Secure method leverages public cloud storage of images

2013 08 12 11 53 24 72 Portuguese Button 200

For all its potential benefits, public cloud storage isn't currently a great option for archiving of medical images due to security concerns and challenges in managing workflow with existing on-site archives. Portuguese researchers have devised a method that aims to solve those problems.

According to the team led by Tiago Marques Godinho of the University of Aveiro's bioinformatics group, the new model would enable multiple providers to integrate their in-house PACS resources with outsourced archives on public cloud infrastructure. Its vendor-neutral network architecture leverages DICOM router software components to ensure security and provide quick access to images, whether they are stored locally or remotely in a cloud archive.

"This network integrates every asset in the distributed PACS in such a seamless way that physicians can access remote or replicated resources without realizing [which one they are accessing]," Godinho told AuntMinnieEurope.com. "Therefore, the resilience and fault tolerance of the PACS are increased along with the perceived quality of service. Moreover, our method can make use of multiple sources for boosting the retrieval performance of remote resources."

Godinho and colleagues presented their work at the 25th European Medical Informatics Conference (MIE 2014), held earlier this month in Istanbul.

An alluring proposition

Cloud storage represents a financially attractive opportunity for healthcare institutions, particularly small- to medium-sized facilities. It doesn't require maintenance or extensive IT experience, is available via a pay-per-use model, and offers scalability and reliability advantages, he noted.

From a technical standpoint, it's challenging, however, to integrate in-house PACS archives with outsourced cloud storage, mainly due to a lack of features in current technology and the limitations of medical imaging standards. This prevents medical institutions from being able to fully benefit from their current systems.

"For instance, an institution may acquire an infrastructure to replicate their archive, however, the current standard cannot leverage from both sources at the same time," Godinho said. "As a result, no load-balancing techniques may be applied; no benefit in the quality of service is achieved."

Therefore, institutions face the dilemma of wasting their previous investments in storage if they wish to take advantage of the financially attractive proposition of cloud storage. This difficult choice has been a contributing factor for the relatively slow adoption of cloud storage in healthcare, he explained.

"Our solution tackles both these problems by creating a vendor-neutral network to connect multiple PACS infrastructures spread across multiple locations," he said.

Distributed architecture

The group's technique features a distributed PACS architecture based on DICOM router and DICOM bridge router software. Placed at each institution participating in the network, DICOM routers serve as proxies to provide remote calls to standard DICOM query/retrieve and storage services. Meanwhile, the DICOM bridge router manages communication between the DICOM routers and handles security functionality.

','dvPres', 'clsTopBtn', 'true' );" >2014 09 17 09 16 15 747 2014 09 17 Pacs Cloud1 350
Click image to enlarge.
DICOM routers (a) and DICOM bridge router (b) are the key software components in this distributed PACS architecture. All charts courtesy of Tiago Marques Godinho.

To ensure security when utilizing public cloud storage providers, the team developed a file splitting method that can divide DICOM images into "chunks," enabling a portion of each image to be stored in two separate repositories.

"As a result, untrustworthy providers do not have all the necessary information to assemble the image," he said.

The DICOM router employs a cache mechanism to index the DICOM metadata before splitting the image file and discarding unnecessary parts. Along with file splitting, the DICOM router also makes use of compression to optimize both storage space and image transfer performance. When these images are requested by a user, the DICOM router reassembles the images from the chunks.

','dvPres', 'clsTopBtn', 'true' );" >2014 09 17 09 16 14 719 2014 09 17 Pacs Cloud2 350
Click image to enlarge.
Image workflow using multiple image storage repositories.

Initial use

The DICOM router platform has been successfully used to support teleradiology between two affiliated institutions in northern Portugal, Godinho said. Images are acquired at both sites and radiologists review studies generated from either location.

"Therefore, the PACS communication layer has to cope with considerable data-intensive requests," he said. "Along with a larger central archive, each site has its own local archive which acts as a buffer to the central archive. As such, the most recent studies are typically in two or more repositories. This setup deals with an average of 3,600 examinations monthly from three different modalities."

The combined volume of all studies produced at both locations adds up to approximately 60 gigabytes per month. The system runs on a common broadband Internet connection; no dedicated communications infrastructure has been set up between the institutions.

"Since we are talking about small institutions, this represents a great feature which reduces the impact of the infrastructure maintenance in the institutional budget," he said.

Godinho noted that although the performance of the distributed PACS doesn't impose any major constraints on medical practice, some PACS maintenance duties do have to be performed off business hours. To address this issue, the researchers are currently working on a cache mechanism for imaging repositories.

"The idea is to deploy a small cache archive local to each institution in such a way that retrieving studies from this archive would be much faster than from a remote location," he said.

The cache system would feature a modular architecture that could support external plugins, which would be designed to give "intelligence" to the caching system. This cache system, along with another algorithm for caching incomplete DICOM images, is expected to be completed in the near future.

"We are currently modeling a plugin that enables prefetching studies into the cache, even before they are requested by physicians," he said. "It works unattended by analyzing the patterns of physician's requests. As a result, the retrieval of medical image studies from remote locations, such as public cloud providers, will benefit from even better performance since they will likely be already in the local archive. Moreover, these techniques generally are easily acceptable by healthcare professionals as they do not require much IT expertise to work properly."

Page 1 of 1264
Next Page