Automating Security Checks Using Cloud Tools Through Additions to an API; Maintaining Healthcare Data Security in the Cloud

Min, Jihong, School of Engineering and Applied Science, University of Virginia
Vrugtman, Rosanne, EN-Comp Science Dept, University of Virginia
Ferguson, Sean, EN-Engineering and Society, University of Virginia
Graham, Daniel, EN-Comp Science Dept, University of Virginia
Cohoon, Jim, EN-Comp Science Dept, University of Virginia

My technical project and STS research paper both centered around cloud computing. The technical project focusing on using cloud provider tools to secure a system, and the research paper focusing on maintaining security on the cloud through new innovations.
In my summer internship, which was my technical project, I was a part of the cloud engineering team at Viasat, a satellite internet company. My job was to implement automated security checks for all the accounts the team had to manage by making additions to their API. This was done by utilizing various tools from Amazon Web Services (AWS), the leading cloud provider, and integrating them with the existing security tools of the team. The process involved figuring out what could be potential weaknesses in the current system, extensive discussions, and code reviews to make sure our implementation was secure. The API additions made it to production by the end of the internship, and able to be used by the team and other engineers at Viasat.
For my STS research paper, I focused on cloud computing’s role in the healthcare industry using the Social Construction of Technology (SCOT) framework. The healthcare industry is one of the most plagued by data breaches, as medical data is very valuable and healthcare systems are vulnerable. Cloud adoption in healthcare is continuously rising to aid in this, but there are still vulnerabilities with traditional cloud security, as cyber attackers adapt to the more sophisticated systems. There are many aspects to security that need to be maintained, and different groups like the cloud providers, government, and health IT can have different views on what the best solution is. The research paper covered potential solutions and innovations like blockchain, automation, mutual authentication, and cloud provider guidance that could potentially solve different aspects of healthcare data security.
The work that was involved in finishing these projects was very fulfilling. The technical project was my first foray into a professional work environment and cloud computing. It allowed me to see how secure systems worked, and how to make additions using existing cloud provider tools to make them even more secure. It also motivated me to explore cloud even further for my STS research paper. During my research, I realized how complex systems could be, and how even the tools that are currently available are not enough to fend off cyber-attacks. It also opened my eyes to new ways that security can be maintained, and that innovation is always happening in this field.

BS (Bachelor of Science)
SCOT, Cloud Computing, Healthcare Data, Security

School of Engineering and Applied Science
Bachelor of Science in Computer Science
Technical Advisor: Rosanne Vrugtman
STS Advisor: Sean Ferguson
Technical Team Members: Kyle Mikolajczyk

All rights reserved (no additional license for public reuse)
Issued Date: