Big data and associated analytics have the potential to revolutionize healthcare through the tools and techniques they offer to manage and exploit the large volumes of heterogeneous data being collected in the healthcare domain. The strict security and privacy constraints on this data, however, pose a major obstacle to the successful use of these tools and techniques. The paper first describes the security challenges associated with big data analytics in healthcare research from a unique perspective based on the big data analytics pipeline. The paper then examines the use of data safe havens as an approach to addressing the security challenges and argues for the approach by providing a detailed introduction to the security mechanisms implemented in a novel data safe haven. The CIMVHR Data Safe Haven (CDSH) was developed to support research into the health and well-being of Canadian military, Veterans, and their families. The CDSH is shown to overcome the security challenges presented in the different stages of the big data analytics pipeline.
References
[1]
Burton, P.R., Murtagh, M.J., Boyd, A., Williams, J.B., Dove, E.S., Wallace, S.E., Tasse, A.-M., Little, J., Chisholm, R.L., Gaye, A., Hveem, K., Brookes, A.J., Goodwin, P., Fistein, J., Bobrow, M. and Knoppers, B.M. (2015) Data Safe Havens in Health Research and Healthcare. Bioinformatics, 31, 3241-3248.
https://doi.org/10.1093/bioinformatics/btv279
[2]
Dash, S., Shakyawar, S.K., Sharma, M. and Kaushik, S. (2019) Big Data in Healthcare: Management, Analysis, and Future Prospects. Journal of Big Data, 6, Article No. 54. https://doi.org/10.1186/s40537-019-0217-0
[3]
Abouelmehdi, K., Beni-Hessane, A. and Khaloufi, H. (2018) Big Healthcare Data: Preserving Security and Privacy. Journal of Big Data, 5, Article No. 1.
https://doi.org/10.1186/s40537-017-0110-7
[4]
Price, W.N. and Cohen, I.G. (2019) Privacy in the Age of Medical Big Data. Nature Medicine, 25, 37-43. https://doi.org/10.1038/s41591-018-0272-7
[5]
Krishna, R., Kelleher, K. and Stahlberg, E. (2007) Patient Confidentiality in the Research Use of Clinical Medical Databases. American Journal of Public Health, 97, 654-658. https://doi.org/10.2105/AJPH.2006.090902
[6]
Daschle, T.A. (2015) Academic Medicine in a Transformational Time. Academic Medicine, 90, 11-13. https://doi.org/10.1097/ACM.0000000000000577
[7]
Robertson, D., Giunchiglia, F., Pavis, S., Turra, E., Bella, G., Elliot, E., Morris, A., Atkinson, M., McAllister, G., Manataki, A., Papapanagiotou, P. and Parsons, M. (2016) Healthcare Data Safe Havens: Towards a Logical Architecture and Experiment Automation. The Journal of Engineering, 2016, 431-440.
https://doi.org/10.1049/joe.2016.0170
[8]
Vaccarino, A.L., Dharsee, M., Strother, S., Aldridge, D., Arnott, S.R., Behan, B., Dafnas, C., Dong, F., Edgecombe, K., El-Badrawi, R., El-Emam, K., Gee, T., Evans, S.G., Javadi, M., Jeanson, F., Lefaivre, S., Lutz, K., MacPhee, F.C., Mikkelsen, J., Mikkelsen, T., Mirotchnick, N., Schmah, T., Studzinski, C.M., Stuss, D.T., Theriault, E. and Evans, K.R. (2018) Brain-Code: A Secure Neuroinformatics Platform for Management, Federation, Sharing and Analysis of Multi-Dimensional Neuroscience Data. Frontiers in Neuroinformatics, 12, Article No. 28.
https://doi.org/10.3389/fninf.2018.00028
[9]
Chang, W.L. and Grady, N. (2015) NIST Big Data Interoperability Framework: Volume 1, Big Data Definitions. NBD-PWG NIST Big Data Public Working Group.
[10]
de la Torre, I., García-Zapirain, B. and López-Coronado, M. (2017) Analysis of Security in Big Data Related to Healthcare. Journal of Digital Forensics, Security and Law, 12, 39-46. https://doi.org/10.15394/jdfsl.2017.1448
[11]
CIMVHR Canadian Institute for Military and Veteran Health Research (2019).
https://cimvhr.ca
[12]
CAC The Centre for Advanced Computing (2020). http://cac.queensu.ca
[13]
Martin, P., Rakha, M. and Whitnall, J. (2021) Data Safe Haven for Military, Veteran, and Family Health Research. Journal of Military, Veteran and Family Health, 7, 102-107. https://doi.org/10.3138/jmvfh-2020-0035
[14]
Microsoft (2018) Remote Desktop Protocol.
https://docs.microsoft.com/en-us/windows/win32/termserv/remote-desktop-protocol?redirectedfrom=MSDN
Surana, J., Singh, K., Bairagi, N., Mehto, N. and Jaiswal, N. (2017) Survey on Next Generation Firewall. International Journal of Engineering Development and Research, 5, 984-988.
[17]
Microsoft (2022) Microsoft Windows Server Documentation.
https://docs.microsoft.com/en-us/windows-server
[18]
SAS (2020) The SAS Platform. https://www.sas.com/en_ca/software/platform.html
[19]
IBM (2020) Cognos Analytics.
https://www.ibm.com/ca-en/products/cognos-analytics
The R Foundation (2020) The R Project for Statistical Computing.
https://www.r-project.org
[22]
IBM (2021) DB2 Supported Data Source.
https://www.ibm.com/support/pages/data-source-support-matrix-federation-bundled-db2-luw-v115
[23]
Morabito, R., Kjallman, J. and Komu, M. (2015) Hypervisors vs. Lightweight Virtualization: A Performance Comparison. 2015 IEEE International Conference on Cloud Engineering, Tempe, 9-13 March 2015, 386-393.
https://doi.org/10.1109/IC2E.2015.74
[24]
Padhy, R.P., Patra, M.R. andSatapathy, S.C. (2011) Cloud Computing: Security Issues and Research Challenges. International Journal of Computer Science and Information Technology and Security, 1, 136-146.
[25]
Von Solms, R. and Van Niekerk, J. (2013) From Information Security to Cybersecurity. Computers and Security, 38, 97-102.
https://doi.org/10.1016/j.cose.2013.04.004
[26]
Samonas, S. and Coss, D. (2014) The CIA Strikes Back: Redefining Confidentiality, Integrity, and Availability in Security. Journal of Information System Security, 10, 21-45.
[27]
Conrad, E., Misenar, S. and Feldman, J. (2012) CISSP Study Guide. Newnes.
[28]
Lammle, T. (2016) CCNA Routing and Switching Complete Study Guide: Exam 100-105, Exam 200-105, Exam 200-125. John Wiley and Sons, Hoboken.
[29]
Dautis, B. (2018) Installing and Configuring Windows 10: 70-698 Exam Guide. PACKT Publishing Limited, Birmingham.
[30]
Dierks, T. (2008) The Transport Layer Security (TLS) Protocol Version 1.2.
https://tools.ietf.org/html/rfc5246
https://doi.org/10.17487/rfc5246
[31]
Mockapetris, P. and Dunlap, K.J. (1988) Development of the Domain Name System. Symposium Proceedings on Communications Architectures and Protocols, Stanford, 16-18 August 1988, 123-133. https://doi.org/10.1145/52324.52338
[32]
Mills, D.L. (1991) Internet Time Synchronization: The Network Time Protocol. IEEE Transactions on Communications, 39, 1482-1493.
https://doi.org/10.1109/26.103043
[33]
Gerhards, R. (2009) The Syslog Protocol. https://tools.ietf.org/html/rfc5424
https://doi.org/10.17487/rfc5424
[34]
Miller, D., Harris, S., Harper, A., VanDyke, S. and Blask, C. (2011) Security Information and Event Management (SIEM) Implementation. McGraw-Hill, New York.
[35]
Claise, B. (2004) Cisco Systems NetFlow Services Export Version 9.
https://tools.ietf.org/html/rfc3954
https://doi.org/10.17487/rfc3954
[36]
Chokhani, S., Ford, W., Sabett, R., Merrill, C. and Wu, S. (1999) Internet x.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework.
https://tools.ietf.org/html/rfc3647
https://doi.org/10.17487/rfc2527
[37]
Christen, P. (2012) Data Matching: Concepts and Techniques for Record Linkage, Entity Resolution, and Duplicate Detection. Springer Science and Business Media, Berlin.
[38]
Elahi, G., Yu, E. and Zannone, N. (2011) Security Risk Management by Qualitative Vulnerability Analysis. Proceedings of 2012 Third International Workshop on Security Measurements and Metrics, Banff, 21 September 2011, 1-10.
https://doi.org/10.1109/Metrisec.2011.12
[39]
Clark, K., Tyree, S., Dawkins, J. and Hale, J. (2004) Qualitative and Quantitative Analytical Techniques for Network Security Assessment. Proceedings of the 2004 IEEE Workshop on Information Assurance and Security, West Point, 10-11 June 2004, 321-328.
[40]
Daryabar, F., Dehghantanha, A., Norouzi, F. and Mahmoodi, F. (2011) Analysis of Virtual Honeynet and VLAN-Based Virtual Networks. Proceedings of 2011 International Symposium on Humanities, Science and Engineering Research, Kuala Lumpur, 24-27 June 2012, 73-77. https://doi.org/10.1109/SHUSER.2011.6008503
[41]
Callegati, F., Cerroni, W. and Ramilli, M. (2009) Man-in-the-Middle Attack to the HTTPS Protocol. IEEE Security and Privacy, 7, 78-81.
https://doi.org/10.1109/MSP.2009.12
[42]
Bull, R.L., Matthews, J.N. and Trumbull, K.A. (2016) VLAN Hopping, ARP Poisoning, and Man-in-the-Middle Attacks in Virtualized Environments. DEF CON 24, Las Vegas, 4-7 August 2018, 9.
[43]
Khouzani, M.H., Sarkar, S. and Altman, E. (2012) Maximum Damage Malware Attack in Mobile Wireless Networks. IEEE/ACM Transactions on Networking, 20, 1347-1360. https://doi.org/10.1109/TNET.2012.2183642
[44]
Ainsworth, J., Cunningham, J. and Buchan, I. (2012) Elab: Bringing Together People, Data, and Methods to Enhance Knowledge Discovery in Healthcare Settings. Studies in Health Technology and Informatics, 175, 39-48.
[45]
Bechhofer, S., De Roure, D., Gamble, M., Goble, C. and Buchan, I. (2010) Research Objects: Towards Exchange and Reuse of Digital Knowledge. Nature Precedings.
https://doi.org/10.1038/npre.2010.4626.1
