1 The e-Logistics of Securing Distributed Medical Data Andrew M. Snyder Alfred C. Weaver.

Slides:

Advertisements

Similar presentations

Security of Things Kelly Jagers op Akkerhuis

Advertisements

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.

MC 2 : High Performance GC for Memory-Constrained Environments - Narendran Sachindran, J. Eliot B. Moss, Emery D. Berger Sowmiya Chocka Narayanan.

MC 2 : High Performance GC for Memory-Constrained Environments N. Sachindran, E. Moss, E. Berger Ivan JibajaCS 395T *Some of the graphs are from presentation.

.NET Framework Overview Pingping Ma Nov 16 th, 2006.

Principles of Information Security, 2nd edition1 Cryptography.

EVALUATION OF HIPAA SECURITY REQUIREMENTS ON ENCRYPTION FOR RADIOLOGY THROUGHPUT RATES Spencer B. Gay, M.D., Andrew M. Snyder, M.S., Alfred C. Weaver,

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Identity Federation in Healthcare Networks Xiaohui Chen Department of Computer Science University of Virginia.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Chapter 5 Cryptography Protecting principals communication in systems.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Cryptographic Technologies

Security Security is critical in the storage and transmission of information loss of information can not only cause problems to the organisation but can.

1 Federated, Secure Trust Networks for Distributed Healthcare IT Services Alfred Weaver Samuel Dwyer Andrew Snyder Jim Van Dyke Tim Mulholland James Hu.

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

1 Database Security & Encryption

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Confidential Computer Systems Group HD Lock for Toshiba Notebook August 3rd, 2006.

© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.

.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.

Electronic mail security. Outline Pretty good privacy S/MIME.

1 Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and.

Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.

CSCE 201 Introduction to Information Security Fall 2010 Data Protection.

LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.

SECURITY Chapter 7.3 – 7.5 Presentation by Deepthi Reddy.

CYBORG Domain Independent Distributed Database Retrieval System Alok Khemka Kapil Assudani Kedar Fondekar Rahul Nabar.

Case Study II: A Web Server CSCI 8710 September 30 th, 2008.

CSC 253 Lecture 2. Some differences between Java and C  Compiled C code is machine specific, whereas Java compiles for a virt. machine.  Virtual machines.

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.

Some Perspectives on Smart Card Cryptography

Database Security and Data Protection Suseel Pachalla, CISSP.

Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.

PRIOR TO WEB SERVICES THE OTHER TECHNOLOGIES ARE:.

A Java implemented key collision attack on the Data Encryption Standard (DES) John Loughran, Tom Dowling NUI, Maynooth, Co. Kildare, Ireland PPPJ ‘03.

Wireless and Mobile Security

By Sandeep Gadi 12/20/  Design choices for securing a system affect performance, scalability and usability. There is usually a tradeoff between.

Department of Computer Science and Software Engineering

Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.

Full and Para Virtualization

7. Key Length Public key length Kim Hyoung-Shick.

Cryptography and Its Algorithms Scott Chappell. What is Cryptography?  Definition: the art of writing or solving codes.

Cryptography issues – elliptic curves Presented by Tom Nykiel.

Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

Invitation to Computer Science 5 th Edition Chapter 8 Information Security.

April 20023CSG11 Electronic Commerce Encryption John Wordsworth Department of Computer Science The University of Reading Room.

Table of Contents. Lessons 1. Introduction to HIPAA Go Go 2. The Privacy Rule Go Go.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

Over 18 yrs experience with SQL Server

Msdevcon.ru#msdevcon. ИЗ ПЕРВЫХ РУК: КАК СДЕЛАТЬ ВАШ КОД БЫСТРЫМ ПРОФАЙЛИНГ КЛИЕНТСКИХ И СЕРВЕРНЫХ ПРИЛОЖЕНИЙ В VISUAL STUDIO 2012 MAXIM GOLDIN Senior.

Encryption Techniques. The table below shows what DES (Data Encryption Standard ) key sizes are needed to protect data from attackers with different time.

Fragile Watermarking Scheme for Relational Database Fragile Watermarking Scheme for Relational Database.

Sung-Dong Kim, Dept. of Computer Engineering, Hansung University Java - Introduction.

e-Health Platform End 2 End encryption

课程名编译原理 Compiling Techniques

Presentation transcript:

1 The e-Logistics of Securing Distributed Medical Data Andrew M. Snyder Alfred C. Weaver

2 Medical Data Portal Web Services Authorization Service Authentication Service Electronic Patient Record Rule Engines Medical Data Access

3 Issue HIPAA requires that electronic medical data by encrypted when stored or transmitted This is not an issue for a single x-ray But U. Virginia radiology does 380,000 examinations per year and generates 9 TB of data annually What is the workflow impact of encrypting and decrypting data (especially images) every time they are touched?

4 Encryption Issues Symmetric key –DES, 3DES, AES, others Public key –RSA Key length Key management Managed vs. unmanaged code Workflow impact

5 Managed vs. Unmanaged Code Unmanaged code native code optimized for a device/platform advantage: fast Managed code executed inside a container translated at runtime provides memory management provides garbage collection advantages: safe, secure, portable

6 Rationale for New Measurements No published body of performance measurements for.NET cryptographic services No published understanding of the costs of managed code (e.g., C#, Java) No insight into how HIPAA's encryption requirement will impact an academic radiology department

7 Performance Measurements Testbed –Computer Visual Studio.NET GHz Pentium 4 Windows XP –Files (1 B, 1 MB, 3 MB, 68 MB) –Algorithms and keys DES: 64 bits 3DES: 128 and 192 bits AES: 128, 192, and 256 bits RSA: 512 and 1024 bits

8 Performance Measurements

9

10 Performance Measurements Throughputs – 3 GHz –Symmetric –Public Key

11 Performance Measurements Analysis –Curious how much of the performance was due to the encryption vs. how much was due to system overhead (e.g., file system) Repeated study on a slower machine –600 MHz Pentium 3 –Windows XP

12 Performance Measurements

13 Performance Measurements Throughputs – 600 MHz –Symmetric –Public Key

14 Recommendations Use managed code (C#) Use AES with 256-bit keys Rationale –code safety –modularity of encryption service –suitability as a web service in.NET –AES-256 performance was within 20% of DES –exponentially more secure than any other algorithm –protection against the unknown (e.g., progress in quantum computing)

15 Workflow Model Department of Radiology Model

16 Workflow Model Involved Steps

17 Workflow Model Resources

18 Workflow Model Bottleneck Table – From Resource Allocation Table

19 Workflow Model Bottleneck Calculation –was B 7, the Image Modality Unit Throughput Patients/Hr

20 Workflow Model Throughput Results –Sequential Patient Model 7% Performance Degradation –Highly Concurrent Patient Model 5% Performance Degradation Reassuring to determine that HIPAA's impact is modest Possible to recover throughput through other optimizations in patient flow

21 Workflow Model Bounds –Infinite Resources N / (T e + T s ) –Bottleneck Limit 1 / T b –Upper Bound N / (T e + T s + (N – 1) * T b ) –Lower Bound 1 / (T e + T s ) T e = Time Spent Encrypting T s = Total System Time – T e T b = Time Spent on Bottleneck Step Bottleneck Step

22 Workflow Model System with Encryption

23 Summary Impact of HIPAA's encryption requirements were initially unknown Suitability of web services approach untested Public key algorithm (RSA) unsuitable Three symmetric key algorithms (DES, 3DES, AES) were all suitable AES-256 encrypts a 500-slice MR file of 68 MB in 12 seconds on a 3 GHz Pentium 4 Workflow model using AES-256 predicts a patient throughput reduction of 5-7% Now have an understanding of workflow and where to optimize

24 Acknowledgements Funding for this work is provided by: David Ladd and Tom Healy University Research Program Microsoft Research Microsoft Corporation