David J. Power

A relational approach to the capture of DICOM files for Grid-enabled medical imaging databases

The Standard for Digital Imaging and Communications in Medicine (DICOM) specifies a non-proprietary digital imaging format, file structure and data interchange protocols for the transfer of biomedical images and non-image data related to such images--it is a specification of the components that are required in order to achieve inter-operability between biomedical imaging computer systems. In this paper we describe how a Grid-enabled medical imaging database---eDiaMoND--employs an object-relational approach to the storage of DICOM files. Although the work described has been carried out within the context of a particular mammography related project, the underlying principles are applicable to other medical imaging systems dealing either with other modalities or with other diseases.

Towards secure Grid−enabled healthcare

The primary focus of the UK e‐Science Programme is the development of software architectures, middleware and applications to support the end‐user scientific community in the undertaking of large‐scale research. A significant subset of e‐Science projects is concerned with the healthcare domain: as well as satisfying the needs of the end users, such projects have to consider the legal, ethical and security constraints associated with the use of sensitive patient data—these concerns are particularly relevant within the context of the U.K.s National Health Service (NHS). In this paper we present a vision for Grid‐enabled healthcare that is sensitive to the information security requirements both of the NHS and the projects themselves. Although our motivation is principally derived from U.K.‐based e‐Health projects, this paper should be of interest to the worldwide health Grid community. By restricting ourselves to information security, we do not consider, for example, physical security or audit trail capabilities, which are outside the scope of this paper. The vision we describe is grounded in terms of experience, and reflects the challenges faced by the e‐DiaMoND project team. Copyright

GIMI: generic infrastructure for medical informatics

Breakthroughs in medical informatics have yielded a wealth of data across all aspects of patient care. One of the fundamental goals of e-Science should be facilitate the appropriate use of such data to improve patient care: both in the short-term and the long-term. Developments in Grid technology have brought about the promise of such data being used to, for example, support research into evidence-based patient centred care and facilitate on-demand decision support for practitioners. For such health grid dreams to become reality, however, it will first be necessary to tackle key technical challenges, such as those of interoperability and security. The GIMI (Generic Infrastructure for Medical Informatics) proposes to tackle exactly these generic problems within the context of healthcare in the United Kingdom.

On tracker attacks in health grids

The utilisation of grid computing to support healthcare research is becoming increasingly widespread, as is the use of IT to support healthcare delivery. Furthermore, it seems that the two areas are on an inevitable convergence path as clinical communities in several countries start to investigate how real data stored in electronic patient records can be utilised to facilitate research. The use of IT within healthcare gives rise to unique social and ethical challenges; the area of grid computing has given rise to significant novel security challenges; and the anticipated convergence of these two fields will inevitably give a new lease of life to established challenges. In this paper we consider the phenomenon of tracker attacks in this emerging context, and outline a potential approach to addressing the problem.

On Formalizing and Normalizing Role-Based Access Control Systems

Role-based access control (RBAC) has emerged as the dominant access control paradigm for service-oriented systems, with this dominance being reflected by the popularity of RBAC both with the research community and with information technology vendors. RBACs dominance was solidified in 2004 when an American National Standards Institute standard for RBAC was approved. In this paper, we consider some of the drawbacks of this standard and show how the formal description technique, Z, has been used to underpin a model of RBAC. The model builds on the work of Li et al. and adopts a modular approach. In particular, we consider the relationships between different types of inheritance within our model. We show our model can be used to define a notion of equivalence between different RBAC systems. Finally, we show how—via our model—a particular RBAC system can be normalized to produce a simpler—but semantically equivalent—representation. We illustrate this process via two examples.

Accessing and aggregating legacy data sources for healthcare research, delivery and training

The aggregation of data from disparate sources offers clear benefits for healthcare researchers and practitioners. Such aggregation, however, must satisfy ethical, legal and social requirements: data ownership must be respected; patient privacy must not be compromised; data storage and transfer must be secure; etc. In this paper we describe the query aspects of sif (for service-oriented interoperability framework), a system which has been developed to support healthcare-related applications that depend upon the secure aggregation of data from multiple legacy databases. Importantly, the system allows the federation of data stored in varying database management systems utilising varying schemas.

On the Facilitation of Fine-Grained Access to Distributed Healthcare Data

As an increasing amount of healthcare-related data is captured in both clinical and research contexts, the drive to provide appropriate access to such data becomes stronger. The very nature of such data means that simplistic approaches to authorisation--be they coarse-grained or role-based--are insufficient: the needs of the domain give rise to requirements for authorisation models capable of capturing fine-grained, expressive access control policies. We describe the development of a framework for the secure sharing and aggregation of healthcare-related data, called sif(for service-oriented interoperability framework). In particular, we concentrate on the access control aspects of the system and describe its utilisation of XACML in this respect.

On The Development of Secure Service-Oriented Architectures to Support Medical Research

In this article we report upon our experiences of developing Web-services based infrastruc-tures within two e-health projects. The first—a small demonstrator project funded by the UK’s National Cancer Research Institute (NCRI)—is concerned with facilitating the aggregation of different types of data (specifically, MRI scans and histopathology slides) to aid the treatment of colorectal cancer; the second—a rather larger project funded by the UK’s Medical Research Council (MRC)—is concerned with the development of a virtual research environment to support neuro-imaging research. In both cases, the underlying infrastructures are being developed by a team that is based in Oxford; it is the experiences of this team that we report upon in this article. We also report upon how we have considered the future potential for our systems interoperating with other systems which are deployed within the UK’s National Health Service (NHS).

A secure wrapper for OGSA-DAI

OGSA-DAI is a reference implementation of the OGSA Data Access and Integration services that facilitates homogeneous access to a wide range of databases, with this access being independent of the underlying database schemas and database management systems. In this paper we propose a secure wrapper for OGSA-DAI to allow an existing OGSA-DAI installation to be secured against inappropriate actions. The wrapper utilises XACML.

Automatic conformance checking of role-based access control policies via alloy

Access control policies are a crucial aspect of many security-critical software systems. It is generally accepted that the construction of access control policies is not a straightforward task. Further, any mistakes in the process have the potential to give rise both to security risks, due to the provision of inappropriate access, and to frustration on behalf of legitimate end-users when they are prevented from performing essential tasks. In this paper we describe a tool for constructing role-based access control (RBAC) policies, which are automatically checked for conformance with constraints described using predicate logic. These constraints may represent general healthiness conditions that should hold of all policies conforming to a general model, or capture requirements pertaining to a particular deployment.