Using Desktop Grids to Securely Store e-Health Data
Desktop Grids are a specialized form of distributed system, whereby shared resources (processor or storage) are provided on a voluntary basis by resource contributors. These environments are able to provide commodity resources not only for CPU-intensive tasks, but also for applications that require significant amounts of memory, disk space and network throughput. For example, the widely used Berkeley Open Infrastructure for Network Computing (BOINC) infrastructure can provide a sustained rate of 95.5 teraflops, 7.74 petabytes of storage and an access rate of 5.27 terabytes per second.
The potential computing power of desktop Grids is, however, even greater. With the number of Internet-connected PCs projected to reach 1 billion by 2015, a distributed computing power will be in place with several petaflops and a storage capacity of around one exabyte, far exceeding what can be provided by any centralized system. It is therefore unsurprising that a significant amount of effort is now aimed at 'volunteer computing' as a new paradigm for both the computational and data Grids.
On the other hand, modern e-Health systems require advanced computing and storage capabilities, leading to the adoption of technology like the Grid and giving birth to health Grid systems. In particular, intensive care medicine uses this paradigm when facing the high flow of data coming from intensive care units (ICUs). Sensors monitoring an ICU inpatient typically generate around 700MB of data per day, in addition to images, physician's annotations and so forth. These data must be stored so that, for example, data-mining techniques can be applied at a later time to find useful correlations for practitioners facing similar problems.
Unfortunately, moving an ICU patient's data to a desktop Grid requires an integral security solution to be established. This must be harmonized with the current EU data protection legislation and be able to avoid common attacks on the data and metadata being managed. There is a clear need not only to identify the vulnerabilities associated with health Grids and desktop Grids, but also to design new mechanisms able to provide confidentiality, availability and integrity. To this end, the joint research taken early this year by the CoreGRID's WP2 partners, FORTH (Greece) and UCY (Cyprus), has proved that the greatest threat to patient privacy comes in fact from desktop clients, which cannot be fully trusted and may easily leak personal data. In an effort to cope with the identified privacy gaps, this joint research has also contributed a security protocol for providing privacy to health Grid systems from a data-centric point of view, while maintaining compatibility with EU legal frameworks and high-level security mechanisms (ie electronic health cards). The proposed privacy protocol makes use of two well-known data-security techniques (encryption and fragmentation), plus a novel concept involving a quantitative evaluation of the security level associated with the desktop Grid's nodes.
We expect to implement this novel protocol in the coming months within the ICGrid system, using the gLite middleware and paying particular attention to performance issues related to the use of cryptographic mechanisms.
University of Cyprus
Tel: +357 22892663
Tel: +30 2810391699
Marios D. Dikaiakos
University of Cyprus
Tel: +357 22892700