题名

CONSTRUCTING A SECURE ENCRYPTION AND SECRET SHARING MECHANISM FOR TAIWAN BIOBANK OF A MEDICAL CENTER

作者

Tian-Fu Lee;Tung-Lin Gao;Chi-Chang Chang

关键词

database access ; secret sharing ; information security ; biobank database

期刊名称

技術學刊

卷期/出版年月

37卷3期(2022 / 09 / 01)

页次

211 - 224

内容语文

英文
中文摘要

The rapid development of DNA sequencing technology has generated enormous amounts of individual genome data. Consequently, biological databases have become a crucial part in the study of personalized healthcare. However, research on encryption and secret sharing mechanisms for database security is still scarce. To solve this problem, this study proposes a secret sharing mechanism based on the Human Biobank Management Act to access databases to prevent privacy infringements. The mechanism then undergoes system performance and security evaluations. Research results show that the secret sharing mechanism introduced herein has higher data confidentiality, overall system security, and number of secure keys than traditional system security mechanisms. Furthermore, compared to encryption methods used in earlier systems, the security of our mechanism is significantly improved while maintaining similar computing time required for encryption. This study introduces a secret sharing mechanism into existing biological database systems with practical operability in mind. The mechanism requires using and sharing of data to implement physical, personnel, and technical protection measures in personal data encryption and decryption to prevent privacy infringements. Our mission is to improve the quality and quantity of data in modern biodata databases. Therefore, this study complies with information security standards and best practices. The goal is to help further in-depth systematic research on biobank databases to achieve better results.
主题分类 工程學 > 工程學綜合
参考文献
  1. Abd-Alrazaq, A. A.,Bewick, B. M.,Farragher, T.,Gardner, P.(2019).Factors That Affect the Use of Electronic Personal Health Records Among Patients: A Systematic Review.International Journal of Medical Informatics,126,164-175.
  2. Artene, S. A.,Ciurea, M. E.,Purcaru, S. O.,Tache, D. E.,Tataranu, L. G.,Lupu, M.,Dricu, A.(2013).Biobanking in a Constantly Developing Medical World.Scientific World Journal,2013(1),343275.
  3. Bharath, K. K.,Kumar, A.,Varma, A.,Rajyashree, R.(2019).Secured Electronic, Hospital Database Management System.International Journal of Recent Technology and Engineering,8(1S4),402-405.
  4. Collins, F. S.,Varmus, H.(2015).A New Initiative on Precision Medicine.The New England Journal of Medicine,372(9),793-795.
  5. Daemen, J.,Rijmen, V.(1999).Daemen, J., and V. Rijmen. 1999. AES Proposal: Rijndael. Document Version 2. Brussel, Belgium: AES.
  6. Hu, J.,Chen, H. H.,Hou, T. W.(2010).A Hybrid Public Key Infrastructure Solution (HPKI) for HIPAA Privacy/Security Regulations.Computer Standards & Interfaces,32(5-6),274-280.
  7. James, A. C.,Valerian, A. C.,Sixtus, N. E.(2018).Design and Implementation of a Hospital Database Management System (HDMS) for Medical Doctors.International Journal of Computer Theory and Engineering,10(1),1-6.
  8. Jia, L.,Fan, W.(2021).Medical Sports Data Privacy Protection Method Based on Legal Risk Control.Journal of Healthcare Engineering,2021,6630429.
  9. Kinkorová, J.(2016).Biobanks in the Era of Personalized Medicine: Objectives, Challenges, and Innovation: Overview.EPMA Journal,7(1),4.
  10. Laws & Regulations Database of the Republic of China. 2015.“Personal Data Protection Act.” Laws & Regulations Database of the Republic of China. Accessed July 22 2021. https://law.moj.gov.tw/LawClass/LawAll.aspx?PCode=I0050021
  11. Lee, W. B.,Lee, C. D.(2008).A Cryptographic Key Management Solution for HIPAA Privacy/Security Regulations.IEEE Transactions on Information Technology in Biomedicine,12(1),34-41.
  12. Lee, W. B.,Lee, C. D.,Ho, K. I. J.(2014).A HIPAA-compliant Key Management Scheme with Revocation of Authorization.Computer Methods and Programs in Biomedicine,113(3),809-814.
  13. Ministry of Health and Welfare. 2019. “Human Biobank Management Act.” Laws & Regulations Database of the Republic of China. Accessed July 22 2021. https://law.moj.gov.tw/LawClass/LawAll.aspx?pcode=L0020164
  14. Pandey, A. K.,Khan, A. I.,Abushark, Y. B.,Alam, M. M.,Agrawal, A.,Kumar, R.,Khan, R. A.(2020).Key Issues in Healthcare Data Integrity: Analysis and Recommendations.IEEE Access,8,40612-40628.
  15. Ravera, L.,Colombo, I.,Tedeschi, M.,Ravera, A.(2004).Security and Privacy at the Private Multispecialty Hospital Istituto Clinico Humanitas: Strategy and Reality.International Journal of Medical Informatics,73(3),321-324.
  16. Ray, S.,Biswas, G. P.(2014).A Certificate Authority (CA)-based Cryptographic Solution for HIPAA Privacy/Security Regulations.Journal of King Saud University-Computer and Information Sciences,26(2),170-180.
  17. Sarabdeen, J.,Moonesar, I. A.(2018).Privacy Protection Laws and Public Perception of Data Privacy.Benchmarking: An International Journal,25(6),1883-1902.
  18. Shamir, A.(1979).How to Share a Secret.Communications of the ACM,22(11),612-613.
  19. Stallings, W.(2005).Cryptography and Network Security Principles and Practices.Hoboken, NJ:Prentice Hall.
  20. Takai-Igarashi, T.,Kinoshita, K.,Nagasaki, M.,Ogishima, S.,Nakamura, N.,Nagase, S.,Nagaie, S.(2017).Security Controls in an Integrated Biobank to Protect Privacy in Data Sharing: Rationale and Study Design.BMC Medical Informatics and Decision Making,17(1),100.
  21. The USA Government. 1996. “HIPAA.” The USA Government. Accessed July 22 2021. https://www.cdc.gov/phlp/publications/topic/hipaa.html
print cancel