Moina: A Secure, Auditable, Scalable Instant Messaging System

Debjani Biswas and Mrigesh Kalvani
Carnegie Mellon University

Abstract

HIPAA regulations mandate certain minimum cri- teria (auditability,
encryption, privacy standards) that must be met by any technology that
is used to transmit or store Personal Health Information (PHI). This
paper describes the design and im- plementation of Moina, a
distributed multi-party secure messaging service. Moina uses public
and private cloud resources to log and track medical communications
while keeping all PHI on-premise.  Moina relies on XMPP for messaging,
Consul for service discovery and health-monitoring and Raft to ensure
replicated message logging. By integrat- ing these components well, we
demonstrate that Moina is capable of providing real-time chat capa-
bilities between many concurrent clients over long- distances.