Cloud Privacy Threat Modeling (CPTM)

Next generation sequencing (NGS) machines produce huge amount of data which requires scalable storage and post analysis. In order to accommodate this amount of information, many biobanks have shown interest in cloud computing capabilities.

However, the development of Cloud solutions encounters several vaults in the current scenario. There are several security and privacy requirements mandated by personal data protection legislation which hinders biobanks to migrate big data, generated by the NGS machines.

It also includes number of other factors such as lack of user control, fear of privacy breaches (which is mostly due to limited knowledge about the cloud), lack of training and experience, concerns about non authorized secondary usage of data, & regulatory complexity of a compliance. These are some of the bottlenecks which are acting as a detractor to the growth of cloud in the healthcare sector and biobanks.

Several modeling approaches are now available to answer the concern of privacy & its protection during cloud solutions usage. These models meet the mandatory requirements which Platform-as-a-service (PAAS) & Software-as-a-service (SaaS) should fit. CloudLIMS, a web based LIMS delivered as SaaS, is designed to follow regulatory guidelines for privacy and security.

The Cloud privacy threat modeling (CPTM) has been developed recently in support of the European Biobank Cloud project and gives an interesting examples of how many threats to cloud computing can be effectively handled by complying to the European data protection directive.

For complete research article, click here.