Speaker
Akos Frohner
(CERN)
Description
The goal of the Medical Data Management (MDM) task is to provide
secure (encrypted and under access control) access to medical
images, which are stored at hospitals in DICOM servers or are
replicated to standard grid Storage Elements (SE) elsewhere.
In gLite 3.0 there are three major components to satisfy the
requirements: The dCache/DICOM SE is a special SE, which encrypts
every requested image with a file specific key. It does not
provide a storage area on its own, but interfaces a hospital's
DICOM server to the grid. The gLite I/O server with a Fireman
catalog service provides the access control by wrapping an SE,
which holds medical images. And finally Hydra client library does
the en/decryption of the files, using the file specific keys
stored in the Hydra keystore.
In gLite R3.1 we are planning to simplify the software stack by
relying on richer functionality of the underlying components: as
storage elements (for example DPM) provide ACLs on individual
files, we can remove the wrapping gLite I/O layer from a storage
element and access it directly from the client side.
Refactoring of the dCache/DICOM SE is also necessary to unify the
server side en/decryption and access control functionality in a
single component.
Finally the Hydra keystore is being split into distributed
services for reliability and to reduce the impact of a compromised
key server.
Authors
Akos Frohner
(CERN)
David Smith
(CERN)
Jean-Philippe Baud
(CERN)
Krzysztof Nienartowicz
(CERN)
Lana Abadie
(CERN)
Remi Mollon
(CERN)
Sophie Lemaitre
(CERN)
