Biblio
DNA synthesis has become increasingly common, and many synthetic DNA molecules are licensed intellectual property (IP). DNA samples are shared between academic labs, ordered from DNA synthesis companies and manipulated for a variety of different purposes, mostly to study their properties and improve upon them. However, it is not uncommon for a sample to change hands many times with very little accompanying information and no proof of origin. This poses significant challenges to the original inventor of a DNA molecule, trying to protect her IP rights. More importantly, following the anthrax attacks of 2001, there is an increased urgency to employ microbial forensic technologies to trace and track agent inventories. However, attribution of physical samples is next to impossible with existing technologies. In this paper, we describe our efforts to solve this problem by embedding digital signatures in DNA molecules synthesized in the laboratory. We encounter several challenges that we do not face in the digital world. These challenges arise primarily from the fact that changes to a physical DNA molecule can affect its properties, random mutations can accumulate in DNA samples over time, DNA sequencers can sequence (read) DNA erroneously and DNA sequencing is still relatively expensive (which means that laboratories would prefer not to read and re-read their DNA samples to get error-free sequences). We address these challenges and present a digital signature technology that can be applied to synthetic DNA molecules in living cells.
Fast Health Interoperability Services (FHIR) is the most recent in the line of standards for healthcare resources. FHIR represents different types of medical artifacts as resources and also provides recommendations for their authorized disclosure using web-based protocols including O-Auth and OpenId Connect and also defines security labels. In most cases, Role Based Access Control (RBAC) is used to secure access to FHIR resources. We provide an alternative approach based on Attribute Based Access Control (ABAC) that allows attributes of subjects and objects to take part in authorization decision. Our system allows various stakeholders to define policies governing the release of healthcare data. It also authenticates the end user requesting access. Our system acts as a middle-layer between the end-user and the FHIR server. Our system provides efficient release of individual and batch resources both during normal operations and also during emergencies. We also provide an implementation that demonstrates the feasibility of our approach.