What problem does this paper attempt to address?

### What problems does this paper attempt to solve? This paper aims to solve the problem of security management and sharing of sensitive clinical data (especially human genome data) in modern biomedical research. Specifically, the paper proposes an open - source, self - hosted application named **dabih** to simplify secure data management for non - IT experts. #### Background and Challenges 1. **Security Management of Sensitive Data**: - Biomedical research relies on a large amount of sensitive data, such as genome data, which has high privacy and legal requirements. - Regulations such as the General Data Protection Regulation (GDPR) in the European Union have put forward strict requirements for data processing. - Due to its natural identifiability, genome data requires particularly strict access control and encryption measures. 2. **Limitations of Existing Tools**: - Although there are existing software and algorithms that can achieve secure data management, they are usually difficult for non - IT experts to use. - For example, although the OpenPGP standard is powerful, it requires users to have certain encryption knowledge and is usually only available through command - line tools. - Data owners are usually clinicians and biomedical researchers, who may not have in - depth IT or encryption knowledge. #### Solution: dabih To meet the above challenges, dabih provides a user - friendly encrypted data storage and sharing platform. Its main features include: 1. **Easy - to - Use Web Application**: - Users do not need to install additional software and can operate directly through the browser. - It supports drag - and - drop file upload, download, and sharing, simplifying the user operation process. 2. **Powerful Encryption Mechanism**: - It uses two - stage envelope encryption (envelope encryption), combining symmetric key encryption (AES - 256 - CBC) and public key encryption (RSA - 4096). - The private key is always stored on the user device, ensuring data security. 3. **Fine - grained Access Control**: - Data owners can flexibly grant other users read or write permissions and record all access logs. - It supports key rotation and disaster recovery options. 4. **Integration of Third - Party Authentication Systems**: - It supports the OpenID Connect protocol and allows the integration of multiple identity verification providers, such as Google, GitHub, etc. 5. **Private Key Management in the Form of QR Codes**: - Users can print the private key as a QR code for convenient backup and management. In short, the goal of dabih is to provide a platform that is both secure and easy to use, enabling non - IT experts to easily manage sensitive data while ensuring data security and privacy.