A modern secure teleradiology grid consists of several important parts. The first part is to ensure the highest security of storing the medical data. At present time the old fashioned storage solutions are replaced by Grid Storage and Content Addressable Storage (CAS) infrastructure of archiving medical records in a flexible and secure way. The second part of secure teleradiology grid is related to applying appropriate data transmission security protocols and digital signatures in the various nodes of grid. Also human and law aspects of security need to be taken into account because of international nature of teleradiology development. The law should be consistent in different nodes of teleradiology grid.
TopIntroduction
Why security aspects of teleradiology are so important? With the development of teleradiology images are no longer interpreted at one site (hospital, ambulatory care etc.). They cross institutional and/or national boundaries and are sent to a distant location for interpretation and/or consultation. This fact creates many challenges regarding security issues. We will discuss them in our work.
In grid technology sharing resources is conditional. Each resource owner makes the resources available subject to constraints on when, where and what can be done. Sharing relationships can vary dynamically over time in terms of resources involved, the nature of access permitted and the participants to whom the access is permitted. Information security in grid can be defined as the preservation of the availability, access to, confidentiality and integrity of information.
Grid are the distributed computer resources cooperating to fulfill the common task. We can consider different types of grid e.g. internal grid of the institution (institutional grid) and grid covering much wider area. The requirements and design of security systems will be different for each type of grid.
The main topic of our work are security aspects of teleradiology grid. Those aspects are related to:
- a)
centers of archives and applications: which require reliable options for data storage (RAID arrays), backup and access solutions to different media types (CD, DVD, Blu-rays and tape libraries) containing image data,
- b)
data transmission: types of network connection, bandwidth, topology etc.
We introduce the notion of e-security which is required by teleradiology. The basic features of e-security are confidentiality, integrity, non-repudiation and accountability. The additional features are authorization and certification. They will be discussed in the paper.
Those features can be obtained with the Public Key Infrastructure (PKI) which supplies several tools for achieving them: public key, private key, digital signature, certification centers and public repositories of certificates. PKI is the central security axis around which other elements are located.
The first element are Virtual Private Networks (VPN’s) which authorize access of one grid node to another grid node (certificate X.509). VPN is a set of nodes in a public network, such as Internet, which communicate among themselves using encryption technology in order to protect the data against unauthorized access as if they were a private network. VPN is a static configuration. It cannot extend dynamically to encompass other resources and does not provide the remote resource provider of any control of when and whether to share its resources. Therefore VPN function requires extension in the grid context.
There are several hardware and software solutions for VPN implementation. The most commonly used hardware implementation is IPsec and software is OpenVPN. The advantages and disadvantages of each of them will be discussed in the paper.
The second element includes access control (firewalls) to network services and resources used by grid, intrusion detection and prevention systems (IDP) and/or intrusion detection systems (IDS) which support firewalls. Network resources may be for example WWW resources, e-mail, external SQL databases or DICOM modalities such as X-ray, CT, MRI or USG. The main elements of the node in teleradiology are RIS, PACS systems and the main goal is data security in those systems.
Those two elements combined together create secure data transmission system (SDTS) for teleradiology.
Considering data security we have to take also human and law aspects into account. The present state of law regarding teleradiology in Poland will be presented. It can be stated that law is lagging behind the technology development. We will try to explain how digital signature law is influencing security of teleradiology systems and especially how too high number of different electronic signature standards can complicate the implementation of distributed systems.
The conclusions and recommendations aiming at rising the security level of teleradiology grids will be presented.