Security middleware infrastructure for medical imaging system integration

With the increasing demand of electronic medical records sharing, it is a challenge for medical imaging service providers to protect the patient privacy and secure their IT infrastructure in an integrated environment. In this paper, we present a novel security middleware infrastructure for seamlessly and securely linking legacy medical imaging systems, diagnostic imaging web applications as well as mobile applications. Software agent such as user agent and security agent have been integrated into medical imaging domains that can be trained to perform tasks. The proposed security middleware utilizes both online security technologies such as authentication, authorization and accounting, and post security procedures to discover system security vulnerability. By integrating with the proposed security middleware, both legacy system users and Internet users can be uniformly identified and authenticated; access to patient diagnostic images can be controlled based on patient´s consent directives and other access control polices defined at a central point; relevant user access activities can be audited at a central repository; user access behaviour patterns are mined to refine existing security policies. A case study is presented based on the proposed infrastructure.