short-paper

Vallum-Med: Protecting Medical Data in Cloud Environments

Authors:

Ignacio BlanquerAuthors Info & Claims

CIKM '20: Proceedings of the 29th ACM International Conference on Information & Knowledge Management

Pages 3397 - 3400

https://doi.org/10.1145/3340531.3417421

Published: 19 October 2020 Publication History

Get Access

Abstract

Despite the many advantages of cloud computing, keeping information in such an environment increases the risk of cyber attacks, as well as the possibility of unauthorized access by cloud provider employees. Another critical concern is privacy protection, since depending on data access control, confidential information may be exposed even through authorized access. To solve these issues we have previously proposed Vallum, a platform that leverages Intel SGX protection to ensure the security, confidentiality, and integrity of data at rest and during processing. It also provides tools for privacy protection, following policies set by the data owner. In this demo we present Vallum-Med, an application of Vallum for the protection of medical patient personal data, including imaging results of their cardiac examinations. We will demonstrate that this system fully supports cloud protection of such sensitive data as well as the definition of privacy policies and ensuring that all results of queries are compliant to these policies. All processing, data storage and network traffic are protected using SCONE, a docker container-based technology for seamlessly incorporating SGX protection for applications, which provides a fully encrypted memory environment.

Supplementary Material

MP4 File (3340531.3417421.mp4)

In this video, we present a secure app called Vallum-Med, to address medical data protection and privacy in a cloud computing environment.

Download
21.15 MB

References

[1]

Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O'Keeffe, Mark L. Stillwell, David Goltzsche, Dave Eyers, Rüdiger Kapitza, Peter Pietzuch, and Christof Fetzer. 2016. SCONE: Secure Linux Containers with Intel SGX. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16). USENIX Association, Savannah, GA, 689--703.

Digital Library

Google Scholar

[2]

Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. IACR Cryptology ePrint Archive 2016 (2016), 86.

Google Scholar

[3]

David F. Ferraiolo and D. Richard Kuhn. 2009. Role-Based Access Controls. CoRR abs/0903.2171 (2009).

Google Scholar

[4]

Lena Griebel, Hans-Ulrich Prokosch, Felix Köpcke, Dennis Toddenroth, Jan Christoph, Ines Leb, Igor Engel, and Martin Sedlmayr. 2015. A scoping review of cloud computing in healthcare. BMC Med. Inf. & Decision Making 15 (2015), 17.

Crossref

Google Scholar

[5]

Danny Harnik, Eliad Tsfadia, Doron Chen, and Ronen I. Kat. 2018. Securing the Storage Data Path with SGX Enclaves. CoRR abs/1806.10883 (2018).

Google Scholar

[6]

W. A. Jansen. 2011. Cloud Hooks: Security and Privacy Issues in Cloud Computing. In 2011 44th Hawaii International Conference on System Sciences. 1--10.

Google Scholar

[7]

R. Peterson, A. Carvalho, A. da Silva, G. Fernandez, A. Martin, C. Fetzer, and A. Brito. 2019. Vallum: Privacy, Confidentiality and Access Control for Sensitive Data in Cloud Environments. In 2019 IEEE International Conference on Cloud Computing Technology and Science (CloudCom). 103--110.

Google Scholar

[8]

Fabian Prasser, Johanna Eicher, Helmut Spengler, Raffael Bild, and Klaus A. Kuhn. 2020. Flexible data anonymization using ARX?Current status and challenges ahead. Software: Practice and Experience 50, 7 (2020), 1277--1304.

Crossref

Google Scholar

[9]

M. Sadegh Riazi, Kim Laine, Blake Pelton, and Wei Dai. 2020. HEAX. In Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems.

Google Scholar

[10]

Dave (Jing) Tian, Joseph I. Choi, Grant Hernandez, Patrick Traynor, and Kevin R. B. Butler. 2019. A Practical Intel SGX Setting for Linux Containers in the Cloud. In CODASPY. 255--266.

Google Scholar

[11]

Zahra Zandesh, Marjan Ghazisaeedi, Murthy V. Devarakonda, and Mohammad Sayad Haghighi. 2019. Legal framework for health cloud: A systematic review. International Journal of Medical Informatics 132 (2019), 103953.

Crossref

Google Scholar

Cited By

View all

Will NMaziero C(2023)Intel Software Guard Extensions Applications: A SurveyACM Computing Surveys10.1145/359302155:14s(1-38)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3593021
Liu YLai HHuang JChao A(2021)On Detecting Cloud Container Failures from Computing Utility Sequences2021 22nd Asia-Pacific Network Operations and Management Symposium (APNOMS)10.23919/APNOMS52696.2021.9562640(358-361)Online publication date: 8-Sep-2021
https://doi.org/10.23919/APNOMS52696.2021.9562640

Index Terms

Vallum-Med: Protecting Medical Data in Cloud Environments
1. Security and privacy
  1. Security services
    1. Pseudonymity, anonymity and untraceability

Recommendations

Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures
DASC '09: Proceedings of the 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing

In this paper we present PasS (Privacy as a Service); a set of security protocols for ensuring the privacy and legal compliance of customer data in cloud computing architectures. PasS allows for the secure storage and processing of users’ confidential ...
CRFID

Radio-frequency identification (RFID) systems can benefit from cloud databases since information on thousands of tags is queried at the same time. If all RFID readers in a system query a cloud database, data consistency can easily be maintained by cloud ...
An Entity-Centric Approach for Privacy and Identity Management in Cloud Computing
SRDS '10: Proceedings of the 2010 29th IEEE Symposium on Reliable Distributed Systems

Entities (e.g., users, services) have to authenticate themselves to service providers (SPs) in order to use their services. An entity provides personally identifiable information (PII) that uniquely identifies it to an SP. In the traditional application-...

Comments

Information & Contributors

Information

Published In

CIKM '20: Proceedings of the 29th ACM International Conference on Information & Knowledge Management

October 2020

3619 pages

ISBN:9781450368599

DOI:10.1145/3340531

General Chairs:
Mathieu d'Aquin
DSI, Insight, NUI Galway, Ireland
,
Stefan Dietze
GESIS, Cologne, Germany, Heinrich-Heine-University Düsseldorf, Germany, L3S Research Center, Germany
,
Program Chairs:
Claudia Hauff
TU Delft, The Netherlands
,
Edward Curry
DSI, Insight, NUI Galway, Ireland
,
Philippe Cudre Mauroux
eXascale, University of Fribourg, Switzerland

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 19 October 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Funding Sources

European Community's Framework Program Horizon 2020
Coordenacao de Aperfeioamento de Pessoal de Novel Superior - Brasil

Conference

CIKM '20

Sponsor:

CIKM '20: The 29th ACM International Conference on Information and Knowledge Management

October 19 - 23, 2020

Virtual Event, Ireland

Acceptance Rates

Overall Acceptance Rate 1,861 of 8,427 submissions, 22%

Upcoming Conference

CIKM '25

Sponsor:
sigir
sigir

The 34th ACM International Conference on Information and Knowledge Management

November 10 - 14, 2025

Seoul , Republic of Korea

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
135
Total Downloads

Downloads (Last 12 months)13
Downloads (Last 6 weeks)1

Reflects downloads up to 28 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Will NMaziero C(2023)Intel Software Guard Extensions Applications: A SurveyACM Computing Surveys10.1145/359302155:14s(1-38)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3593021
Liu YLai HHuang JChao A(2021)On Detecting Cloud Container Failures from Computing Utility Sequences2021 22nd Asia-Pacific Network Operations and Management Symposium (APNOMS)10.23919/APNOMS52696.2021.9562640(358-361)Online publication date: 8-Sep-2021
https://doi.org/10.23919/APNOMS52696.2021.9562640

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

Supplementary Material

References

Cited By

Index Terms

Recommendations

Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures

CRFID

An Entity-Centric Approach for Privacy and Identity Management in Cloud Computing

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations