Trust the System

van Assen, J. S.

Trust the System

Auditing Privacy- preserving Medical Data Analysis in a Distributed Manner

Master thesis (2023)

Authors

J. S. van Assen Electrical Engineering, Mathematics and Computer Science

Contributors

Z. Erkin Cyber Security (mentor)

M. Khosla Multimedia Computing (graduation committee member)

Faculty

Electrical Engineering, Mathematics and Computer Science, Electrical Engineering, Mathematics and Computer Science

Medical Data Sharing Privacy Enhancing Technologies Key Generation

To reference this document use:

http://resolver.tudelft.nl/uuid:ce1aaa10-671f-4d69-9d1c-c63d331539d0

More Info

expand_more

Published Date

28-09-2023

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Abstract

Recent developments in the capability and availability of small internet of things devices has meant that networked medical devices, like networked implants and wearable monitors, have become more widespread. This data is invaluable for solving pressing global healthcare concerns, like eectively monitoring and treating heart patients. The European Union has announced plans to create an international collaborative network for sharing medical data. However, such a system will have to overcome some major unsolved issues regarding security and privacy. Citizens surveys have stressed the im-portance of privacy protection and transparency in recipients. Governments have appointed administrative bodies tasked with supervising the processing of personal data, or assuring healthcare quality. However, medical health-care providers have signalled concern with unrestricted governmental access to patient data. In this thesis, we propose a system for auditable medical data sharing compatible with privacy-preserving technologies. We demon-strate a method to securely generate encryption keys which are recoverable using an audit key.
We combine this with distributed key generation to cre-ate a board of trusted members, with each a share of the audit key. Board members can work together to collaboratively audit communication between healthcare providers and medical researchers. We demonstrate that the key generation is secure and ecient. We show that auditability is guaranteed under the assumptions that at least one of the communicating parties is hon-est. Our system bridges the gap between privacy-preserving medical data analysis and governing capabilities by assuring auditability without handing this power over to a single party. In real world scenarios, this system can be used to create international level of data sharing, as is explored for the European Health Data Space. The data inspection can be combined with already existing legislative power to detect fraudulent behavior and perform physical audits when required. The system can be extended to facilitate reproducible medical research.

Files

Master_thesis_Jorrit_van_Assen... (pdf)

(pdf | 2.87 Mb)

License info not available