Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 The e-Logistics of Securing Distributed Medical Data Andrew M. Snyder Alfred C. Weaver.

Published byVivian Williams Modified over 8 years ago

Similar presentations

Presentation on theme: "1 The e-Logistics of Securing Distributed Medical Data Andrew M. Snyder Alfred C. Weaver."— Presentation transcript:

1 1 The e-Logistics of Securing Distributed Medical Data Andrew M. Snyder Alfred C. Weaver

2 2 Medical Data Portal Web Services Authorization Service Authentication Service Electronic Patient Record 2 3 9 10 11 12 Rule Engines 1 4 6 7 5 8 Medical Data Access

3 3 Issue HIPAA requires that electronic medical data by encrypted when stored or transmitted This is not an issue for a single x-ray But U. Virginia radiology does 380,000 examinations per year and generates 9 TB of data annually What is the workflow impact of encrypting and decrypting data (especially images) every time they are touched?

4 4 Encryption Issues Symmetric key –DES, 3DES, AES, others Public key –RSA Key length Key management Managed vs. unmanaged code Workflow impact

5 5 Managed vs. Unmanaged Code Unmanaged code native code optimized for a device/platform advantage: fast Managed code executed inside a container translated at runtime provides memory management provides garbage collection advantages: safe, secure, portable

6 6 Rationale for New Measurements No published body of performance measurements for.NET cryptographic services No published understanding of the costs of managed code (e.g., C#, Java) No insight into how HIPAA's encryption requirement will impact an academic radiology department

7 7 Performance Measurements Testbed –Computer Visual Studio.NET 2003 3 GHz Pentium 4 Windows XP –Files (1 B, 1 MB, 3 MB, 68 MB) –Algorithms and keys DES: 64 bits 3DES: 128 and 192 bits AES: 128, 192, and 256 bits RSA: 512 and 1024 bits

8 8 Performance Measurements

9 9

10 10 Performance Measurements Throughputs – 3 GHz –Symmetric –Public Key

11 11 Performance Measurements Analysis –Curious how much of the performance was due to the encryption vs. how much was due to system overhead (e.g., file system) Repeated study on a slower machine –600 MHz Pentium 3 –Windows XP

12 12 Performance Measurements

13 13 Performance Measurements Throughputs – 600 MHz –Symmetric –Public Key

14 14 Recommendations Use managed code (C#) Use AES with 256-bit keys Rationale –code safety –modularity of encryption service –suitability as a web service in.NET –AES-256 performance was within 20% of DES –exponentially more secure than any other algorithm –protection against the unknown (e.g., progress in quantum computing)

15 15 Workflow Model Department of Radiology Model

16 16 Workflow Model Involved Steps

17 17 Workflow Model Resources

18 18 Workflow Model Bottleneck Table – From Resource Allocation Table

19 19 Workflow Model Bottleneck Calculation –was B 7, the Image Modality Unit Throughput Patients/Hr

20 20 Workflow Model Throughput Results –Sequential Patient Model 7% Performance Degradation –Highly Concurrent Patient Model 5% Performance Degradation Reassuring to determine that HIPAA's impact is modest Possible to recover throughput through other optimizations in patient flow

21 21 Workflow Model Bounds –Infinite Resources N / (T e + T s ) –Bottleneck Limit 1 / T b –Upper Bound N / (T e + T s + (N – 1) * T b ) –Lower Bound 1 / (T e + T s ) T e = Time Spent Encrypting T s = Total System Time – T e T b = Time Spent on Bottleneck Step Bottleneck Step

22 22 Workflow Model System with Encryption

23 23 Summary Impact of HIPAA's encryption requirements were initially unknown Suitability of web services approach untested Public key algorithm (RSA) unsuitable Three symmetric key algorithms (DES, 3DES, AES) were all suitable AES-256 encrypts a 500-slice MR file of 68 MB in 12 seconds on a 3 GHz Pentium 4 Workflow model using AES-256 predicts a patient throughput reduction of 5-7% Now have an understanding of workflow and where to optimize

24 24 Acknowledgements Funding for this work is provided by: David Ladd and Tom Healy University Research Program Microsoft Research Microsoft Corporation

Download ppt "1 The e-Logistics of Securing Distributed Medical Data Andrew M. Snyder Alfred C. Weaver."

Similar presentations

Security of Things Kelly Jagers op Akkerhuis

Security of Things Kelly Jagers op Akkerhuis
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.

Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.
MC 2 : High Performance GC for Memory-Constrained Environments - Narendran Sachindran, J. Eliot B. Moss, Emery D. Berger Sowmiya Chocka Narayanan.

MC 2 : High Performance GC for Memory-Constrained Environments - Narendran Sachindran, J. Eliot B. Moss, Emery D. Berger Sowmiya Chocka Narayanan.
MC 2 : High Performance GC for Memory-Constrained Environments N. Sachindran, E. Moss, E. Berger Ivan JibajaCS 395T *Some of the graphs are from presentation.

MC 2 : High Performance GC for Memory-Constrained Environments N. Sachindran, E. Moss, E. Berger Ivan JibajaCS 395T *Some of the graphs are from presentation.
.NET Framework Overview Pingping Ma Nov 16 th, 2006.

.NET Framework Overview Pingping Ma Nov 16 th, 2006.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
EVALUATION OF HIPAA SECURITY REQUIREMENTS ON ENCRYPTION FOR RADIOLOGY THROUGHPUT RATES Spencer B. Gay, M.D., Andrew M. Snyder, M.S., Alfred C. Weaver,

EVALUATION OF HIPAA SECURITY REQUIREMENTS ON ENCRYPTION FOR RADIOLOGY THROUGHPUT RATES Spencer B. Gay, M.D., Andrew M. Snyder, M.S., Alfred C. Weaver,
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.

 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Identity Federation in Healthcare Networks Xiaohui Chen Department of Computer Science University of Virginia.

Identity Federation in Healthcare Networks Xiaohui Chen Department of Computer Science University of Virginia.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Security Security is critical in the storage and transmission of information loss of information can not only cause problems to the organisation but can.

Security Security is critical in the storage and transmission of information loss of information can not only cause problems to the organisation but can.

Similar presentations

Ads by Google