Enhancing the Security of Exchanging and Storing DICOM Medical Images on the Cloud

Enhancing the Security of Exchanging and Storing DICOM Medical Images on the Cloud

O. Dorgham (Prince Abdullah Ben Ghazi Faculty of Information Technology, Al-Balqa Applied University, Al Salt, Jordan), Banan Al-Rahamneh (Prince Abdullah Ben Ghazi Faculty of Information Technology, Al-Balqa Applied University, Al Salt, Jordan), Ammar Almomani (IT-Department, Al-Huson University College, Al-Balqa Applied University, Irbid, Jordan), Moh'd Al-Hadidi (Prince Abdullah Ben Ghazi Faculty of Information Technology, Al-Balqa Applied University, Al Salt, Jordan) and Khalaf F. Khatatneh (Prince Abdullah Ben Ghazi Faculty of Information Technology, Al-Balqa Applied University, Al Salt, Jordan)
Copyright: © 2018 |Pages: 19
DOI: 10.4018/IJCAC.2018010108

Abstract

Medical image information can be exchanged remotely through cloud-based medical imaging services. Digital Imaging and Communication in Medicine (DICOM) is considered to be the most commonly used medical image format among hospitals. The objective of this article is to enhance the secure transfer and storage of medical images on the cloud by using hybrid encryption algorithms, which are a combination of symmetric encryption algorithms and asymmetric encryption algorithms that make the encryption process faster and more secure. To this end, three different algorithms are chosen to build the framework. These algorithms are simple and suitable for hardware or software implementation because they require low memory and low computational power yet provide high security. Also, security was increased by using a digital signature technique. The results of the analyses showed that for a DICOM file with size 12.5 Mb, 2.957 minutes was required to complete the process. This was totaled from the encryption process took 1.898 minutes, and the decryption process took 1.059 minutes.
Article Preview

Introduction

Securing the information stored in cloud data centers is one today’s most pressing issues. All sensitive information, such as medical images, needs to be handled with great care to ensure its security when it is uploaded or exchanged on the cloud. Currently, many applications are being used to archive and store medical images. Telemedicine applications are considered to be one type of application that facilitates the transfer of medical images across networks. On the other side, cloud computing provides encapsulation for resources via the Internet in the form of either dynamic, scalable, or virtualized services. Medical imaging departments in hospitals continuously generate many different medical images. These images need to be stored and exchanged between different specialists in hospitals across the world for the purpose of diagnosis. Hence, it is necessary to provide a high level of data protection when transferring a patient’s data over the cloud environment in order to overcome any attacks that the data may encounter during transmission. Various security mechanisms such as authentication, cryptographic algorithms, and digital signatures are used to protect images from unauthorized attacks.

However, although there are many benefits, some risks may arise when circulating medical data in open networks which are easily accessible to intruders. Hence, more care is required to hide patient information in medical images and to protect them from different security threats, without affecting the quality of the images (Ashley 2002; McEvoy & Svalastoga 2009). Security issues to consider include confidentiality, integrity, availability, authentication, access control and privacy (Anuja & Jeyamala 2015).

The necessity of using cloud computing for medical data storage and transmission arises from the importance of needing a large repository for and continuous access to medical data. In this regard, cloud computing is a better solution for handling medical images than other available options. Due to the large and increasing number of medical images, the activities of storing and exchanging them has become a daily routine in hospitals around the world. So, it is vital to find a secure way to transmit them over the cloud. Not only medical applications need image security, there are other applications that need it, too, such as confidential communications, video surveillance materials, and military applications (Bernarding et al. 2001). On May 2017, one of the most infamous threats that the world has faced thus far was the disruption of the information technology (IT) systems of the National Health Service in the UK due to cyber-attacks. The hospitals affected were located in London, Blackburn, Nottingham, Cambridge and Hertfordshire.

There are many applications that are used to archive and store medical images. Telemedicine applications as in (Dorgham et al., 2017; Dorgham et al., 2012; Fisher et al., 2013) are considered to be one such type of application that facilitates the transfer of medical images across networks. On the other side, cloud computing provides resource encapsulation on the Internet in the form of dynamic, scalable, and virtualized services (Ulutas et al., 2011). However, cloud computing is an environment that works solely online and there is no full or robust security in many cases. This makes transferring medical images in cloud computing insecure. Data security is considered to be a weakness of cloud computing, especially when users outsource their data to distributed storage systems instead of using local storage (Rathi & Inamdar, 2012; Wu et al., 2017). Medical data contains sensitive and crucial data about a patient’s case. Hence, it is necessary to provide a high level of protection when transferring this type of data. Moreover, it is necessary to protect the system from any attack that may appear when transmitting medical data over a network.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 9: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 8: 4 Issues (2018): 3 Released, 1 Forthcoming
Volume 7: 4 Issues (2017)
Volume 6: 4 Issues (2016)
Volume 5: 4 Issues (2015)
Volume 4: 4 Issues (2014)
Volume 3: 4 Issues (2013)
Volume 2: 4 Issues (2012)
Volume 1: 4 Issues (2011)
View Complete Journal Contents Listing