The design of modern medical data information systems is driven by the need to collect and present data to authorized users. For collected medical data to be effective and improve patient treatment it must be transported from a device, aggregated, and analyzed to produce results that can be shared with care providers. Medical data may be analyzed and used years after collection at different locations because data sources and care providers often operate on different time scales and are geographically distributed. The need for distributed and long-term medical data storage thus requires an effective security model to delegate data access. Current data access delegation models do not provide end-to-end protection. An effective delegation model must keep data encrypted at all times and avoid the need to share decryption keys to avoid security vulnerabilities. We present a secure information architecture and prototype to implement such a model with end-to-end data encryption while restricting data access to designated recipients. Our architecture integrates recent Proxy Re-Encryption (PRE) advances into a client-server based security model that can be applied to open Internet communications. We discuss design tradeoffs and show experimental results. Our architecture lowers health care data management costs by enabling the secure outsourcing of data hosting to low-cost cloud computing environments. The architecture will also reduce the vulnerability of health care data systems to security challenges such as attacks compromising confidentiality and malicious insiders.
展开▼
