Professional Documents
Culture Documents
Abstract—–Picture Archiving and Communication Systems debated [6]. Extending a medical imaging system from a
(PACS) have been traditionally constrained to the premises of protected network on the healthcare provider’s premises to a
the healthcare provider. This has limited the availability of public cloud service requires additional security measures
these systems in many parts of the world and mandated major including a secure communications policy that is carefully
costs in infrastructure for those who employ them. Public
designed and implemented to protect data in transit. The
cloud services could be a solution that eases the cost of
ownership and provide greater flexibility for PACS security of data traveling over the open Internet is critical to
implementations. Moving these systems to the public cloud protect patient privacy and the integrity of the data.
requires that an authentication and encryption policy for This paper discusses how secure communications can be
communications is established within the PACS environment. established in a cloud-based medical image network with
This paper investigated an implementation which uses details outlined as the following. First, the current systems,
Transport Layer Security for communications between a cloud-
standards and publications will be discussed. Second, the
based PACS server and client.
working prototype which creates secured communications
I. INTRODUCTION with a cloud-based server. Lastly, an outline of future work
that needs to be done will be presented.
M EDICAL imaging systems have been traditionally
constrained to the premises of the healthcare provider.
These facilities incur major costs to provide the
II. BACKGROUND RESEARCH
infrastructure for the medical imaging systems. Cost of Picture Archiving and Communication Systems (PACS)
ownership has been a major road block to small scale are commonly used in the hospital environment as the tool to
healthcare providers and in less developed areas. According manage medical images. These systems have standardized
to the World Health Organization, two-thirds of the world’s on the Digital Imaging and Communications in Medicine
population has no access to basic diagnostic imaging (DICOM) file format and communications standard. Part 15
services [1]. These services are primarily unavailable of the DICOM standard specifies Secure Transport
because of insufficient infrastructure, unstable political Connection Profiles which includes two profiles which use
environment and a considerable burden of disease. On the certificates to establish a secure transport session, but details
other hand, the increasing volume of diagnostic images in about how the secured connection is established and
developed regions presents a different challenge. It is authenticated is left open to the application entity [7]. There
estimated that in 2014 healthcare providers in the US will are few publications which discuss how to establish a secure
perform over one billion diagnostic imaging procedures and connection within a PACS environment let alone a PACS
generate approximately 100 Petabytes of data [2]. The deployed to a public cloud. An authentication procedure in
amount of digital data being collected is leading to traditional healthcare systems is less of a concern given that
scalability and management issues for many healthcare most communications are on a private network behind a
providers. firewall and contained within the healthcare facility. Many
Cloud computing provides an environment where services implementations have a PACS router if communication
can be rapidly scaled up or down while costs incur only on a outside of the protected network is needed. As we extend
‘pay per use’ basis without upfront capital costs. Real the system to utilize public cloud computing resources,
monetary saving can come from utilizing cloud computing establishing an authentication policy for secured
for both small and large organizations [3], [4]. Other communications is a necessity.
benefits include more robust cost-effective business Cloud computing is still a developing industry where
continuity planning such as disaster recovery [2], and benefits and concerns are still being explored. Rosenthal et
allowing more focus to be put on providing healthcare al [5] evaluates how cloud computing could be used for the
services than managing infrastructure [4]. healthcare industry. Some benefits discussed are reduced
These benefits do not come without risks. Maintaining management decisions concerning infrastructure, scalability,
the security and integrity of the data with a cloud increased resiliency and cost reductions. Even within a
environment becomes a major concern [5]. Legal policies cloud environment, security management is still principally
concerning cloud computing are still being explored and the responsibility of organization and is not outsourced to
the cloud provider. Some additional considerations for
organizations when moving to the cloud include the
T. Rostrom is with Brigham Young University, Provo, UT 84602, USA. jurisdiction the cloud application will be under, additional
(e-mail: trostrom@byu.edu).
C. Teng is with Brigham Young University, Provo, UT 84602, USA. risk of hackers and protecting data from the cloud provider
(phone: 801-422-1297; e-mail: ccteng@byu.edu). and other tenants using cloud.
8220
Fig. 2. Certificates imported into the Windows Azure certificate manager
8221
Fig. 3. Windows Certificate Manager containing the client’s private certificate
8222