (IoT), and big data analytics [9][10][11]] As per the service demands, healthcare providers need considerably to scale the data storage and network requirements.
Furthermore, using the cloud in electronic health records enables patients to easily and widely access their health information. Cloud computing changes how nurses, doctors, hospitals, and clinics deliver quality and profitable services to the patients. The challenges in the healthcare field include operational and infrastructure costs, security concerns to real-time information sharing, and robust backup.
Cloud computing has several advantages, including easy and convenient collaboration between users, reduced costs, increased speed, scalability, and flexibility. The data sharing process is more facilitated by cloud computing. Further, it has the potential to significantly decrease in-house infrastructural and operational costs in healthcare organizations [15]. By changing traditional data storage and handling procedures, cloud technology can speed up access to information and overcome the barriers that the industry stakeholders and patients encounter. Despite the numerous benefits of cloud computing, there are some drawbacks and challenges. Healthcare organizations are hesitant to adopt cloud computing due to security concerns, including patient information confidentiality, privacy, and service costs [16,17]. Although massive data generated in healthcare organizations should be available to physicians and researchers, confidentiality concerns must be considered [18][19][20]. New challenges in cloud computing technology emerge in tandem with the growth, epiphany, and use of cloud technology in healthcare organizations; thus, identifying healthcare challenges and security issues appears essential. Accordingly, there are new challenges or security issues concerning offered solutions to cloud computing in healthcare organizations that should be examined and reviewed. Alongside identifying security challenges in cloud technology, reviewing present security solutions and providing new ones are also important objectives of this study. The present study aims at identifying barriers, challenges, security issues, and solutions in implementing cloud computing in the healthcare industry.

Design
As this systematic review aimed at updating the results of earlier studies [21] concerning the topic, the eligible articles from the beginning of 2015 to November 2020 were retrieved. A comprehensive search of relevant literature was conducted utilizing the online databases of Scopus, Pubmed, Science Direct, and Web of Science. Two researchers were involved in the online search and identification of the relevant articles. In the first step, based on the inclusion criteria, the relevant studies were included using relevant keywords in the title or abstract. The literature not relevant to the present research and those with no original data were excluded. The second step involved a scrutinized full-text screening of the related article to choose the most eligible.

Research question
This study aims to address the following issues of the modern healthcare systems: • What are the main challenges threatening the security of cloud computing? • What are the solutions to overcome these potential difficulties?

Inclusion/Exclusion criteria
We included the English studies serving our study's purpose from the beginning of 2015 to November 2020. The exclusion criteria were as follows: • Preliminary data from incompleted projects; • Abstracts, conference abstracts, and any other incomplete projects without full-text manuscripts; • Review articles, letters to the editors, or any types of articles lacking original data.

•
Articles lacking available free full-text.

RESULTS
A total of 930 full texts of related studies were identified using the selected search strategy. After reviewing them, 360 duplicates were identified and removed; then, two independent investigators screened the title and abstract of the rest (570 resources). The full text of the extracted articles was reviewed, and the most relevant (245 resources) were selected based on the eligibility criteria. According to the selection criteria, 197 articles were excluded, all of which were found to be reviews (n=36), opinion articles (n=28), or not involving cloud security (n=133). Finally, 48 studies met inclusion criteria and were included in the final review ( Figure 1).
We identified common security challenges and potential solutions for cloud technology. The reviewed studies and cloud computing security challenges and solutions are presented in Table 1. According to the review of the studies, the most frequent cloud security challenges were information confidentiality (n=19), data security (n=14), data availability (n=14), data integrity (n=13), and network security (n=12); frequency data are shown in Figure 2. Furthermore, data encryption (n=17), authentication (n=10), application programming interfaces (API)(n=7), and data classification (n=6) were the most common solutions for the security challenges in cloud infrastructure ( Figure 3).

DISCUSSION
Although cloud computing, as a novel technology, provides patient data availability all across, it encounters critical challenges in meeting one of the health industry's most significant demands. In cloud computing, providing security systems is necessary due to its inherent features, such as remote data storage, lack of network environment, proliferation, and massive infrastructure sharing [69]. Therefore, accurate identification of security challenges and their appropriate solutions is essential for both cloud computing providers and organizations using this technology [62].  2019 India Cloud security challenges and solutions Security of data is a major factor, which restricts the acceptance of the cloud-based model. Using linear network coding and re-encryption based on ElGamal cryptography in the form of a hybrid approach to secure healthcare information over the cloud; Linear network coding mechanism.

12
Kumar PR [32] 2018 Brunei Cloud security challenges and solutions Confidentiality, integrity, availability, authentication, authorization, non-repudiation Creating the data, classifying the data, identifying the sensitive data, defining policies, and creating access methods for different data types; Creating policies for archiving and destroying data; Storing data with proper physical and logical security protection, including backup and recovery plan; Identifying which datatype can be shared, with whom and how it can be shared; defining data sharing policies; In cloud computing, many such policies are collectively called as Service Level Agreements (SLA); Creating a corrective action plan in case data is corrupted or hacked due to network or communication devices; security flaws while data is in transit; Data encryption; Using data duplication, redundancy, backups, and resilient systems to address availability issues. 2018 India Cloud security challenges and solutions The authentication process and security A combined approach of fine-grained access control over cloudbased multi-server data along with a provably secure mobile user authentication mechanism for the Healthcare Industry 4.0.

JOURNAL of MEDICINE and LIFE
Recently, artificial intelligence (AI) has shown a promising bright future in medical issues, especially when combined with cloud computing. Ahmed Sedik et al. have used AI deep learning to create a tool for quick screening of COVID-19 patients from their chest X-rays. This modality can be performed through a cloud-based system anywhere radiography equipment is found [70].
Identification systems also can use cloud computing. Alsmirat et al. have shown that digital cameras can act as a fingerprint identification system with an image compression rate of 30-40%, widely available on smartphones. Data security is a significant challenge there as well [71].
The present study indicates that the most vital challenge in cloud computing technology is maintaining data security. Malicious or negligent individuals may threaten data security. Several solutions provide data security, the most important of which is data encryption [20,25,29]. Data encryption is an essential line of protection in cybersecurity architecture. Encryption makes interrupted data use as difficult as possible [27,28,32]. Furthermore, data encryption is used to develop an encryption scheme that hypothetically can merely be broken with large amounts of computing potency [41,42,44,49]. Kaur et al. [49] and Dorairaj et al. [57] have stated data encryption as a strategy to protect data against security threats. The results of the current research further show data encryption as the best solution to provide data security.
Many methods have been proposed for data encryption. A four-image encryption scheme has been proposed by Yu et al. based on the computer-generated hologram, quaternion fresnel transforms (QFST), and two-dimensional (2D) logistic-adjusted-sine map (LASM). This innovative technology considerably decreases the key data sent to the receiver for decryption, making it more promising to be stored and transmitted [72]. In order to secure cloud data storage and its delivery to authorized users, a hierarchal identity-based cryptography method has been proposed by Kaushik et al. to assure that a malicious attacker or CSP does not change for its benefit [73].
Another research has proposed a method to avoid always using the upstream communication channel from the clients to the cloud server via an optimistic concurrency control protocol, which reduces communication delay for IoT users. Only update transactions are sent to the cloud using this method, and they are only partially validated at the fog node [74].
According to the present research results, confidentiality is the second most important challenge in cloud technology. It refers to the protection of data from being obtained by unauthorized individuals; in other words, sensitive information is only accessible by authorized persons [75]. Cloud data control can result in an increased risk of data compromise. To ensure that the patient-doctor relationship runs smoothly, patients must have faith in the healthcare system to keep their data private [17]. Studies have shown that confidentiality may be achieved by access control [52,62] and authentication [45,76]. A Mutual Authentication and Secret Key (MASK) establishment protocol has been presented by Masud et al. in the field of the Internet of Medical Things (IoMT) in COVID-19 patients. The proposed protocol uses Physical Unclonable Functions (PUF) to enable the network devices to validate the doctor legitimacy (user) and sensor node before establishing a session key. Therefore, it addresses the confidentiality, authentication, and integrity problems and secures the sensitive health information of the patients [77].
This research shows that integrity, availability, and network security are important issues in the cloud computing infrastructure. A developmental study has mentioned integrity and availability as challenging problems in implementing cloud-based services, especially when losing or leaking information could result in major legal-or business-related damage [34]. Confidentiality, Integrity, and Availability (CIA) have been reported as the main three factors in cloud system security, which are considered here for the evaluation [33].
The number of network security challenges has rapidly increased with the advent of wireless sensor networks [22,24]. Therefore, network security in cloud infrastructure has become a challenge for organizations [41,43]. The common network attacks have happened at the network layer, including IP spoofing, port scanning, man-in-middle attack, address resolution protocol (ARP) spoofing, routing information protocol (RIP) attack, denial of service (DoS), and distributed denial of service (DDoS) [58]. The attackers, for instance, can send a considerable number of requests in order to access virtual machines in cloud computing to restrict their availability to valid users; this is termed the DoS attack. The availability of cloud resources is targeted by this attack [63]. The related studies have shown that no specific security standard exists for security controls in wireless networks [24,51,63]. However, in order to keep security in cloud computing networks, potential solutions, including Application Programming Interfaces (API), data classification, and security management protocol, could be applied [60,64,78,79].

Limitations
Due to the nature of the solution protocols, we could not explain their details. We aimed to clarify the present challenges and possible solutions to help others address and work on the issues, thus skipping some details and protocols presented for solutions. We only reviewed the English studies, thus possibly missing some reports.

CONCLUSION
Cloud computing offers various benefits in data access and storage, particularly to healthcare organizations and relevant studies. Although the cloud computing environment is considered as a potential Internet-based computing platform, the security concerns