Auditable Medical Data Sharing through Recoverable Key Agreement

Conference Paper (2024)
Author(s)

J.S. van Assen (TU Delft - Cyber Security)

Roland Kromes (TU Delft - Web Information Systems, TU Delft - Cyber Security)

Z. Erkin (TU Delft - Cyber Security)

Research Group
Cyber Security
DOI related publication
https://doi.org/10.1109/BRAINS63024.2024.10732363
More Info
expand_more
Publication Year
2024
Language
English
Research Group
Cyber Security
ISBN (electronic)
9798350367843
Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Medical research benefits from large quantities of high-quality data. Internet-based data-sharing platforms bring the advantage of rapidly sharing data medical data. However, ensuring security and accountability in networked medical systems remains a challenge. In this paper, we propose a secure and auditable data-sharing platform for hospitals and research groups based on a distributed ledger. A two-party protocol for recoverable key agreement lies at the basis of securing the data sharing. This protocol enables two parties to agree on an encryption key and put the encryption key under the escrow of a board of semi-trusted auditors. A quorum of these auditors is required in order to recover the encryption key. The recoverable key agreement ensures that past communication can be audited, even if one of the two parties is malicious. We provide a realization of the protocol and analyze its complexity and performance. Based on these analyses, we demonstrate that the protocol is suitable for real-world use cases and resource-constrained devices.

Files

Auditable_Medical_Data_Sharing... (pdf)
(pdf | 0.494 Mb)
- Embargo expired in 30-06-2025
License info not available