DeFranco, J.
, Roberts, J.
, Ferraiolo, D.
and Compton, D.
(2024),
An Infrastructure for Secure Data Sharing: A Clinical Data Implementation, Journal of the American Medical Informatics Association, [online], https://doi.org/10.1093/jamiaopen/ooae040, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=956770
(Accessed December 3, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
An Infrastructure for Secure Data Sharing: A Clinical Data Implementation
Published
Author(s)
, , ,
Abstract
Objective: To address database interoperability challenges to improve collaboration among disparate organizations. Materials and Methods: We developed a lightweight system to allow broad but well-controlled data sharing while preserving local data protection policies. We used 2 NIST-developed technologies—Next-generation Database Access Control (NDAC) and the Data Block Matrix (DBM)— to create a proof-of-concept system called the Secure Federated Data Sharing System (SFDS). NDAC controls access to database resources down to the field level based on attributes assigned to users. The DBM manages and shares authoritative user-attribute assignments across a federation of organizations, implemented using a modified open-source permissioned blockchain, to manage and share authoritative user- attribute assignments across a federation of organizations. We used synthetic data to demonstrate a clinical research data-sharing use case using the SFDS. Results: We demonstrated, through consent, the onboarding of previously unknown users into NDAC via assignments to their DBM-validated attributes, allowing those users policy-preserving access to local database resources. The SFDS main system components—NDAC and DBM— also showed excellent performance metrics. Discussion: The SFDS provides a generic data-sharing infrastructure that effectively and securely achieves data-sharing objectives. It is completely transparent to the otherwise normal business operations of participating organizations. It requires no changes to database management systems or existing methods of authenticating and authorizing local user access to local resources. Conclusion: This efficiency, flexibility of deployment, and granularity of control make this new infrastructure solution practical for meeting the data-sharing and protection objectives of the clinical research community.Citation
Journal of the American Medical Informatics Association
Volume
7
Issue
2
Pub Type
Journals
Download Paper
Keywords
Distributed Ledgers, Data Sharing, Access Control, Privacy, Security
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.
Created May 15, 2024, Updated July 1, 2024