Privacy and security in large-scale distributed systems.
This group studies issues related to securing large-scale distributed systems, with an emphasis on protecting privacy and managing trust. How can we implement and enforce policies for the exchange and processing of privacy-sensitive information in very large-scale systems?
As part of the Dutch project COMMIT, we are involved in the architectural design of a security system intended to protect privacy-sensitive (medical) data in Grid and cloud environments. Applications may run in only partially trusted virtual machines on only partially trusted infrastructure. The questions raised in this project may be relevant for many situations where data needs to be protected and systems need to be secured, for economic or legal reasons. This research takes place in collaboration with biomedical researchers at the Academic Medical Center and extends on work from a previous project, the Virtual Laboratory for e-Science.
Members of the group have also been involved with analysing existing systems for processing clinical data, including the Dutch Electronic Patient Record (EPD) system, as well as with assessments of the security of other real-life systems. Data anonymity and re-identifyability are other topics of interest in the group.