Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2012 Jan;16(1):166-75.
doi: 10.1109/TITB.2011.2171701. Epub 2011 Oct 17.

Secure management of biomedical data with cryptographic hardware

Mustafa Canim  1 Murat KantarciogluBradley Malin
Affiliations

Secure management of biomedical data with cryptographic hardware

Mustafa Canim et al. IEEE Trans Inf Technol Biomed. 2012 Jan.

Abstract

The biomedical community is increasingly migrating toward research endeavors that are dependent on large quantities of genomic and clinical data. At the same time, various regulations require that such data be shared beyond the initial collecting organization (e.g., an academic medical center). It is of critical importance to ensure that when such data are shared, as well as managed, it is done so in a manner that upholds the privacy of the corresponding individuals and the overall security of the system. In general, organizations have attempted to achieve these goals through deidentification methods that remove explicitly, and potentially, identifying features (e.g., names, dates, and geocodes). However, a growing number of studies demonstrate that deidentified data can be reidentified to named individuals using simple automated methods. As an alternative, it was shown that biomedical data could be shared, managed, and analyzed through practical cryptographic protocols without revealing the contents of any particular record. Yet, such protocols required the inclusion of multiple third parties, which may not always be feasible in the context of trust or bandwidth constraints. Thus, in this paper, we introduce a framework that removes the need for multiple third parties by collocating services to store and to process sensitive biomedical data through the integration of cryptographic hardware. Within this framework, we define a secure protocol to process genomic data and perform a series of experiments to demonstrate that such an approach can be run in an efficient manner for typical biomedical investigations.

PubMed Disclaimer

Figures

Fig. 1
Fig. 1
Proposed framework for management of biomedical data in third party cryptographic hardware.
Fig. 2
Fig. 2
Overview of the secure count protocol.
Fig. 3
Fig. 3
Execution time of the join operation for various buffer sizes.
Fig. 4
Fig. 4
Execution time for count queries on various datasets with different query sizes (SCP-based protocol).
Fig. 5
Fig. 5
Improvement ratio compared to the multiple third party protocol in [10].
Fig. 6
Fig. 6
Execution time of the join operation for various buffer sizes.
See this image and copyright information in PMC

References

    1. Khoury M, Rich EC, Randhawa G, Teutsch S, Niederhuber J. Comparative effectiveness research and genomic medicine: An evolving partnership for 21st century medicine. Genet Med. 2009;11(10):707–711. - PubMed
    1. Green E, Guyer M, National Human Genome Research Institute Charting a course for genomic medicine from base pairs to bedside. Nature Genet. 2011;470:204–213. - PubMed
    1. Gurwitz D, Lunshof J, Altman R. A call for the creation of personalized medicine databases. Nature Rev Drug Discov. 2006;5(1):23–26. - PubMed
    1. Burton P, Hansell A, Fortier I, Manalio T, Khoury M, Little J, Elliott P. Size matters: Just how big is big?: Quantifying realistic sample size requirements for human genome epidemiology. Int J Epidemiol. 2009;38(1):263–273. - PMC - PubMed
    1. National Institutes of Health. Policy for sharing of data obtained in NIH supported or conducted genome-wide association studies (GWAS) 2007 Aug; NOT-OD-07-088.

Publication types