GMS | 65th Annual Meeting of the German Association for Medical Informatics, Biometry and Epidemiology (GMDS), Meeting of the Central European Network (CEN: German Region, Austro-Swiss Region and Polish Region) of the International Biometric Society (IBS) | ASCLEPIOS: Sharing and Analysing Healthcare Data in the Cloud with New Cryptographic Methods

65th Annual Meeting of the German Association for Medical Informatics, Biometry and Epidemiology (GMDS), Meeting of the Central European Network (CEN: German Region, Austro-Swiss Region and Polish Region) of the International Biometric Society (IBS)

06.09. - 09.09.2020, Berlin (online conference)

Artikel

XML Version

Artikel empfehlen

ASCLEPIOS: Sharing and Analysing Healthcare Data in the Cloud with New Cryptographic Methods

Meeting Abstract

Suche in Medline nach

Dagmar Krefting - University Medical Center Göttingen, Göttingen, GermanyHochschule für Technik und Wirtschaft Berlin, Berlin, Germany
James Bowden - Hochschule für Technik und Wirtschaft Berlin, Berlin, Germany
Antonis Michalas - Pervasive Computing, Tampere, Finland
Kassaye Yitbarek Yigzaw - Norwegian Centre for E-health Research, Tromsoe, Norway
Tamas Kiss - Centre for Parallel Computing, University of Westminster, London, United Kingdom
Thomas Penzel - Interdisziplinäres Schlafmedizinisches Zentrum – Charité Berlin, Berlin, Germany
Silvia D. Olabarriaga - Amsterdam Medical Centers, University of Amsterdam, Amsterdam, Netherlands
Marcela Tuler de Oliveira - Amsterdam Medical Centers, University of Amsterdam, Amsterdam, Netherlands
Yiannis Verginadis - Institute of Communication and Computer Systems, National Technical University of Athens, Athens, Greece

Deutsche Gesellschaft für Medizinische Informatik, Biometrie und Epidemiologie. 65th Annual Meeting of the German Association for Medical Informatics, Biometry and Epidemiology (GMDS), Meeting of the Central European Network (CEN: German Region, Austro-Swiss Region and Polish Region) of the International Biometric Society (IBS). Berlin, 06.-09.09.2020. Düsseldorf: German Medical Science GMS Publishing House; 2021. DocAbstr. 259

doi: 10.3205/20gmds163, urn:nbn:de:0183-20gmds1631

Veröffentlicht:	26. Februar 2021

© 2021 Krefting et al.
Dieser Artikel ist ein Open-Access-Artikel und steht unter den Lizenzbedingungen der Creative Commons Attribution 4.0 License (Namensnennung). Lizenz-Angaben siehe http://creativecommons.org/licenses/by/4.0/.

Gliederung

Top
Text

Text

Background: Medical data sharing is a typical scenario in healthcare settings. Current solutions in sharing healthcare data are based on end-to-end encryption between two or more partners known in advance. Such an approach does not allow potential collaborators to search for data, dynamically grant and reject access or to process such data in the Cloud. The Advanced Secure Cloud Encrypted Platform For Internationally Orchestrated Solutions In Healthcare project (ASCLEPIOS) aims at building a secure platform to overcome this difficulty.

Methods: The platform is designed as a cloud-based platform and tested along three clinical use cases:

Effective Acute Stroke Treatment during emergency and follow-up care.
Collaboration for inpatient and outpatient sleep medicine in biosignal analysis.
Antibiotics prescription benchmarking of General Practicioners (GP).

The three use cases show three common typical characteristics of complex health-care applications:

(a) Actors from different administrative domains are involved, (b) External IT infrastructures and communication over the internet are required, and (c) Anonymization of the sensitive data is not possible.

These characteristics imply specific requirements such as fine-grained dynamic and flexible access control (R1). For emergency settings, healthcare actors are not known personally beforehand but require instant access to sensitive data. Data transfer and processing outside the clinics lead to mandatory encryption. This is not only true for obviously identifying data such as names or facial images. Metadata, for example the frequency of hospital or GP visits, may also reveal sensitive health information, but is required to find data and needs therefore available for legitimate users in all three use cases (R2).

Results: The ASCLEPIOS platform is currently implemented in collaboration of security experts and representatives of healthcare application developers. The main methods and functionalities are described here on a high level of abstraction. From the main requirements, it is clear that the platform should employ novel cryptographic methods. The untrusted resource provider requires the data to be encrypted at all times, both while stored at the cloud and when exposed to the internet. On the other hand, flexible access to metadata search and analytics on these data are required by the use cases. This leads to two new encryption schemes: R1 can be realized with attribute-based encryption. In ASCLEPIOS, specific policies allow for specification of data access control conditioned by attributes associated with the user. R2, without revelation of the search results to the provider, is addressed by searchable encryption. In particular, symmetric searchable encryption shows sufficient performance to be applicable in real world scenarios.

Conclusion: The project combines advanced cryptographic techniques such as symmetric searchable encryption and attribute-based encryption to protect healthcare data during storage and transfer in data sharing scenarios employing external storage resources. Specific challenges are compatibility of encryption and syntactic interoperability with other healthcare systems as well as privacy-preserving data queries and analytics.

The authors declare that they have no competing interests.

The authors declare that an ethics committee vote is not required.

gms | German Medical Science