Last week, I spent time reading papers on ways a data owner can share his data in the Cloud while maintaining control over how his data is being used. Since data consumers may be untrusted and can send the data owner's data to friends via email or make illegal copies of the data which may not respect the privacy of the data owner, I am trying to incorporate ways a data owner can track how his data is being used. I read a paper entitled "A Software-Hardware Architecture for Self-Protecting Data" which combines an access control policy with the data which controls how the data is to be used. I will continue to read more papers along this path.
Regarding the app, I have successfully updated the Client application which reads the latest ECG and stores the ECG reading into a JPEG file for offline monitoring by a doctor or nurse. I have shown this to my supervisor and am now ready to implement the security layer for the app. I will spend 2-3 weeks on this. I will continue to post updates on this as they occur.