Data Sharing Review

[Michael Simpson]

On 7/17/08, Richard Clayton <richard@highwayman.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In article <82abd3a70807170229t18c5ed1cybac09e2251ecc2ea@mail.gmail.com>
> , Michael Simpson <mikie.simpson@gmail.com> writes
>
> ><preaching to the choir>
> >
> >Cryptography is the ideal solution where there are trust issues,
>
> erm...  you didn't mean that surely :(
>
> Cryptography is a building block, and one that is often poorly employed
> (and _de_ployed even worse).
>
> The Lampson/Needham quote "Whoever thinks his problem can be solved
> using cryptography, doesn't understand his problem and doesn't
> understand cryptography" has more than a grain of truth to it.
>

trying to use shorthand always gets me in trouble

What i meant was:
Using a well designed RBAC system based on use of secure Cryptographic
algorithms where the initial design has been informed by individuals
or companies with a track record of being able to implement secure
systems would be the solution to the huge trust problem that is
creating electronic able-to-be-shared patient records. This system
should be open to peer-review and tested (and attacked) repeatedly
(for ever) in order to insure that the implementation has not
compromised the security of the underlying "published and thought to
be secure so far" crypto protocol used.

Alice is the patient, bob is the GP, charles is the hospital
consultant and eve is the pharma firm or the health insurance
provider.

Main aim of the system is to not end up in the doghouse list on cryptogram.

I do appreciate that the problem is needing clarified before the
solution can be worked on by significantly greater minds than mine.
I also appreciate that it is significantly easier to destroy the
inherent usefulness of any encryption/decryption system with a poor
implementation then it is to create a good system.

I like using systems that work and have been shown to be secure so
far. I also am an optimist and would like to think that it is possible
to achieve the nirvana like state of having shared records with proper
authentication, authorisation, and non-repudiation/accountability.
>From my repeated reading of Bruce Schneier's work this would seem to
suggest some sort of use of cryptography.



> >we
> >are in a unique position of being able to design systems that are
> >secure and trustworthy from the outset, learning from previous
> >failures.
>
> that sounds better :)
>
> >We should grasp the nettle with both hands.
>
> a mistake in my experience...  a firm grip between finger and thumb flat
> onto the leaf is fairly safe.  Anything less positive (and synchronising
> two hands at once comes into that category) is usually quite painful :(
>

My day involves coming into work and sticking my face into a nice big
patch of nettles that i have by my desk and pulling them up by my
teeth.
My colleague and i judge how each other's day is going by asking "how
is the pain today"
At least after i left the fast burn of A&E and moved into the surreal
parallel universe that is treating Glasgow's heroin problem my hair
has stopped going grey quite as fast as it was and i see more
sunlight.

:-)

Best wishes
Mike