Abstract
The medical community is producing and manipulating a tremendous volume of digital data for which computerized archiving, processing and analysis is needed. Grid infrastructures are promising for dealing with challenges arising in computerized medicine but the manipulation of medical data on such infrastructures faces both the problem of interconnecting medical information systems to Grid middlewares and of preserving patients’ privacy in a wide and distributed multi-user system. These constraints are often limiting the use of Grids for manipulating sensitive medical data. This paper describes our design of a medical data management system taking advantage of the advanced gLite data management services, developed in the context of the EGEE project, to fulfill the stringent needs of the medical community. It ensures medical data protection through strict data access control, anonymization and encryption. The multi-level access control provides the flexibility needed for implementing complex medical use-cases. Data anonymization prevents the exposure of most sensitive data to unauthorized users, and data encryption guarantees data protection even when it is stored at remote sites. Moreover, the developed prototype provides a Grid storage resource manager (SRM) interface to standard medical DICOM servers thereby enabling transparent access to medical data without interfering with medical practice.
Similar content being viewed by others
References
Acharya, R., Wasserman, R., Sevens, J., Hinojosa, C.: Biomedical imaging modalities: a tutorial. Comput. Med. Imaging Graph. 19(1), 3–25 (1995)
Alfieri, R., Cecchini, R., Ciaschini, V., dell’Agnello, L., Frohner, Á., Gianoli, A., Lörentey, K., Spataro, F.: VOMS, an Authorization system for virtual organizations. In: European Across Grids Conference (EAGC) (2003)
Allcock, B., Bester, J., Bresnahan, J., Chervenak, A., Foster, I., Kesselman, C., Meder, S., Nefedova, V., Quesnal, D., Tuecke, S.: Data management and transfer in high performance computational Grid environments. Parallel Comput. J. (PCJ) 28(5), 749–771 (2002)
AMGA: ARDA metadata catalog project: http://project-arda-dev.web.cern.ch/project-arda-dev/
Andriole, K., Morin, R., Arenson, R., Carrino, J., Erickson, B., Horii, S., Piraino, D., Reiner, B., Seibert, J., Siegel, E.: Addressing the coming radiology crisis: the society for computer applications in radiology SCAR transforming the radiological interpretation process (TRIP) initiative. J. Digit. Imaging (JDI) 17(4), 235–243 (2004)
Barillot, C., Valabregue, R., Matsumoto, J., Aubry, F., Benali, H., Cointepas, Y., Dameron, O., Dojat, M., Duchesnay, E., Gibaud, B., Kinkingnéhun, S., Papadopoulos, D., Pélégrini-Issac, M., Simon, E.: NeuroBase: Management of distributed and heterogeneous information sources inNeuroimaging. In: Distributed Database and Processing in Medical Image Computing Workshop (DiDaMIC’04). Saint Malo, France (2004)
Baru, C., Moore, R., Rajasekar, A., Wan, M.: The SDSC storage resource broker. In: IBM Center for Advanced Studies Conference (CASCON’98). Toronto, Canada (1998)
BIRN: Biomedical informatics research network: http://www.nbirn.net/
Blanchet, C., Mollon, R., Deléage, G.: Secured distributed service to manage biological data on the EGEE Grid. In: HealthGrid’06, pp. 142–152. Valencia, Spain (2006)
Blanquer Espert, I., Hernández García, V., Segrelles, D.: TRENCADIS - A WSRF Grid middle ware for mnaging DICOM structured reporting objects. In: HealthGrid’06, pp. 381–391. Valencia, Spain (2006)
Blanquer Espert, I., Hernández García, V., Segrelles Quilis, J.: Creating virtual storages and searching DICOM medical images through a GRID middleware based in OGSA. J. Clin. Monit. Comput. 19(4-5), 295–305 (2005)
Budgen, D., Turner, M., Kotsiopoulos, I., Zhu, F., Bennett, K., Brereton, P., Keane, J., Layzell, P., Russell, M., Rigby, M.: Managing healthcare information: the role of the broker. In: HealthGrid’05. Oxford, UK (2005)
CTN: MIR DICOM central test node software. The central test node. Available at http://wuerlim.wustl.edu/DICOM/ctn.html
DICOM: Digital imaging and communication in medicine. Available at http://medical.nema.org/
EDG: DataGrid FP5 European project. Available at http://www.edg.org
EGEE: Enabling Grids for E-sciencE phase I and II, FP6 European IST project, contract number INFSO-RI-508833: http://www.eu-egee.org/
EGEE JRA1: Fireman catalog user guide. JRA1 data management cluster. https://edms.cern.ch/document/570780 (2005)
EGEE JRA1: gLite I/O user guide. JRA1 data management cluster. https://edms.cern.ch/document/570771 (2005)
Ellisman, M., Baru, C., Grethe, J., Gupta, A., James, M., Ludäscher, B., Martone, M., Papadopoulos, P., Peltier, S., Rajasekar, A., Santini, S., Zaslavsky, I.: Biomedical informatics research network: an overview. In: HealthGrid’05. Oxford, UK (2005)
Ferraiolo, D., Kuhn, D.: Role based access control. In: NIST-NCSC National Computer Security Conference, pp. 554–563 (1992)
Germain, C., Breton, V., Clarysse, P., Gaudeau, Y., Glatard, T., Jeannot, E., Legré, Y., Loomis, C., Magnin, I., Montagnat, J., Moureaux, J.-M., Osorio, A., Pennec, X., Texier, R.: Grid-enabling medical image analysis. J. Clin. Monit. Comput. 19(4–5), 339–349 (2005)
gLite middleware: http://www.glite.org/
Hastings, S., Oster, S., Langella, S., Kurc, T., Pan, T., Catalyurek, U., Saltz, J.: A Grid-based image archival and analysis system. J. Am. Med. Inform. Assoc. (JAMIA) 12, 286–295 (2005)
Huang, H.: PACS: picture archiving and communication systems in biomedical imaging. Hardcover (1996)
Montagnat, J., Bellet, F., Benoit-Cattin, H., Breton, V., Brunie, L., Duque, H., Legré, Y., Magnin, I., Maigne, L., Miguet, S., Pierson, J.-M., Seitz, L., Tweed, T.: Medical images simulation, storage, and processing on the european dataGrid testbed. Journal of Grid Computing (JGC) 2(4), 387–400 (2004)
Montagnat, J., Breton, V., Magnin, I.: Using Grid technologies to face medical image analysis challenges. In: BioGrid’03, proceedings of the IEEE CCGrid03 (BioGrid’03), pp. 588–593. Tokyo, Japan (2003)
OGF: Open Grid Forum: http://www.ogf.org
Perelmutov, T., Petravick, D., Gu, J., Barring, O., Baud, J.-P., De Witt, S., Jensen, J., Synge, O., Haddox-Schatz, M., Hess, B., Kowalski, A., Watson, C.: SRM Interface specification v2.2. Technical report, FNAL, USA (2002)
Power, D., Politou, E., Slaymaker, M., Simpson, A.: Securing web services for deployment in health Grids. Future Gener. Comput. Syst. 22(5), 547–570 (2006)
SAML: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
Santos, N., Koblitz, B.: Metadata services on the Grid. In: Advanced Computing and Analysis Techniques (CAT’05) (2005)
Santos, N., Koblitz, B.: Distributed metadata with the AMGA metadata catalogue. In: Workshop on Next-Generation Distributed Data Management (HPDC’06). Paris, France (2006)
Seitz, L.: Conception et mise en oeuvre de mécanismes sécurisés d’échange de données confidentielles; application à la gestion de données biomédicales dans le cadre d’architectures de grille de calcul/données’. Ph.D. thesis, INSA, Lyon, France (2005)
Seitz, L., Pierson, J.-M., Brunie, L.: Key management for encrypted data storage in distributed systems. In: IEEE Security in Storage Workshop (SISW’03). Washington DC, USA (2003)
Seitz, L., Pierson, J.-M., Brunie, L.: Encrypted storage of medical data on a Grid. Methods Inf. Med. (MIM) 44(2), (2005)
Shamir, A.: How to share a secret. Commun. ACM 22, 612–613 (1979)
Torres, E., C. De Alfonso, Blanquer Espert, I., Hernández García, V.: Privacy protection in HealthGrid: distributing encryption management over the VO. In: HealthGrid’06, pp. 131–141. Valencia, Spain (2006)
OASIS: XACML http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Montagnat, J., Frohner, Á., Jouvenot, D. et al. A Secure Grid Medical Data Manager Interfaced to the gLite Middleware. J Grid Computing 6, 45–59 (2008). https://doi.org/10.1007/s10723-007-9088-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10723-007-9088-2