Skip to main content

Advertisement

SpringerLink
Log in

Providing Integrity, Authenticity, and Confidentiality for Header and Pixel Data of DICOM Images

  • Published:
Journal of Digital Imaging Aims and scope Submit manuscript

Abstract

Exchange of medical images over public networks is subjected to different types of security threats. This has triggered persisting demands for secured telemedicine implementations that will provide confidentiality, authenticity, and integrity for the transmitted images. The medical image exchange standard (DICOM) offers mechanisms to provide confidentiality for the header data of the image but not for the pixel data. On the other hand, it offers mechanisms to achieve authenticity and integrity for the pixel data but not for the header data. In this paper, we propose a crypto-based algorithm that provides confidentially, authenticity, and integrity for the pixel data, as well as for the header data. This is achieved by applying strong cryptographic primitives utilizing internally generated security data, such as encryption keys, hashing codes, and digital signatures. The security data are generated internally from the header and the pixel data, thus a strong bond is established between the DICOM data and the corresponding security data. The proposed algorithm has been evaluated extensively using DICOM images of different modalities. Simulation experiments show that confidentiality, authenticity, and integrity have been achieved as reflected by the results we obtained for normalized correlation, entropy, PSNR, histogram analysis, and robustness.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Raghupathi W, Tan J: Strategic IT applications in health care. Commun ACM 45(12):56–61, 2002

    Article  Google Scholar 

  2. Huang H: PACS—Basic principles and applications. Wiley, New York, 1999, pp 116–119

    Google Scholar 

  3. Ashley R: Telemedicine: Legal, ethical and liability considerations. J Am Diet Assoc 102: no.2, 2002.

  4. The Health Insurance Portability and Accountability Act (HIPAA), March 2009. [Online]. Available at http://www.hhs.gov/ocr/ privacy/index.html

  5. Chao H, Hsu C, Miaou S: A data-hiding technique with authentication, integration, and confidentiality for electronic patient records. IEEE Trans Inf Technol Biomed 6:46–53, 2002

    Article  PubMed  Google Scholar 

  6. Coatrieux G, Maitre H, Sankur B, Rolland Y, Collorec R: Relevance of watermarking in medical imaging. In: Proceedings of the IEEE EMBS Conf. on Information Technology Applications in Biomedicine, Arlington, USA, Nov. 2000, pp. 250–255

  7. Coatrieux G, Lecornu L, Sankur B, Roux Ch: A review of image watermarking applications in healthcare. In: Porc. of IEEE-EMBC Conf., New York, USA, 2006, pp. 4691–4694

  8. Giakoumaki A, Pavlopoulos S, Koutsouris D: Multiple image watermarking applied to health information management. IEEE Trans Inf Technol Biomed 10(4):722–732, 2006

    Article  PubMed  Google Scholar 

  9. Zhou XQ, Huang HK, Lou SL: Authenticity and integrity of digital mammography images. IEEE Trans Med Imaging 20(8):784–791, 2001

    Article  CAS  PubMed  Google Scholar 

  10. Guo X, Zhuang T: Lossless watermarking for verifying the integrity of medical images with tamper localization. J Digit Imaging 22(6):620–628, 2009

    Article  PubMed Central  PubMed  Google Scholar 

  11. Thodi D, Rodríguez J: Expansion embedding techniques for reversible watermarking. IEEE Trans Image Process 16(3):721–730, 2007

    Article  PubMed  Google Scholar 

  12. Celik M, MU G, Sharma A, Tekalp: Lossless watermarking for image authentication: A new framework and an implementation. IEEE Trans Image Process 15(4):1042–1049, 2006

    Article  PubMed  Google Scholar 

  13. Liew S, Zain J: Tamper localization and lossless recovery watermarking scheme with ROI segmentation and multilevel authentication. J Digit Imaging 24:114–125, 2011

    Article  Google Scholar 

  14. Osamah M, Khoo B: Authentication and data hiding using a hybrid ROI-based watermarking scheme for DICOM images. J Digit Imaging 24(1):114–125, 2011

    Article  Google Scholar 

  15. Pianykh O: Digital Imaging and Communications in Medicine (DICOM). Springer, Berlin Heidelberg, 2012

    Book  Google Scholar 

  16. Digital Imaging and Communications in Medicine (DICOM) Standard, DICOM. (2006). [Online]. Available at http://medical.nema.org/dicom/2006/

  17. Digital Imaging and Communications in Medicine (DICOM), part 15: Security profiles ed., National Electrical Manufacturers Association (NEMA), 2001, PS 3.15–2001

  18. Kobayashi L, Furuie S, Barreto P: Providing integrity and authenticity in DICOM images: A novel approach. IEEE Trans Inf Technol Biomed 13(4):582–589, 2009

    Article  PubMed  Google Scholar 

  19. Security and Privacy: An Introduction to HIPAA, Privacy and Security Committee, Medical Imaging Informatics Section, NEMA [Online]. Available at http://medical.nema.org/privacy/privacy.html

  20. Digital Imaging and Communications in Medicine (DICOM) Supplement 55: Attribute Level Confidentiality DICOM Standards Committee, Working Group 14 Security 1300 N. 17th Street, Suite 1847 Rosslyn, Virginia 22209 USA VERSION: Final Text (Draft), 5 Sept. 2002 Security Supplement. Available at http://medical.nema.org/

  21. NEMA Standards Publication, Digital Imaging and Communications in Medicine (DICOM) Supplement 142: Clinical Trial De-Identification Profiles, Version 3, National Electrical Manufacturers Association, Washington, 2008

  22. Bendel and Mike: Hackers describe PS3 security as epic fail, gain unrestricted access. Exophase.com, 2010

  23. Elbirt J: Understanding and Applying Cryptography and Data Security. CRC Press, USA, 2009

    Google Scholar 

  24. Dworki M: Recommendation for block cipher modes of operation: Galois/Counter Mode (GCM) and GMAC. NIST Special Publication, 800-38D, 2007

  25. Gueron and Shay: AES-GCM for efficient authenticated encryption—ending the reign of HMAC-SHA-1? In: Workshop on Real-World Cryptography, Stanford, USA, 2013

  26. Barreto P, Rijmen V, The WHIRLPOOL hashing function [online]. Available at http://planeta.terra.com.br/informatica/paulobarreto/whirlpool.zip. 2003

  27. Caelli W, Dawson E, Rea S: Elliptic curve cryptography, and digital signatures. Comput Secur 18(1):47–66, 1999

    Article  Google Scholar 

  28. Cook D, Ioannidis J, Keromytis A, Luck J: CryptoGraphics: Secret key cryptography using graphics cards. In: Proceedings of the Cryptographers’ Track at the RSA Conference, San Francisco, CA, USA, 2005, pp. 1–18. The paper is published in the series Lecture Notes in Computer Science Volume 3376, 2005, pp 334–350

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering, King Abdullah II Faculty of Engineering, Princess Sumaya University for Technology, Al-Jubeiha, PO Box 1438, Amman, 11941, Jordan

    Ali Al-Haj

Authors
  1. Ali Al-Haj
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ali Al-Haj.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Al-Haj, A. Providing Integrity, Authenticity, and Confidentiality for Header and Pixel Data of DICOM Images. J Digit Imaging 28, 179–187 (2015). https://doi.org/10.1007/s10278-014-9734-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10278-014-9734-8

Keywords

Search

Navigation