Introduction

One of the best things about my MSc in Cyber Security Engineering was seeing theory come to life. Every module threw challenges at me, and one of the most applications of theoretical knowledge came from Cryptosystems and Data Protection. In this module, I tackled a real-world security issue: designing a cryptographic solution for a healthcare clinic migrating to the cloud.

With patient data, financial records, and prescription systems at stake, security wasn’t just an academic exercise, it was critical. So, I put my knowledge to the test and built a cryptographic framework for St. John’s Clinic. Here’s how I did it and how this experience shaped my ability to solve real security challenges.

The Challenge: Securing a Healthcare Ecosystem

St. John’s Clinic operates multiple interconnected systems:

  • MedRecords: Stores sensitive patient records.
  • FinCare: Handles financial transactions.
  • CareConnect: A patient portal for scheduling and medical access.
  • Electronic Prescribing System: Manages medication security.

With cloud adoption accelerating, the clinic needed airtight security. The risks? Data breaches, compliance failures, and insider threats. The solution? A layered cryptographic approach balancing usability, security, and scalability.

The Solution: A Cryptographic Security Architecture

Solution Architecture

1. Single Sign-On (SSO): Centralized Authentication with OpenID Connect

One of the first pain points I identified was password fatigue, staff and patients managing multiple credentials across different systems. Weak or reused passwords were a major attack vector.

My proposed solution? An OpenID Connect (OIDC)-based Single Sign-On (SSO) system, integrated with an Identity Provider (IdP) and enforcing MFA.

Technical Breakdown:

  • OIDC (built on OAuth 2.0) enables stateless authentication via JSON Web Tokens (JWTs) with asymmetric encryption (RS256 or ES256).
  • MFA implementation via TOTP (Time-Based One-Time Password) or WebAuthn for phishing-resistant authentication.
  • Access tokens (OAuth 2.0) secured via Proof Key for Code Exchange (PKCE) to prevent authorization code interception.

Security Impact:

Eliminates multiple credentials—One authentication session grants access to multiple systems.
Reduces attack surface—Centralized authentication allows uniform security policies.
Enhances compliance—Logs and audits align with GDPR & HIPAA.

2. Data Encryption: Hybrid Model for Data at Rest and in Transit

Healthcare data is a prime target for cybercriminals. Implementing a strong hybrid encryption strategy ensures robust protection.

Encryption Strategy:

  • Data at Rest: AES-256-GCM (Authenticated Encryption) to ensure confidentiality and integrity.
  • Key Protection: RSA-4096 or ECDH (Elliptic Curve Diffie-Hellman) for encrypting AES session keys.
  • HMAC (SHA-256 or SHA-512): Ensuring data integrity via cryptographic hashes.
  • Data in Transit: TLS 1.3 with forward secrecy (ECDHE + AES-GCM) to protect against MITM attacks.

Security Impact:

Confidentiality & Integrity—AES-GCM ensures both encryption and tamper resistance.
Key Exchange Security—RSA/ECDH secures AES keys, preventing unauthorized access.
Authentication & Verification—HMAC prevents undetected modifications.

3. Key Management: Cryptographic Lifecycle Security

Even the strongest encryption is ineffective without proper key management. I designed a multi-tiered key management strategy:

Key Lifecycle Management:

  • Hardware Security Modules (HSMs) for generating and storing master encryption keys.
  • Cloud Key Management Service (KMS) with automatic key rotation and access policies.
  • Elliptic Curve Cryptography (ECC) for better security with smaller key sizes compared to RSA.
  • X.509 Certificates & OCSP for real-time revocation and certificate validation.

Security Impact:

Tamper-resistant key storage—HSMs ensure private keys never leave hardware.
Granular access control—Cloud KMS enforces role-based permissions.
Reduced key compromise risks—Automated rotation and revocation mechanisms.

4. Secure Communication: TLS 1.3, VPN, and IPSec

To prevent eavesdropping and MITM attacks, I enforced:

  • Mandatory TLS 1.3 with AES-256-GCM for all internal and external communication.
  • Perfect Forward Secrecy (PFS) via Ephemeral Diffie-Hellman (ECDHE).
  • Strict Transport Security (HSTS) to prevent protocol downgrade attacks.
  • VPN & IPSec tunnels for encrypting remote connections.

Security Impact:

Prevents passive & active interception attacks.
Ensures confidentiality of API & system interactions.
Complies with GDPR & HIPAA communication security mandates.

5. Cryptographic Simulations: Attack Surface Testing with CrypTool

Before deployment, I validated the cryptographic architecture using CrypTool simulations:

  1. TLS 1.3 Handshake Simulation—Demonstrated secure HTTPS communication using ephemeral key exchange.
  2. SSO Authentication with MFA—Simulated OIDC-based authentication with 2FA.
  3. Hybrid Encryption for Secure File Transfers—Showcased AES+RSA for secure data storage.

Why This Matters

This experience directly aligns with the challenges Security Analysts and Cloud Security Engineers tackle daily:

🎯 Threat modeling & risk analysis—Identifying vulnerabilities in complex systems.
🎯 Architecting security solutions—Designing SSO, encryption, and access controls.
🎯 Implementing secure cloud practices—Ensuring compliance and resilience in cloud environments.