Securing DNA Data With Stricter Cloud Security Measures
IEEE Computer Society Team
Share this on:
The field of bioinformatics involves analyzing individuals’ DNA data, which has to be performed by advanced computers. However, the systems initially designed to secure DNA data stored within bioinformatics systems may not be capable of adequately securing it from cyberattacks.
Researchers at Western Kentucky University undertook the task of determining how to best secure the cloud networks that manage and store sensitive DNA information.
Identifying the Primary Areas of Need
The DNA analysis project, known as BioCloud, has to exist in the cloud, as opposed to on the individual computers of researchers, due to the heavy computing requirements of DNA analysis. By using cloud-based resources, researchers have access to powerful computers housed in data centers. With this computing horsepower at their fingertips, they can perform their analyses at speeds fast enough to make the overall project goals feasible.
Therefore, the team identified two key areas of need: adequate data encryption and user interface (UI) security.
Data encryption involves disguising data by running it through algorithms that turn it into unreadable characters. Only a computer with the appropriate secret key would be able to decrypt and then present the data to the user. Data encryption is needed for data in two states:
While in storage. The data of the BioCloud project is currently being held in plain text, making it an easy target for attackers. But it could be encrypted without sacrificing its usefulness using dynamic symmetric searchable encryption (DSSE).
In transit via network traffic. To enable data to flow through networks without being susceptible to man-in-the-middle attacks or other exfiltration techniques, the team recommends using Hypertext Transfer Protocol Secure (HTTPS).
User Interface Security
User interface (UI) security can be effective at preventing hackers from accessing sensitive areas or uploading malicious code used to compromise the system. The types of UI security proposed include:
Input validation. This involves validating the nature of the data inputted to make sure it doesn’t present a threat. This could be effective in preventing SQL injections, where a hacker inputs malicious code meant to manipulate, damage, or steal from a database.
Session security. Administrators can improve the security of user sessions by using random session keys. Also, by producing these keys more frequently, they can make it even harder for hackers to access the system.
Upload parsing. Upload parsing involves parsing out potentially harmful data, essentially filtering malicious data out, before it gets uploaded to the database.
Challenges Faced by the Team
While the team was working on developing and testing security features, other developers were making adjustments to the BioCloud platform at the same time. This resulted in a volatile system that was constantly in flux, making it difficult to achieve the desired results.
However, despite these difficulties, the team still managed to implement some security measures, such as Bcrypt hashing, making the overall system more secure than when it first started. You can read the full article in IEEE Computer Society’s digital library.