These file attachments have been under embargo and were made available to the public after the embargo was lifted on 3 November 2011.
Cloud computing is an emerging technology that is expected to support Internet scale critical applications which could be essential to the healthcare sector. Its scalability, resilience, adaptability, connectivity, cost reduction, and high performance features have high potential to lift the efficiency and quality of healthcare. However,it is also important to understand specific risks related to security and privacy that this technology brings. This paper focuses on a home healthcare system based on cloud computing. It introduces several use cases and draws an architecture based on the cloud. A comprehensive methodology is used to integrate security and privacy engineering process into the software development lifecycle. In particular,security and privacy challenges are identified in the proposed cloud-based home healthcare system. Moreover, a functional infrastructureplan is provided to demonstrate the integration between the proposed application architecture with the cloud infrastructure. Finally, the paper discusses several mitigation techniques putting the focus on patient-centric control and policy enforcement via cryptographic technologies, and consequently on digital rights management and attribute based encryption technologies.