Presentation is loading. Please wait.

Presentation is loading. Please wait.

EGEE-III INFSO-RI- 222667 Enabling Grids for E-sciencE www.eu-egee.org The Medical Data Manager : the components Johan Montagnat, Romain Texier, Tristan.

Published byDominick Boyd Modified over 8 years ago

Similar presentations

Presentation on theme: "EGEE-III INFSO-RI- 222667 Enabling Grids for E-sciencE www.eu-egee.org The Medical Data Manager : the components Johan Montagnat, Romain Texier, Tristan."— Presentation transcript:

1 EGEE-III INFSO-RI- 222667 Enabling Grids for E-sciencE www.eu-egee.org The Medical Data Manager : the components Johan Montagnat, Romain Texier, Tristan Glatard CNRS, I3S laboratory

2 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 2 EGEE Medical Data Manager Objectives –Expose a standard grid interface (SRM) for medical image servers (DICOM) –Use native DICOM storage format –Fulfill medical applications security requirements –Do not interfere with clinical practice User Interfaces Worker Nodes DICOM clients DICOM Interface SRM DICOM server

3 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 Medical data protection Content –Medical images (data, confidential) –Patient folder (attached metadata, very sensitive) Requirements –Patient privacy  Needs fine access control (ACLs on all data and metadata)  Needs metadata contention (metadata databases administrated by accredited staff) –Data protection  Needs data encryption (even grid sites administrators are not accredited to access the data) How important it is? –The medical community will just not use a system in which they are not trustful (both a technical and a human problem)

4 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 4 MDM main Components Usability –LFC API provides transparent access Privacy –LFC and DPM provide file level ACLs –AMGA provides metadata secured communication and ACLs Data protection –SRM-DICOM provides on-the-fly data anonimization  DPM-based (SRM v2 interface) –Hydra key store provides encryption / decryption transparently –Data is anoymized prior to transmission LFC AMGA Metadata SRM-DICOM Interface

5 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 5 Exploiting DPM extensibility DPM can access different storage back-end through plugins –The DPM-DICOM plugin prepares the file DPM exposes a standard Storage Element interface (SRM) DPM provides standard file exchange protocols, file access control DICOM GET DPM head DPM Disks pool Standard interface File retrieval DPM-DICOM Plugin DPM-DICOM Library Temporary copy SFN request

6 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 6 Medical Data Registration AMGA Metadata gLite API 1. Image is acquired 2. Image is stored in DICOM server 3. gLite client 3a. Image is registered (a GUID is associated) 3b. Image key is produced and registered 4. image metadata are registered LFC DICOM server DPM File Catalog Hydra keystore

7 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 7 Medical Data Registration AMGA Metadata LFC API 1. Image is acquired 2. Image is stored in DICOM server 3. gLite client 3a. Image is registered (a GUID is associated) 3b. Image key is produced and registered 4. image metadata are registered LFC DICOM server DPM File Catalog –All this step can be done by a single CLI –A DICOM transaction can initiate the registration PUSH DICOM Triggers: DICOM server PUSH MDM registraiton

8 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 8 Registration in Hydra Each DICOM image is uniquely identified by a unique Study/Serie/SOP identifier The hydra servers generate a key for the selected cypher The cypher and the key are associated to the unique DICOM identifiers analyze Study ID Series ID SOP ID Select a cypher and generate a key DICOM image Hydra servers

9 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 9 Registration in the DICOM server DPM-DICOM library records the DICOM picture in the DICOM server The file size (depending on encryption algorithm and file format) is computed for registration in LFC The size depends of : Size of the encrypted anonymous file DPM-DICOM Library DICOM file 1A1A 1B1B 2 Image anonimization DICOM server The cyper and the key The fields erased in the anonymization step The size of the original file The DICOM server

10 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 10 File identifiers registration A reference to a file is recorded in the DPM, but no copy of the file in the DPM disk pool is needed Directories with the Study, Series and SOP identifiers are created in the LFC The anonymized data fields are registered in the AMGA server - SURL and PFN - the size of the file - host of the disk pool -... - LFN and SURL - size of the file - DICOM image metadata DPM LFC AMGA

11 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 11 Access control rights management To allow one user to access a medical file and its metadata the owner of the file must set the right in all the component : Example: LFC DPM Hydra AMGA

12 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 12 Medical Data Retrieval SRM-DICOM interface AMGA Metadata User Interface Worker Node 2. lcg client 3. get SFN from GUID 4. request file 5. get file key 6. on-the-fly encryption and anonimyzation return encrypted file 7. get file key and decrypt file locally Metadata ACL control Anonymization & encryption 1. get GUID from metadata gLite API LFC File ACL control File Catalog Key ACL control Hydra keystore

13 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 13 Dicom retrieval : get the dicom file DPM SURL request DPM-DICOM Library DPM-DICOM Plugin The PFN associates with a DICOM file is resolved by the DPM-DICOM plugin The plugin makes a DICOM transaction with the DICOM server to retrieve the medical image By default, MDM is packaged with the Conquest DICOM server, but it is intended for interface to production servers The database assocites each SURL with a PFN DICOM GET

14 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 14 Dicom retrieval : Anonymization and encryption DPM Disks pool Standard interface File transfer Step 1A: The DPM-DICOM uses the DCMTK library to anonymize the DICOM file Or Step 1B: The DICOM file is converted to a 3D format (inrimage) without nominative information Step 2: The DPM-DICOM calls Hydra to encrypt the final file DPM-DICOM uses the RFIO library to copy the file in a spool disk. The spool disk is only a buffer for the file. DPM-DICOM Library DICOM file 1A1A 1B1B 2 Image anonimization DICOM server SURL request DPM-DICOM Plugin

15 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 15 Service Distribution Hospital sites have to remain autonomous –With strong (in-site) control over the sensitive metadata The EGEE Data Management System federates distributed data files AMGA supports databases replication but not distribution –Asynchronous, master-slave model, with partial replication of the directory hierarchy –The MDM includes a library and a query client that provide multi-site metadata servers federation. The client is based on the AMGA client and is syntactically compatible (transparency). - Users can send the commands to only one or all the servers - Users can dynamically add or remove servers AMGA

16 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 16 Use cases File administration –A system administrator has access to the file for replication / backup procedures –No access to the file content, nor to metdata Image processing –A neuroscientist has access to the file content for image analysis –No access to the nominative metadata Medical analysis –A physician involved in the patient healthcare has access to all data and metadata

17 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 17 DataManagement The User Interface Computing Resources Storage Resources Site X Logging, real time monitoring WorkloadManagement Sites Resources InformationService Dynamic evolution DataSets info Author. &Authen. queries User requests Resources allocation Publication resources info Indexing

18 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 18 The User Interface Very few components Easy to install The Hydra client will be part of the standard UI Standard user configuration for the LFC and BDII No configuration for the DPM Only one file for : –Hydra (services.xml) –AMGA (.mdclient) LFC Hydra AMGA Hydra AMGA Hydra Multi-server AMGA client Hydra client Configuration Installation

19 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 19 The MDM components Computing Resources Site X Logging, real time monitoring WorkloadManagement InformationService Dynamic evolution DataSets info Author. &Authen. queries User requests Resources allocation Publication resources info Indexing DataManagement Storage Resources Sites Resources

20 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 20 MDM is on top of SL4 ( and CentOS ) for the DPM version of the MDM SL3 for the gLite-IO version of the MDM Libraries ( gLite, DCMTK, etc)

21 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 21 The MDM components AMGA database front-end Access control AMGA Metadata Hydra Key store Access control SRM v2 interface Access control Instrumented DPM Storage Element DPM-DICOM plugin LFC File Catalog Access control LFC DICOM Server BDII Server

22 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 22 One server All the components could be on the same server /vo /dpm /domain /home DPM head node file DPM disk servers … DPM-DICOM plugin One server BDII Server

23 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 23 Behind the components The LFC of the BIOMED VO is used The BDII must be registered by a top level BDII By default, AMGA uses a PostgreSQL database to store the metadata –Can use other database (Mysql, SQLite, Oracle) The DPM is only a buffer : –The storage area should be small. –The file are already encrypted. –The file in the DPM can be replicated by other servers LFC AMGA Metadata SRM-DICOM Interface

24 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 24 Behind the components The Hydra server uses Mysql to store the keys –Each Hydra server use well-separated tables/database The Hydra server is on the top of a Tomcat and an Apache server All the DICOM picture are stored in the DICOM server –If there is no DICOM server, the MDM provides the CONQUEST server

25 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 25 Installation procedure Add some yum repositories Install with –Yum install MDM

26 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 26 Configuration procedure The server must be registered in EGEE –The server receive a certificate Today, there is no automatic configuration procedure The configuration procedure is describe Some parts of the configuration (firewall, DPM buffer, etc) are already automatic

27 Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 Medical Data Manager, R. Texier, July 16, 2008 27 What is New ? All the command are glite-* The automatic registration of DICOM picture in AMGA is flexible Global RPM for the MDM and yum repositories

Download ppt "EGEE-III INFSO-RI- 222667 Enabling Grids for E-sciencE www.eu-egee.org The Medical Data Manager : the components Johan Montagnat, Romain Texier, Tristan."

Similar presentations

FP7-INFRA-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE Induction Grid training for users, Institute of Physics Belgrade, Serbia Sep. 19, 2008.

FP7-INFRA Enabling Grids for E-sciencE EGEE Induction Grid training for users, Institute of Physics Belgrade, Serbia Sep. 19, 2008.
Www.eu-eela.eu E-science grid facility for Europe and Latin America A Data Access Policy based on VOMS attributes in the Secure Storage Service Diego Scardaci.

E-science grid facility for Europe and Latin America A Data Access Policy based on VOMS attributes in the Secure Storage Service Diego Scardaci.
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) gLite Grid Services Abderrahman El Kharrim

The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) gLite Grid Services Abderrahman El Kharrim
GGF Toronto 19.02.02 Spitfire A Relational DB Service for the Grid Peter Z. Kunszt European DataGrid Data Management CERN Database Group.

GGF Toronto Spitfire A Relational DB Service for the Grid Peter Z. Kunszt European DataGrid Data Management CERN Database Group.
Makrand Siddhabhatti Tata Institute of Fundamental Research Mumbai 17 Aug 2009 1.

Makrand Siddhabhatti Tata Institute of Fundamental Research Mumbai 17 Aug
(ITI310) SESSIONS 9-10-11-12: Active Directory By Eng. BASSEM ALSAID.

(ITI310) SESSIONS : Active Directory By Eng. BASSEM ALSAID.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org gLite Data Management Services - Overview Mike Mineter National e-Science Centre, Edinburgh.

INFSO-RI Enabling Grids for E-sciencE gLite Data Management Services - Overview Mike Mineter National e-Science Centre, Edinburgh.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org Data Grid Services/SRB/SRM & Practical Hai-Ning Wu Academia Sinica Grid Computing.

EGEE-II INFSO-RI Enabling Grids for E-sciencE Data Grid Services/SRB/SRM & Practical Hai-Ning Wu Academia Sinica Grid Computing.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org Distributed Metadata with the AMGA Metadata Catalog Nuno Santos, Birger Koblitz 20 June 2006.

INFSO-RI Enabling Grids for E-sciencE Distributed Metadata with the AMGA Metadata Catalog Nuno Santos, Birger Koblitz 20 June 2006.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org AMGA Metadata Server - Metadata Services in gLite (+ ARDA DB Deployment Plans with Experiments)

INFSO-RI Enabling Grids for E-sciencE AMGA Metadata Server - Metadata Services in gLite (+ ARDA DB Deployment Plans with Experiments)
Enabling Grids for E-sciencE EGEE-III INFSO-RI-222667 1 I. AMGA Overview What is AMGA Metadata Catalogue of EGEE’s gLite 3.1 Middleware Main Feature of.

Enabling Grids for E-sciencE EGEE-III INFSO-RI I. AMGA Overview What is AMGA Metadata Catalogue of EGEE’s gLite 3.1 Middleware Main Feature of.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks JRA1 summary Claudio Grandi EGEE-II JRA1.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks JRA1 summary Claudio Grandi EGEE-II JRA1.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE middleware: gLite Data Management EGEE Tutorial 23rd APAN Meeting, Manila Jan.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE middleware: gLite Data Management EGEE Tutorial 23rd APAN Meeting, Manila Jan.
Enabling Grids for E-sciencE Introduction Data Management Jan Just Keijser Nikhef Grid Tutorial, 13-14 November 2008.

Enabling Grids for E-sciencE Introduction Data Management Jan Just Keijser Nikhef Grid Tutorial, November 2008.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks AMGA PHP API Claudio Cherubino INFN - Catania.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks AMGA PHP API Claudio Cherubino INFN - Catania.
Enabling Grids for E-sciencE Jean Salzemann EGEE08 Conference – Istanbul – 25/09/08 1 HOPE HOsptital Platform for.

Enabling Grids for E-sciencE Jean Salzemann EGEE08 Conference – Istanbul – 25/09/08 1 HOPE HOsptital Platform for.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org gLite Data Management and Interoperability Peter Kunszt (JRA1 DM Cluster) 2 nd EGEE Conference,

INFSO-RI Enabling Grids for E-sciencE gLite Data Management and Interoperability Peter Kunszt (JRA1 DM Cluster) 2 nd EGEE Conference,
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org NA4/Biomed Demonstration Medical Data Management and processing EGEE 3 rd review rehearsal,

INFSO-RI Enabling Grids for E-sciencE NA4/Biomed Demonstration Medical Data Management and processing EGEE 3 rd review rehearsal,
MEDIGRID project, DataGrid FR meeting, April 18, 2002, Johan Montagnat, WP10 ACI GRID 2002 MEDIGRID: high performance medical image processing on a computational.

MEDIGRID project, DataGrid FR meeting, April 18, 2002, Johan Montagnat, WP10 ACI GRID 2002 MEDIGRID: high performance medical image processing on a computational.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE Site Architecture Resource Center Deployment Considerations MIMOS EGEE Tutorial.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE Site Architecture Resource Center Deployment Considerations MIMOS EGEE Tutorial.

Similar presentations

Ads by Google