Secure Access to Biomedical Images

Secure Access to Biomedical Images

Tariq Javid (Hamdard University, Pakistan)
DOI: 10.4018/978-1-5225-5152-2.ch003

Abstract

This chapter introduces a framework for secure access to biomedical images. Biomedical images are acquired using a vast array of imaging techniques depending upon the specific application. A magnetic resonance spatial domain image is acquired by taking inverse weighted Fourier transform of raw frequency domain data generated by the modality. After correction, these images are stored in a standard format. The access to these stored images is typically subjected to authorization. Medical information in biomedical images needs to be protected in both stored form and in transmission. Encryption technologies are used to secure information whereas compression technologies are used to reduce the information without affecting the contents. In this chapter, a cryptocompression system is proposed which integrates both encryption and compression to fulfill the requirements of electronic protected health information records.
Chapter Preview
Top

Introduction

Biomedical images are generally imagined images that are acquired by the application of physical principles. These images are often valuable and typically require implementation of information security measures for authorized access. This chapter introduces a framework for secure access to biomedical images.

Images are acquired, stored, transferred from one place to another, and processed. Information and communication technologies play an important role to accomplish these tasks. Commercial systems use intensive computing resources to apply complex image processing and analysis algorithms in order to produce desired results. These results are useful for further examination by medical experts or computer-based expert systems.

Biomedical images are acquired using a vast array of imaging techniques depending upon the specific application. A magnetic resonance spatial domain image is acquired by taking inverse weighted Fourier transform of raw frequency domain data generated by the modality. After correction, these images are stored in a standard format. Access to these stored images is typically subjected to authorization.

Information security measures are helpful in order to provide a controlled access to biomedical images. These security measures ensure protection of useful information in images from unauthorized access, manipulation, and deletion. These aspects of information security are referred to as information confidentiality, integrity, and availability – the CIA triad model. The model provides useful insights on how information needs to be protected in the presence of a wide variety of threats.

Encryption and compression standards are useful when images are archived and retrieved over a network medium. Compression is used optionally to lower the impact of encryption overhead. In this chapter, components and function of a proposed cryptocompression system with advanced encryption standard and joint photographic experts group 2000 standard for biomedical image processing are described. The structure and objectives of this chapter are as follows:

  • Provide an overview of fundamental security concepts, CIA triad model, framework, and related standards helpful to provide secure access to biomedical images.

  • Briefly review information security research that enabled the protection of digital images in general and biomedical images in particular.

  • Explain proposed framework components and function.

  • Outline challenges and future research trends.

Table 1.
Acronyms
AcronymTerm
AEApplication Entity
AESAdvanced Encryption Algorithm
AWSAmazon Web Services
ePHIElectronic Protected Health Information
CIAConfidentiality, Integrity, and Availability
CSACompressed and Secure Archive
CTComputed Tomography
DESData Encryption Standard
DHCPDynamic Host Configuration Protocol
DICOMDigital Imaging and Communications in Medicine
EHRElectronic Health Record
FSAMIFramework for Secure Access to Medical Images
INFOSECInformation Security
HIPAAHealth Insurance Portability and Accountability Act
HISHospital Information System
HL7Health Level Seven
ISCLIntegrated Secure Communication Layer
JPEGJoint Photographic Experts Group
LDAPLightweight Directory Access Protocol
MRIMagnetic Resonance Imaging
NEMANational Electrical Manufacturers Association
NISTNational Institute of Standards and Technology
PHIProtected Health Information
PGMPortable Gray Map
RISRadiology Information System
TLSTransport Layer Security
WAFWeb Application Firewall

Key Terms in this Chapter

Cryptosystem: A system which converts plain text to cipher text or cipher text to plain text by the application of encryption or decryption algorithm. The key generation for encryption and decryption algorithms is also part of a cryptosystem.

Denial of Service (DoS) Attack: A situation in which service is not available to an authorized user. A typical case of in which a malicious software code makes services inaccessible by overloading computing and network resources.

Cryptography: Cryptography refers to key-controlled transformations of information that is either impossible or computationally infeasible to decipher.

Digital Imaging and Communications in Medicine: Digital imaging and communications in medicine (DICOM) is the standard for the communication and management of medical images and related data.

Picture Archiving and Communication System: Picture archiving and communication system (PACS) includes digital imaging modalities to lower patient exposure to radiations, speed-up healthcare delivery, and reduction in overall medical operation costs.

Application Entity: Application entity is a functional unit in DICOM. The imaging modality, server, or workstation in the PACS have unique application entities.

Distributed DoS Attack: A distributed denial-of-service attack is a botnet attack in which multiple locations are used to attack on a service.

Information Security: Information security (INFOSEC) refers to the protection of information and information systems against unauthorized access and modification of information in storage, processing, or in transit.

National Institute of Standards and Technology: The National Institute of Standards and Technology (NIST) was founded in 1901 and is now part of the U.S. Department of Commerce.

Cryptocompression System: A system which implements both encryption and compression technologies to generate cryptocompressed text from plain text.

Complete Chapter List

Search this Book:
Reset