Cybersecurity In Health Care

As healthcare providers work to implement the latest pieces of technology to improve patient care, and secure Patient Health Innovation (PHI),  with evolving threats we at Purkyashatha lab, are determined to work towards deflecting these threats by working on developing a safe and secure framework for sharing of information.

Moving forward to achieve our goals we have been awarded $599,998.00 by the National Science Foundation on  Development of a Secure and Privacy-Preserving Workflow Architecture for Dynamic Data Sharing in Scientific Infrastructures.

About the project:

Scientific cyberinfrastructures embrace collaborative workflows where users can access and share heterogeneous data and computing resources to perform research and education tasks, which catalyze scientific discovery. One such cyberinfrastructure, JetStream, is the first production cloud funded by the NSF for general-purpose science and engineering research and education. Although Jetstream provides basic data storage security and web authentication, its security features do not satisfy the strict requirements involving sensitive data, such as healthcare data with protected health information (PHI). This project builds a secure, holistic, and resilient cybersecurity architecture on JetStream so that collaborative research and education projects can share PHI securely between its users.

The secured infrastructure provides comprehensive multi-level protection for the PHI and its workflows through user authentication, fine-tuned data access control, confidentiality, integrity, and traceability. The project implements role-wise passwordless authentication and authorization, cryptography-based hierarchical access control, dual-level key management, and secure digital provenance integrity protection. By employing these, JetStream VMs can guarantee the security, privacy, and integrity of scientific workflows and associated data, thus protecting data and computing resources from internal and external attacks. When applied to healthcare and life-science cyberinfrastructures, it enables sensitive health data to be shared securely, which is an essential requirement for accelerating life science research. The project promotes the use of real clinical data in training to produce enormous educational impacts. The developed secure architecture is generic and applicable to other data and resource sharing environments.