Protection of Digital Mammograms on PACSs Using Data Hiding Techniques

Introduction

A picture archiving and communication system (PACS) integrates imaging modalities and acts as the interface between hospitals and departmental information systems in order to manage the storage and distribution of images to radiologists, physicians, specialists, clinics, and imaging centers. As medical image databases are interconnected through PACSs, those medical images are subject to security breaches, such as loss or manipulation of sensitive information, if their contents are not protected in some ways. For example, if a medical image is illegally obtained or if its content is malevolently changed, the patient’s privacy, health care and legal rights could be undermined. Given the fact that medical image databases are accessed by users of various roles, e.g., doctor, administrator, interns, etc., a role-based access control mechanism is an obvious approach to the prevention of the afore-mentioned security breaches. For instance, a doctor could be given full access to the images and patients’ textual information, while an intern’s or administrator’s access should be restricted according to the roles they are allowed to play. A common practice of managing textual information associated with images is to store the information in the header segment of the image file. Although the textual information can be protected through encryption, however the file formats are known publicly and the header field is separated from the content; that means the very location of the encrypted information is known. This opens a security gap for the attackers to manipulate the information. For example, even without knowing the secret key, an attacker can replace patient A’s encrypted information in the header with patient B’s encrypted information. This suggests that the location of the patients’ information should not be made known to the unauthorized users and the information itself should be made inseparable from the pictorial contents of the images. Moreover, an overhead of the header is that it takes up physical disk spaces. We proposed in this work a role-based access control framework consisting of two key modules – a content-based steganographic module for hiding patients’ textual information in the contents of medical images in a non-deterministic manner so as to prevent leaks of sensitive information and to save disk space. We also propose a reversible watermarking module for ‘masking’ the contents of the images with hidden patients’ textual information (called stego-images) in order to prevent unauthorized users from viewing the images. The main objectives set out in this work are:

• 1.

  To design a conceptual framework for protecting mammograms on PACSs. The framework should not only provide reliable protection for mammograms, but also support management functions for users with different access rights.

• 2.

  To develop a novel content-based steganographic method for hiding patients’ textual information in mammograms and verifying the authenticity and integrity of mammograms. The data hiding process should not change the important pictorial details of mammograms and the data extraction process should not require the availability of original mammograms.

• 3.

  To develop a watermarking technique capable of masking the contents of mammograms for protecting mammograms against illegal access. The watermark can be removed to reveal the masked mammogram when authorization for viewing is given.

Literature Review

Main methods used in media industries for protecting digital information against malicious usage can be broadly classified into cryptography-based and authorization-based approaches. The approach of cryptography-based methods is to devise various protocols for the Internet and local area networks (LAN) to protect the digital information through encryption during the transmission in networks (Long, 2006; Xu, 2005). The idea of the authorization-based methods is to use digital signature certifications to achieve authorization for digital information storage and transmission. Since cryptography-based methods mainly focus on image transmission while laying less emphasis on the storage and management phases, the latter is therefore considered as more desirable in achieving higher reliability and security.