Professional Documents
Culture Documents
Group 3 ISC 6120 End Sem Project
Group 3 ISC 6120 End Sem Project
Group 3 ISC 6120 End Sem Project
The National Health Service (NHS) has given the green light for hospitals and social care
agencies to move healthcare data to the public cloud. The most critical issues in implementing
the HIS is a security issue, because the type of the data that stores and process in the HIS related
to the patient healthcare data and this type of the data are so sensitive and valuable. Therefore,
the security of data in HIS is very important.
a) Provide a holistic solution for privacy of sensitive data and usability of e-health systems.
Confidentiality – Ensuring only authorized users can view and access the specified level of
information. Model coverage uses the Bell-Lapadula model where Read-Up and Write-Down is
restricted. Access control is by the use of usernames and password accounts locked to a specific
domain.
Integrity – Focus is on the accuracy and trustworthiness of user data. This prevents modification
of data at rest and in transit. File permissions is to be enhanced per user. Cryptography checksum
of SHA-1 is to be used.
Availability – the system focus is on the hardware and cloud hosting support, to ensure the
system is well functioning when required. DRP plans need to be in place to ensure events such as
natural disasters, communication system breakdown and host system hardware failure does not
impact on the system and users. This is to be achieved by used of active-active replication hosts.
b) Develop a prototype application using php mysql to store patient medical. The application
can be entered using a username and password for different type of users. Encrypt Sensitive
data in the database using AES and the password should be hashed using SHA.
Attached is the Database code. The addemp folder was created inside xampp>htdocs.
2. Patient records: all functions except selecting, inserting, updating and referencing
blood_group and ailment.
3. Prescription: no access
Search: http://www.asfaa.org/members.php?id=-1
To display core tables:
http://www.asfaa.org/members.php?id=-1%20union%20select%201,2,3,4--+
Using table 2 as the main table, use union select. This displays the php version: