Andres D. Molina
ABSTRACT
A recent national survey suggests that the HIPAA privacy rule has not only failed to preserve patient privacy adequately, but also has had a negative impact on clinical research. Our work suggests that researchers revisit the possibilities of homomorphic encryption and apply the techniques to secure aggregation of medical telemetry. A primary goal is to maintain the privacy of individual patient records while also allowing clinical researchers to have flexible access to aggregated information.
We discuss the preliminary design of HICCUPS, a distributed system that uses homomorphic encryption to allow only the caregivers to have unrestricted access to patients' records and at the same time enable researchers to compute statistical values and aggregation functions across different patients and caregivers. In the context of processing medical telemetry, we advocate expressibility of aggregation functions more than fast computation as a primary metric of system quality.
- R. Au and P. Croll. Consumer-centric and privacy-preserving identity management for distributed e-health systems. In Hawaii International Conference on System Sciences, Proceedings of the 41st Annual, pages 234--234, Jan. 2008. Google Scholar
Digital Library
- M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway. Relations among notions of security for public-key encryption scheme. Lecture Notes in Computer Science, 1462, 1998. Google ScholarDigital Library
- L. Biel, O. Pettersson, L. Philipson, and P.Wide. ECG Analysis: A New Approach in Human Identification. In IEEE Transaction on Instrumentation and Measurement, pages 808--812, June 2001.Google ScholarCross Ref
- D. Boneh, E.-J. Goh, and K. Nissim. Evaluating 2-DNF formulas on ciphertexts. Lecture Notes in Computer Science, 3378:325--341, 2005. Google ScholarDigital Library
- D. Boneh and R. Lipton. Algorithms for black box fields and their applications to cryptography. Advances in Cryptology, 1109 of Lecture Notes in Computer Science:223--238, 1996. Google ScholarDigital Library
- C. Castelluccia, E. Mykletun, and G. Tsudik. Efficient aggregation of encrypted data in wireless sensor networks. IEEE Mobiquitous, 2005. Google ScholarDigital Library
- H. Cohen, A. Miyaji, and T. Ono. Efficient elliptic curve exponentiation using mixed coordinates. In ASIACRYPT '98: Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security, pages 51--65, London, UK, 1998. Springer-Verlag. Google ScholarDigital Library
- D. Dolev, C. Dwork, and M. Naor. Non-malleable cryptography. Proceedings of the 23rd Annual ACM Sympusium on the Theory of Computing, pages 542--552, 1991. Google ScholarDigital Library
- D. Dolev, C. Dwork, and M.Naor. Non-malleable cryptography. SIAM Journal of Computing, 30(2):391--437, 2000. Google ScholarDigital Library
- E. A. DeFranco, M. Lian, L. A. Muglia, and M. Schootman. Area-level poverty and preterm birth risk: A population-based multilevel analysis. BioMed Central Public Health, 8(316):doi:10.1186/1471-2458-8-316, 2008.Google Scholar
- T. Elgamal. A public key cryptosystem and a signature scheme based on discrete logarithms. Information Theory, IEEE Transactions on, 31(4):469--472, Jul 1985.Google ScholarDigital Library
- C. Gentry. Fully homomorphic encryption using ideal lattices. In STOC '09: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, pages 169--178, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- S. Goldwasser and S. Micali. Probabilistic encryption & how to play mental poker keeping secret all partial information. Proceedings of the 14th Annual ACM Symposium on the Theory of Computing, pages 365--377, 1982. Google ScholarDigital Library
- S. Goldwasser and S. Micali. Probabilistic encryption. Journal of Computer and System Sciences, 28(2):270--299, 1984.Google ScholarCross Ref
- P. Golle, M. Jakobson, A. Juels, and P. Syverson. Universal re-encryption for mixnets. Lecture Notes in Computer Science, 2964:1988, 2004.Google Scholar
- L. O. Gostin and S. Nass. Reforming the HIPAA privacy rule: Safeguarding privacy and promoting research. JAMA, 13(301):1373--1375, 2009.Google ScholarCross Ref
- V. Gupta, D. Stebila, and S. C. Shantz. Integrating elliptic curve cryptography into the web's security infrastructure. pages 402--403, 2004.Google Scholar
- Y. Ishai, M. Prabhakaran, and A. Sahai. Secure arithmetic computation with no honest majority. Cryptology ePrint Archive, Report 2008/465, 2008. http://eprint.iacr.org.Google Scholar
- D. Jefferson, A. Rubin, B. Simons, and D. A. Wagner. Security analysis of the secure electronic registration and voting experiment (SERVE). Technical report, 2004. www.servesecurityreport.org.Google Scholar
- D. Jefferson, A. D. Rubin, B. Simons, and D. Wagner. Analyzing internet voting security. Commun. ACM, 47(10):59--64, 2004. Google ScholarDigital Library
- B. Kapron, D. Kempe, V. King, J. Saia, and V. Sanwalani. Fast asynchronous byzantine agreement and leader election with full information. In SODA '08: Proceedings of the nineteenth annual ACM-SIAM Symposium on Discrete Algorithms, pages 1038--1047, Philadelphia, PA, USA, 2008. Society for Industrial and Applied Mathematics. Google ScholarDigital Library
- W. H. Maisel. Pacemaker and ICD Generator Reliability: Meta-analysis of Device Registries. JAMA, 295(16):1929--1934, 2006.Google ScholarCross Ref
- W. H. Maisel, M. Moynahan, B. D. Zuckerman, T. P. Gross, O. H. Tovar, D.-B. Tillman, and D. B. Schultz. Pacemaker and ICD Generator Malfunctions: Analysis of Food and Drug Administration Annual Reports. JAMA, 295(16):1901--1906, 2006.Google ScholarCross Ref
- R. B. Ness. Influence of the HIPAA privacy rule on health research. JAMA, 18(298):2164--2170, 2007.Google ScholarCross Ref
- P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. Lecture Notes in Computer Science, EUROCRYPT'99: Proceedings of Advances in Cryptology, 1592:223--238, 1999. Google ScholarDigital Library
- M. D. R. Rivest, L. Adleman. On data banks and privacy homomorphisms. Foundations of Secure Computation, 1978.Google Scholar
- L. Ricciardi and A. Rubel. Encouraging the use of, and rethinking protections for de-identified (and "anonymized") health data.Google Scholar
- A. Sahai. Computing on encrypted data. ICISS, (5352):148--153, 2008. Google ScholarDigital Library
- E. Shi, J. Bethencourt, T.-H. H. Chan, D. Song, and A. Perrig. Multi-dimensional range query over encrypted data. IEEE Symposium on Security and Privacy, pages 350--364, 2007. Google ScholarDigital Library
- D. X. Song, D. Wagner, and A. Perrig. Practical techniques for searches on encrypted data. IEEE Symposium on Security and Privacy, pages 44--55, 2000. Google ScholarDigital Library
- Z. Xia, S. A. Schneider, J. Heather, and J. Traoré. Analysis, improvement and simplification of prêt à voter with paillier encryption. In EVT'08: Proceedings of the conference on Electronic voting technology, pages 1--15, Berkeley, CA, USA, 2008. USENIX Association. Google ScholarDigital Library
Index Terms
- HICCUPS: health information collaborative collection using privacy and security
Recommendations
Toward Secure Multikeyword Top-k Retrieval over Encrypted Cloud Data
Cloud computing has emerging as a promising pattern for data outsourcing and high-quality data services. However, concerns of sensitive information on cloud potentially causes privacy problems. Data encryption protects data security to some extent, but ...
A Homomorphic Encryption Approach for Privacy-Preserving Deep Learning in Digital Health Care Service
Intelligent Information and Database SystemsAbstractApplied deep learning technology in digital health care service is a potential way to tackle many issues that hospitals face, such as over health care requests, lack of doctors, and patient overload. But a conventional deep learning model needs to ...
Implementation and Analysis of Homomorphic Facial Image Encryption and Manipulation
ICMSSP '19: Proceedings of the 2019 4th International Conference on Multimedia Systems and Signal ProcessingHomomorphic cryptography allows for encrypted data to be operated on securely without requiring decryption. Current homomorphic cryptosystems are either limited in their permitted operations or are significantly more time-intensive than standard non-...
Reviews
Gabriel Mateescu
The Health Insurance Portability and Accountability Act (HIPAA) has spurred the development of methods to safeguard patient privacy. This paper considers the patient data generated by medical telemetry devices such as implantable cardiac defibrillators (ICDs), and proposes an approach to solving the problem of achieving three apparently conflicting objectives: preserving the privacy of patient data; providing caregivers access to the patient data; and providing third parties-such as researchers and device manufacturers-access to statistical information only. To achieve these goals, the authors resort to homomorphic encryption-a type of encryption that supports performing an operation on the clear-text by performing a possibly different operation on the cipher-text. This property enables delegating the computation of some operations to an untrusted party without compromising security, since the untrusted party will process only encrypted data. The scheme proposed by the authors includes three types of actors: patients, who are monitored by medical telemetry devices; caregivers, who gather the data; and third parties, such as researchers. Each patient is assigned to a caregiver, and a caregiver is entrusted with data for the patients assigned to him or her. Third parties would have access only to aggregate and anonymized data. A request for computing an aggregate function-such as the mean-on the patient data is processed in five steps, using public key techniques. If the encryption is homomorphic, then the requester gets the aggregate data. If the encryption has the additional IND-CPA property, then the proposed scheme is secure. The solution proposed by the authors is interesting, but its general applicability is still an open question. This is because the homomorphic property applies to a limited set of operations. In order to support general aggregate functions, fully homomorphic encryption is required, but achieving the IND-CPA property for fully homomorphic encryption is computationally expensive. There is room for further work. Online Computing Reviews Service
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments