Designing security of personal data in distributed health care platform

Authors

DOI:

https://doi.org/10.15587/2312-8372.2018.141299

Keywords:

PHR security, medical blockchain, sensitive data security, body sensor network security

Abstract

The object of research is the design of EHR system capable for both patient-physician communication and secure and privacy preserving cross-organisational analytical collaboration. Constant patient monitoring and amount of quality data available for further analysis is crucial for more accurate medical recommendations and therefore general wellbeing. On the other hand, most of the current architectural approaches are subject to different vulnerabilities to data integrity and can’t provide multi-party computations (MPC) proof from sensitive information leakage resulting in very fragmented datasets available for each clinic or health organisation. Another improvement area is edge level sensor network communication security.

In this paper it is proposed to split architecture into layers with dedicated security zones. This fragmentation allows to effectively segment infrastructure, allowing each element to apply to its own authentication and authorization requirements as well as secure data individually. Side effect of this approach is reducing network load and eliminating security and privacy issues by minimising sensitive data transfer (e. g. basic data gathering and processing is being performed on the smart sensors). Usage of Hyperledger is suggested for maintaining data integrity with off-chain database for optimizing transactions storage and speed. Utilization of MPC allows to share records between akin organisations for joint calculations and ml-models training without revealing actual data.

Suggested approaches allow building robust and flexible yet secure platform for sensitive data gathering, analysis and multi-party processing without revealing users’ identities leveraging advantages of edge computing, Hyperledger and joint data calculations.

Author Biographies

Anatolii Petrenko, National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute», 37, Peremohy ave., Kyiv, Ukraine, 03056

Doctor of Technical Sciences, Professor, Head of Department

Department of System Design

Institute of Applied Systems Analysis

Roman Kyslyi, National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute», 37, Peremohy ave., Kyiv, Ukraine, 03056

Postgraduate Student

Department of System Design

Institute of Applied Systems Analysis

Ihor Pysmennyi, National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute», 37, Peremohy ave., Kyiv, Ukraine, 03056

Postgraduate Student

Department of System Design

Institute of Applied Systems Analysis

References

  1. Li, M., Lou, W., Ren, K. (2010). Data security and privacy in wireless body area networks. IEEE Wireless Communications, 17 (1), 51–58. doi: https://doi.org/10.1109/mwc.2010.5416350
  2. Internet of Things Security Architecture. Available at: https://docs.microsoft.com/en-us/azure/iot-suite/iot-security-architecture
  3. Kshetri, N. (2017). Can Blockchain Strengthen the Internet of Things? IT Professional, 19 (4), 68–72. doi: https://doi.org/10.1109/mitp.2017.3051335
  4. Anderson, R. J. (1996). A security policy model for clinical information systems. Proceedings 1996 IEEE Symposium on Security and Privacy. doi: https://doi.org/10.1109/secpri.1996.502667
  5. Al Ameen, M., Liu, J., Kwak, K. (2010). Security and Privacy Issues in Wireless Sensor Networks for Healthcare Applications. Journal of Medical Systems, 36 (1), 93–101. doi: https://doi.org/10.1007/s10916-010-9449-4
  6. He, Y., Johnson, C. W. (2012). Generic security cases for information system security in healthcare systems. 7th IET International Conference on System Safety, Incorporating the Cyber Security Conference 2012. doi: https://doi.org/10.1049/cp.2012.1507
  7. Puthal, D., Malik, N., Mohanty, S. P., Kougianos, E., Yang, C. (2018). The Blockchain as a Decentralized Security Framework [Future Directions]. IEEE Consumer Electronics Magazine, 7 (2), 18–21. doi: https://doi.org/10.1109/mce.2017.2776459
  8. Ekblaw, A., Azaria, A., Halamka, J. D., Lippman, A. (2016). A Case Study for Blockchain in Healthcare: ‘MedRec’ prototype for electronic health records and medical research data. White Paper, 13.
  9. Kuo, T.-T., Kim, H.-E., Ohno-Machado, L. (2017). Blockchain distributed ledger technologies for biomedical and health care applications. Journal of the American Medical Informatics Association, 24 (6), 1211–1220. doi: https://doi.org/10.1093/jamia/ocx068
  10. Going off chain for storage. (2017). Available at: http://goo.gl/xwauRC
  11. Zyskind, G., Nathan, O., Pentland, A. Enigma: Decentralized Computation Platform with Guaranteed Privacy. Available at: https://enigma.co/enigma_full.pdf
  12. Rahmani, A. M., Liljeberg, P., Preden, J.-S., Jantsch, A. (Eds.) (2018). Fog Computing in the Internet of Things. Springer. doi: https://doi.org/10.1007/978-3-319-57639-8
  13. Jangde, P., Mishra, D. K. (2011). A Secure Multiparty Computation Solution to Healthcare Frauds and Abuses. 2011 Second International Conference on Intelligent Systems, Modelling and Simulation. doi: https://doi.org/10.1109/isms.2011.75
  14. Gascón, A., Schoppmann, P., Balle, B., Raykova, M., Doerner, J., Zahur, S., Evans, D. (2017). Privacy-Preserving Distributed Linear Regression on High-Dimensional Data. Proceedings on Privacy Enhancing Technologies, 2017 (4), 345–364. doi: https://doi.org/10.1515/popets-2017-0053
  15. Gupta, A. K., Mann, K. S. (2014). Sharing of Medical Information on Cloud Platform-A Review. IOSR Journal of Computer Engineering, 16 (2), 08–11. doi: https://doi.org/10.9790/0661-16270811
  16. Baidu Mobile Deep Learning. Available at: https://github.com/baidu/mobile-deep-learning
  17. Huang, Y., Evans, D., Katz, J. (2012). Private set intersection: Are garbled circuits better than custom protocols. Network and Distributed System Security Symposium (NDSS), 5–8.
  18. Selimi, M., Kabbinale, A. R., Ali, A., Navarro, L., Sathiaseelan, A. (2018). Towards Blockchain-enabled Wireless Mesh Networks. Proceedings of the 1st Workshop on Cryptocurrencies and Blockchains for Distributed Systems – CryBlock’18. doi: https://doi.org/10.1145/3211933.3211936

Downloads

Published

2018-04-24

How to Cite

Petrenko, A., Kyslyi, R., & Pysmennyi, I. (2018). Designing security of personal data in distributed health care platform. Technology Audit and Production Reserves, 4(2(42), 10–15. https://doi.org/10.15587/2312-8372.2018.141299

Issue

Vol. 4 No. 2(42) (2018): Information and Control Systems

Section

Information Technologies: Original Research

License

Copyright (c) 2018 Anatolii Petrenko, Roman Kyslyi, Ihor Pysmennyi

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.