ESnet’s Science DMZ Design Could Help Transfer, Protect Medical Research Data

October 17, 2017

Oct. 17, 2017 — Like other sciences, medical research is generating increasingly large datasets as doctors track health trends, the spread of diseases, genetic causes of illness and the like. Effectively using this data for efforts ranging from stopping the spread of deadly viruses to creating precision medicine treatments for individuals will be greatly accelerated by the secure sharing of the data, while also protecting individual privacy.

In a paper published Friday, Oct. 6 by the Journal of the American Medical Informatics Association, a group of researchers led by Sean Peisert of the Department of Energy’s (DOE) Lawrence Berkeley National Laboratory (Berkeley Lab) wrote that the Science DMZ architecture developed for moving large data sets quick and securely could be adapted to meet the needs of the medical research community.

The Science DMZ traces its name to an element of network security architecture. Typically, located at the network perimeter, a DMZ has its own security policy because of its dedicated purpose – exchanging data with the outside world.

Exponentially increasing amounts of data from genomics, high quality imaging and other clinical data sets could provide valuable resources for preventing and treating medical conditions. But unlike most scientific data, medical information is subject to strict privacy protections under the Health Insurance Portability and Accountability Act (HIPAA) so any sharing of data must ensure that these protections are met.

Image courtesy of Lawrence Berkeley National Lab.

“You can’t just take the medical data from one site and drop it straight in to another site because of the policy constraints on that data,” said Eli Dart, a network engineer at the Department of Energy’s Energy Sciences Network (ESnet) who is a co-author of the paper. “But as members of a society, our health could benefit if the medical science community can become more productive in terms of accessing relevant data.”

For example, an authenticated user could query a very large data base stored at multiple sites to learn more about an emerging medical issue, such as the appearance of a new virus, said Peisert, who works in Berkeley Lab’s Computational Research Division. In this way, teams of widely dispersed experts could collaborate in real-time to address the problem.

According to the authors of the paper, the storage, analysis and network resources needed to handle the data and integrate it into patient diagnoses and treatments have grown so much that they strain the capabilities of academic health centers. At the same time, shared data repositories like those at the National Library of Medicine, the National Cancer Institute and international partners such as the European Bioinformatics Institute are rapidly growing.

“But by implementing a Medical Science DMZ architecture, we believe biomedical researchers can leverage the scale provided by high performance computer and cloud storage facilities and national high-speed research networks while preserving privacy and meeting regulatory requirements,” Peisert said. “Access would of course need to be properly authenticated, but unlocking the world’s medical information could yield enormous benefits.”

The authors define a “Medical Science DMZ” as “a method or approach that allows data flows at scale while simultaneously addressing the HIPAA Security Rule and related regulations governing biomedical data and appropriately managing risk.” Their network design pattern addresses Big Data and can be implemented using a combination of physical, administrative and technical safeguards.

The paper was written as the National Institutes of Health (NIH) are spearheading a “Commons Initiative” for sharing data; the NIH have long provided reference data through the National Library of Medicine. The National Cancer Institute funded a number of pilot projects to use cloud computing for cancer genomics in 2016, and the initiative has since continued and expanded beyond the pilot phase.s. Many universities with high-performance computing facilities available are increasingly applying their capacity to biomedical research.

The Science DMZ network architecture, which is used by more than 100 research institutions across the country, provides speed and security for moving large data sets. Dart led the development of the Science DMZ concept, formalized it in 2010, and has been helping organizations deploy it ever since.

A Science DMZ is specifically dedicated to external-facing high-performance science services and is separate from an organization’s production network, which allows bulk science data transfers to be secured without inheriting the performance limitations of the infrastructure used to defend enterprise applications.

Data transfers using Science DMZs are straightforward from a network security perspective: the data transfer nodes (specially tuned servers) exchange security credentials to authenticate the transfer and then open several connections to move the specified data. One the job is completed, the connections close down. In the case of moving medical data, the information is encrypted both while it is being stored and while it’s moving across the network.

“There’s no magic,” Dart said. “The security is easy to manage in that the sites are known entities and nothing moves without proper security credentials.”

In fact, Dart said, such transfers pose less of a security problem than surfing the web on a personal computer connected to an open network. When someone browses a web site, the user’s computer downloads content from many different locations as specified by the web page, including ads that are sold and resold by firms around the world and may contain malware or other security threats. A data transfer between Science DMZs is a comparatively simple operation that doesn’t involve image rendering or media players (which are common attack surfaces), and only transfers data from approved endpoints.

In their paper, the authors present the details of three implementations and describe how they balance the key aspects of a Medical Science DMZ of high-throughput and regulatory compliance. Indiana University, Harvard University, and the University of Chicago all use a non-firewalled approach to moving HIPAA-protected data in their Medical Science DMZs. Each site has implemented frameworks that allow free flow of data where needed and address HIPAA using alternate, reasonable and appropriate controls that manage risk.

In each case the data transfers are encrypted, and can only be initiated by authenticated and authorized users. The interactive network traffic needed to initiate such transfers still passes through one or more systems that are heavily protected and monitored. Although firewalls are not removed entirely from the system, they are used intelligently and overall system security is maintained while still permitting the transfer of sensitive data, such as large biomedical datasets.

“We wrote this paper as a starting point,” Peisert said, “and hope that it will allow a lot of great things to happen.”

ESnet is a DOE Office of Science User Facility. DOE’s Office of Science is the single largest supporter of basic research in the physical sciences in the United States, and is working to address some of the most pressing challenges of our time.


Source: Lawrence Berkeley National Laboratory

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

Oracle Cloud Now Offers AMD Epyc Compute Instances

October 23, 2018

Even as a press report yesterday declared that Intel has abandoned its current effort to produce a 10nm chip – a report denied by Intel – looming rival AMD and Oracle today announced the availability of the first AMD Epyc processor-based instance on Oracle Cloud Infrastructure. Read more…

By Doug Black

Scripps, Nvidia Tackle AI Tools and Best Practices for Genomics and Health Sensors

October 23, 2018

Nvidia and the Scripps Research Translational Institute today announced a collaboration to develop AI and deep learning best practices, tools and infrastructure to accelerate AI applications using genomic and digital hea Read more…

By John Russell

Automated Optimization Boosts ResNet50 Performance by 1.77x

October 23, 2018

From supercomputers to cell phones, every system and software device in our digital panoply has a growing number of settings that, if not optimized, constrain performance, wasting precious cycles and watts. In the f Read more…

By Tiffany Trader

HPE Extreme Performance Solutions

One Small Step Toward Mars: One Giant Leap for Supercomputing

Since the days of the Space Race between the U.S. and the former Soviet Union, we have continually sought ways to perform experiments in space. Read more…

IBM Accelerated Insights

Energy Matters: Evolving Holistic Approaches to Energy and Power Management in HPC

Energy costs of running clusters has always been a consideration when operating an infrastructure for high-performance computing (HPC).  As clusters become larger in the drive to the next levels of computing performance, energy efficiency has emerged as one of the foremost design goals.  Read more…

South Africa CHPC: Home Grown Dynasty

October 22, 2018

Before the build up to the final event in the 2018 Student Cluster Competition season (the SC18 competition in Dallas), I want to take a moment to write about one of the great inspirational stories of these competitions. Read more…

By Dan Olds

Automated Optimization Boosts ResNet50 Performance by 1.77x

October 23, 2018

From supercomputers to cell phones, every system and software device in our digital panoply has a growing number of settings that, if not optimized, constrain  Read more…

By Tiffany Trader

South Africa CHPC: Home Grown Dynasty

October 22, 2018

Before the build up to the final event in the 2018 Student Cluster Competition season (the SC18 competition in Dallas), I want to take a moment to write about o Read more…

By Dan Olds

Penguin Computing Launches Consultancy for Piecing AI Strategies Together

October 18, 2018

AI stands before the HPC industry as a beacon of great expectations, yet market research repeatedly shows that AI adoption is commonly stuck in the talking phas Read more…

By Tiffany Trader

When Water Quality—Not Quantity—Hinders HPC Cooling

October 18, 2018

Attention has been paid to the sheer quantity of water consumed by supercomputers’ cooling towers – and rightly so, as they can require thousands of gallons per minute to cool. But in the background, another factor can emerge, bottlenecking efficiency and raising costs: water quality. Read more…

By Oliver Peckham

Paper Offers ‘Proof’ of Quantum Advantage on Some Problems

October 18, 2018

Is quantum computing worth all the effort being poured into it or should we just wait for classical computing to catch up? An IBM blog today posed those questio Read more…

By John Russell

Dell EMC to Supply U Michigan’s Great Lakes Cluster

October 16, 2018

The University of Michigan (U-M) today announced Dell EMC is the lead vendor for U-M’s $4.8 million Great Lakes HPC cluster scheduled for deployment in first Read more…

By John Russell

Houston to Field Massive, ‘Geophysically Configured’ Cloud Supercomputer

October 11, 2018

Based on some news stories out today, one might get the impression that the next system to crack number one on the Top500 would be an industrial oil and gas mon Read more…

By Tiffany Trader

Nvidia Platform Pushes GPUs into Machine Learning, High Performance Data Analytics

October 10, 2018

GPU leader Nvidia, generally associated with deep learning, autonomous vehicles and other higher-end enterprise and scientific workloads (and gaming, of course) Read more…

By Doug Black

TACC Wins Next NSF-funded Major Supercomputer

July 30, 2018

The Texas Advanced Computing Center (TACC) has won the next NSF-funded big supercomputer beating out rivals including the National Center for Supercomputing Ap Read more…

By John Russell

IBM at Hot Chips: What’s Next for Power

August 23, 2018

With processor, memory and networking technologies all racing to fill in for an ailing Moore’s law, the era of the heterogeneous datacenter is well underway, Read more…

By Tiffany Trader

Requiem for a Phi: Knights Landing Discontinued

July 25, 2018

On Monday, Intel made public its end of life strategy for the Knights Landing "KNL" Phi product set. The announcement makes official what has already been wide Read more…

By Tiffany Trader

CERN Project Sees Orders-of-Magnitude Speedup with AI Approach

August 14, 2018

An award-winning effort at CERN has demonstrated potential to significantly change how the physics based modeling and simulation communities view machine learni Read more…

By Rob Farber

House Passes $1.275B National Quantum Initiative

September 17, 2018

Last Thursday the U.S. House of Representatives passed the National Quantum Initiative Act (NQIA) intended to accelerate quantum computing research and developm Read more…

By John Russell

Summit Supercomputer is Already Making its Mark on Science

September 20, 2018

Summit, now the fastest supercomputer in the world, is quickly making its mark in science – five of the six finalists just announced for the prestigious 2018 Read more…

By John Russell

New Deep Learning Algorithm Solves Rubik’s Cube

July 25, 2018

Solving (and attempting to solve) Rubik’s Cube has delighted millions of puzzle lovers since 1974 when the cube was invented by Hungarian sculptor and archite Read more…

By John Russell

D-Wave Breaks New Ground in Quantum Simulation

July 16, 2018

Last Friday D-Wave scientists and colleagues published work in Science which they say represents the first fulfillment of Richard Feynman’s 1982 notion that Read more…

By John Russell

Leading Solution Providers

HPC on Wall Street 2018 Booth Video Tours Playlist

Arista

Dell EMC

IBM

Intel

RStor

VMWare

TACC’s ‘Frontera’ Supercomputer Expands Horizon for Extreme-Scale Science

August 29, 2018

The National Science Foundation and the Texas Advanced Computing Center announced today that a new system, called Frontera, will overtake Stampede 2 as the fast Read more…

By Tiffany Trader

HPE No. 1, IBM Surges, in ‘Bucking Bronco’ High Performance Server Market

September 27, 2018

Riding healthy U.S. and global economies, strong demand for AI-capable hardware and other tailwind trends, the high performance computing server market jumped 28 percent in the second quarter 2018 to $3.7 billion, up from $2.9 billion for the same period last year, according to industry analyst firm Hyperion Research. Read more…

By Doug Black

Intel Announces Cooper Lake, Advances AI Strategy

August 9, 2018

Intel's chief datacenter exec Navin Shenoy kicked off the company's Data-Centric Innovation Summit Wednesday, the day-long program devoted to Intel's datacenter Read more…

By Tiffany Trader

Germany Celebrates Launch of Two Fastest Supercomputers

September 26, 2018

The new high-performance computer SuperMUC-NG at the Leibniz Supercomputing Center (LRZ) in Garching is the fastest computer in Germany and one of the fastest i Read more…

By Tiffany Trader

MLPerf – Will New Machine Learning Benchmark Help Propel AI Forward?

May 2, 2018

Let the AI benchmarking wars begin. Today, a diverse group from academia and industry – Google, Baidu, Intel, AMD, Harvard, and Stanford among them – releas Read more…

By John Russell

Houston to Field Massive, ‘Geophysically Configured’ Cloud Supercomputer

October 11, 2018

Based on some news stories out today, one might get the impression that the next system to crack number one on the Top500 would be an industrial oil and gas mon Read more…

By Tiffany Trader

Aerodynamic Simulation Reveals Best Position in a Peloton of Cyclists

July 5, 2018

Eindhoven University of Technology (TU/e) and KU Leuven research group conducts the largest numerical simulation ever done in the sport industry and cycling discipline. The goal was to understand the aerodynamic interactions in the peloton, i.e., the main pack of cyclists in a race. Read more…

No Go for GloFo at 7nm; and the Fujitsu A64FX post-K CPU

September 5, 2018

It’s been a news worthy couple of weeks in the semiconductor and HPC industry. There were several HPC relevant disclosures at Hot Chips 2018 to whet appetites Read more…

By Dairsie Latimer

  • arrow
  • Click Here for More Headlines
  • arrow
Do NOT follow this link or you will be banned from the site!
Share This