Security and privacy architectures for biomedical cloud computing

Biomedical research often relies on having access to vast amounts of sensitive information. Patient data in electronic form are held in medical databases and bio-repositories and have to be queried, data mined and operated on by doctors and researchers. Lately, all this information has been migrating to the cloud making access easier for all interested parties. While this helps with dissemination and access, it may have unintended consequences in terms of security and privacy. In this work we propose an architecture that combines distributed access control mechanisms with privacy preserving cryptographic protocols to enable secure sharing and computations on clouds holding sensitive biomedical data. The data shared are tagged with security policies that define who has access to it and how they should be used. Access rights may be delegated to other parties making collaborations easier. Finally, data can be operated on cryptographically to extract specific information without compromising the entire data set.