FYP Proposal - Research & Planning
Proposal for my FYP documentation idea for a 3 tier multi Architecture on aws
Problem Background and Proposed Solution:
Currently, most hospitals still run their operations on physical (on premises servers). Where this was the standard model for years, the issue comes in scaling and maintaining this environment, since it’s hard to scale and slow to update physical hardware. In this setup manual patching and monitoring is time consuming and is subjected to human error. The threat of this model became reality when the stakeholder system was hit by a ransomware attack, due to an outdated infrastructure, attackers were able to encrypt patient data and demand a ransom, which proves that the current system and its security measures are not only old but vulnerable to threats.
In a healthcare facility a system crash or a data breach is critical and its following effects on doctors, patients can be serious on a large scale. Unless we move towards a safer and more automated system, the hospital will continue to be a vulnerable when the next attack takes place. The solution is to have a way of making sure that patient records are always accessible, encrypted, and compliant with standards like HIPAA without necessarily having to use manual procedures.
Objectives:
The aim of the proposed project is to develop a secure cloud-based Hospital Management System on AWS in the form of a three-tier architecture that include:
1. To invistgate such concepts as cloud computing and cloud security, three-tier architecture, network segmentation, and secure system design of healthcare applications.
2. To develop a secure design of the hospital management system based on a three layer architecture on AWS, including networking, access control (IAM), and DevSecOps.
3. To evaluate the proposed system in terms of security, performance and scalability, using specific test strategy and validation.
Scope:
This project focuses on designing and implementing a secure cloud based hospital management using three tier architecture on Amazon web services
1. The system design
Design a web based hospital Management system
Include features such as:
1 2 3 4 5
1. User authentication 2. Appointment scheduling 3. Patient Record Management
2. Cloud Design
A 3 tier architecture consisting of:
1 2 3 4 5
1. Frontend layer 2. Backend layer 3. Database layer
AWS services consist of:
1 2 3 4 5 6 7
1. o VPC 2. o EC2 3. o RDS 4. o Load balancer
3. Network Design
A secure cloud network including:
1 2 3 4 5 6 7
1. o Public and Private subnets 2. o Route tables 3. o Internet gateway 4. o Traffic flow between layers
4. Security Design
A security layers of:
1 2 3 4 5 6 7
1. o Network security ( security groups and ACLs ) 2. o AWS Identity Access Management ( IAM and RBAC ) 3. o Data protection 4. o Secure communication over secure channels
5. DevSecOps Design
A CI/CD pipeline using but not limited to:
1 2 3 4 5
1. o GitHub actions 2. o Docker 3. o Terraform
- Includes automated build and deploy staging
- Security scanning ( container and code )
6. Monitoring Design
A monitoring mechanisms consists of:
1 2 3
o Amazon CloudWatch o AWS CloudTrail
Defining alerting and logging
Project Requirements:
| Software | React (Frontend), Flask or Node.js (Backend), MySQL/PostgreSQL (Database), Docker (Containerization), Terraform (IaC), GitHub Actions (CI/CD), Trivy, SonarQube, and Checkov (Security Scanning). |
| Hardware | Amazon Virtual EC2 Instances RDS Database Instances |
| Technology/Technique/ Method/Algorithm | Three Tier Architecture, Infrastructure as Code (IaC), DevSecOps, CI/CD, and Agile Development. |
| Network Elements | Virtual Private Cloud (VPC), Public and Private Subnets, Application Load Balancer, Security Groups (Firewall), Route Tables, and Internet/NAT Gateways. |
| Security Elements | AWS IAM (Identity and Access Management), Role Based Access Control (RBAC), Data Encryption at Rest (AES), Encryption in Transit (TLS/HTTPS), and Automated Security Pipelines. |
| Project Type | System Development |
| Project Area: | Cloud Computing and Cybersecurity (DevSecOps). |
You can find me online at:
