The Information Security Research Center team at Sun Yat-sen University has developed a medical data warehouse system with privacy protection and secure data mining capabilities. Through an innovative SABHPRE encryption technology, medical data can receive the most stringent protection in the cloud while maintaining flexible application of the data.
Cloud-Based Medical Data Raises Security Concerns
Today, many medical institutions are outsourcing their medical information systems to public clouds to reduce maintenance costs. However, this also exposes medical data to the risk of unauthorized access. While traditional encryption techniques can protect the confidentiality of medical data, they also limit its usability. The core technology of this system, SABHPRE, allows medical data under the FHIR medical information exchange standard to maintain high flexibility and security even in an encrypted state, effectively addressing security concerns of cloud-based medical data.
SABHPRE Technology: The Strongest Backup for Medical Data Encryption
Director Chun-I Fan states that SABHPRE technology is a world-first attribute-based encryption technique that simultaneously offers searchability, homomorphic computation, and proxy re-encryption capabilities. Through attribute-based encryption, the system controls data access permissions based on user identity attributes, effectively reducing management costs. The homomorphic computation and proxy re-encryption features enable secure medical data statistics and sharing while protecting privacy. The searchable feature allows ciphertexts to be searched without exposing any private information.
Integrating Federated Learning for Cross-Institutional AI Model Building
The team has further integrated the system with federated learning technology, allowing different medical institutions to jointly train and develop intelligent medical models without exchanging raw data. Each institution trains models using local data, then uploads the model updates to a central server for integration. This approach enhances model accuracy while protecting each institution's data privacy and promotes international collaboration. Additionally, the system provides a personal electronic health record platform, allowing patients to access and manage medical data in real-time from mobile devices. Through federated learning technology, patients can collaborate with medical institutions to train more accurate health models, realizing the integration of clinical medical data and personal health information.
Director Fan points out that the system has completed demonstration site construction and is currently collaborating with relevant units to test its practicality and stability. In the future, the team aims to help more domestic and international medical institutions comply with privacy regulations for cloud-based data applications, bringing safer, more convenient, and efficient medical data management services to medical institutions, research units, and patients.
Resource (mandarin)
