The medical science DMZ: a network design pattern for data-intensive medical science

OBJECTIVE: We describe a detailed solution for maintaining high-capacity, data-intensive network flows (eg, 10, 40, 100 Gbps+) in a scientific, medical context while still adhering to security and privacy laws and regulations. MATERIALS AND METHODS: High-end networking, packet-filter firewalls, netw...

Descripción completa

Detalles Bibliográficos
Autores principales: Peisert, Sean, Dart, Eli, Barnett, William, Balas, Edward, Cuff, James, Grossman, Robert L, Berman, Ari, Shankar, Anurag, Tierney, Brian
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Oxford University Press 2018
Materias:
Research and Applications
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7651886/
https://www.ncbi.nlm.nih.gov/pubmed/29040639
http://dx.doi.org/10.1093/jamia/ocx104
_version_ 1783607615487475712
author Peisert, Sean
Dart, Eli
Barnett, William
Balas, Edward
Cuff, James
Grossman, Robert L
Berman, Ari
Shankar, Anurag
Tierney, Brian
author_facet Peisert, Sean
Dart, Eli
Barnett, William
Balas, Edward
Cuff, James
Grossman, Robert L
Berman, Ari
Shankar, Anurag
Tierney, Brian
author_sort Peisert, Sean
collection PubMed
description OBJECTIVE: We describe a detailed solution for maintaining high-capacity, data-intensive network flows (eg, 10, 40, 100 Gbps+) in a scientific, medical context while still adhering to security and privacy laws and regulations. MATERIALS AND METHODS: High-end networking, packet-filter firewalls, network intrusion-detection systems. RESULTS: We describe a “Medical Science DMZ” concept as an option for secure, high-volume transport of large, sensitive datasets between research institutions over national research networks, and give 3 detailed descriptions of implemented Medical Science DMZs. DISCUSSION: The exponentially increasing amounts of “omics” data, high-quality imaging, and other rapidly growing clinical datasets have resulted in the rise of biomedical research “Big Data.” The storage, analysis, and network resources required to process these data and integrate them into patient diagnoses and treatments have grown to scales that strain the capabilities of academic health centers. Some data are not generated locally and cannot be sustained locally, and shared data repositories such as those provided by the National Library of Medicine, the National Cancer Institute, and international partners such as the European Bioinformatics Institute are rapidly growing. The ability to store and compute using these data must therefore be addressed by a combination of local, national, and industry resources that exchange large datasets. Maintaining data-intensive flows that comply with the Health Insurance Portability and Accountability Act (HIPAA) and other regulations presents a new challenge for biomedical research. We describe a strategy that marries performance and security by borrowing from and redefining the concept of a Science DMZ, a framework that is used in physical sciences and engineering research to manage high-capacity data flows. CONCLUSION: By implementing a Medical Science DMZ architecture, biomedical researchers can leverage the scale provided by high-performance computer and cloud storage facilities and national high-speed research networks while preserving privacy and meeting regulatory requirements.
format Online
Article
Text
id pubmed-7651886
institution National Center for Biotechnology Information
language English
publishDate 2018
publisher Oxford University Press
record_format MEDLINE/PubMed
spelling pubmed-76518862020-11-30 The medical science DMZ: a network design pattern for data-intensive medical science Peisert, Sean Dart, Eli Barnett, William Balas, Edward Cuff, James Grossman, Robert L Berman, Ari Shankar, Anurag Tierney, Brian J Am Med Inform Assoc Research and Applications OBJECTIVE: We describe a detailed solution for maintaining high-capacity, data-intensive network flows (eg, 10, 40, 100 Gbps+) in a scientific, medical context while still adhering to security and privacy laws and regulations. MATERIALS AND METHODS: High-end networking, packet-filter firewalls, network intrusion-detection systems. RESULTS: We describe a “Medical Science DMZ” concept as an option for secure, high-volume transport of large, sensitive datasets between research institutions over national research networks, and give 3 detailed descriptions of implemented Medical Science DMZs. DISCUSSION: The exponentially increasing amounts of “omics” data, high-quality imaging, and other rapidly growing clinical datasets have resulted in the rise of biomedical research “Big Data.” The storage, analysis, and network resources required to process these data and integrate them into patient diagnoses and treatments have grown to scales that strain the capabilities of academic health centers. Some data are not generated locally and cannot be sustained locally, and shared data repositories such as those provided by the National Library of Medicine, the National Cancer Institute, and international partners such as the European Bioinformatics Institute are rapidly growing. The ability to store and compute using these data must therefore be addressed by a combination of local, national, and industry resources that exchange large datasets. Maintaining data-intensive flows that comply with the Health Insurance Portability and Accountability Act (HIPAA) and other regulations presents a new challenge for biomedical research. We describe a strategy that marries performance and security by borrowing from and redefining the concept of a Science DMZ, a framework that is used in physical sciences and engineering research to manage high-capacity data flows. CONCLUSION: By implementing a Medical Science DMZ architecture, biomedical researchers can leverage the scale provided by high-performance computer and cloud storage facilities and national high-speed research networks while preserving privacy and meeting regulatory requirements. Oxford University Press 2018-03 2017-10-06 /pmc/articles/PMC7651886/ /pubmed/29040639 http://dx.doi.org/10.1093/jamia/ocx104 Text en © The Author 2017. Published by Oxford University Press on behalf of the American Medical Informatics Association. http://creativecommons.org/licenses/by-nc/4.0/ This is an Open Access article distributed under the terms of the Creative Commons Attribution Non-Commercial License (http://creativecommons.org/licenses/by-nc/4.0/), which permits non-commercial re-use, distribution, and reproduction in any medium, provided the original work is properly cited. For commercial re-use, please contact journals.permissions@oup.com
spellingShingle Research and Applications
Peisert, Sean
Dart, Eli
Barnett, William
Balas, Edward
Cuff, James
Grossman, Robert L
Berman, Ari
Shankar, Anurag
Tierney, Brian
The medical science DMZ: a network design pattern for data-intensive medical science
title The medical science DMZ: a network design pattern for data-intensive medical science
title_full The medical science DMZ: a network design pattern for data-intensive medical science
title_fullStr The medical science DMZ: a network design pattern for data-intensive medical science
title_full_unstemmed The medical science DMZ: a network design pattern for data-intensive medical science
title_short The medical science DMZ: a network design pattern for data-intensive medical science
title_sort medical science dmz: a network design pattern for data-intensive medical science
topic Research and Applications
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7651886/
https://www.ncbi.nlm.nih.gov/pubmed/29040639
http://dx.doi.org/10.1093/jamia/ocx104
work_keys_str_mv AT peisertsean themedicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT darteli themedicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT barnettwilliam themedicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT balasedward themedicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT cuffjames themedicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT grossmanrobertl themedicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT bermanari themedicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT shankaranurag themedicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT tierneybrian themedicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT peisertsean medicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT darteli medicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT barnettwilliam medicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT balasedward medicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT cuffjames medicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT grossmanrobertl medicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT bermanari medicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT shankaranurag medicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience
AT tierneybrian medicalsciencedmzanetworkdesignpatternfordataintensivemedicalscience

Ejemplares similares