Security Enhancement of Kubernetes Management in the Blockchain Platform for Building the Medical System for Information Exchange in Cambodia
    1. Department of Information and Communication Engineering, Institute of Technology of Cambodia, Russian Federation Blvd., P.O. Box 86, Phnom Penh, Cambodia

Received: July 29,2022 / Revised: Accepted: October 19,2022 / Published: December 31,2022

Download PDF
Browse Figures

Medical Information System represents a designed system that enables medical staff to collect, store, manage, and transmit data to strengthen the health sector. Healthcare data is sensitive and therefore, it requires protection from unauthorized access. Besides, this data should be shareable among all health organizations. Thus, the health information system enables multiple users from different healthcare organizations to join the network and have the privilege to access their resource. So, Blockchain, Kubernetes, and Access Control are technologies that fully fit all requirements to create the new medical information exchange system. This research is to investigate Kubernetes, Blockchain, Access Control, and Open Policy Agent to solve the research problem. With the investigation, this article also designs and deploys role-based access control with MAC address verification using Open Policies Agent to manage the accessibility of the resources in the Kubernetes cluster, which handled the blockchain network to distribute health care data using a new medical information system. The proposed method of research is to design the use case of the whole system, select a better access control model, and design the selected access control model to deploy to the system. After the implementation of the access control model, the researcher will get a policy evaluation engine that is set up in front of the infrastructure stands as a proxy server, to ensure that no one can break the rule and also to protect the infrastructure by preventing attackers from accessing the infrastructure directly. Moreover, we can get access control processing time through a set of experimental results.