Securing the E-Health Cloud



Similar documents
A Note on the Security in the Card Management System of the German E-Health Card

Uni-directional Trusted Path: Transaction Confirmation on Just One Device

Patterns for Secure Boot and Secure Storage in Computer Systems

AN ENHANCED ATTRIBUTE BASED ENCRYPTION WITH MULTI PARTIES ACCESS IN CLOUD AREA

Security Requirements of a Trusted Virtual Domain (TVD)

Global eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa

A SECURITY ARCHITECTURE FOR ACCESSING HEALTH RECORDS ON MOBILE PHONES

Property Based TPM Virtualization

PRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH

Security Issues in Cloud Computing

Security and Privacy Issues and Requirements for Healthcare Cloud Computing

Hardware Security Modules for Protecting Embedded Systems

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013

The Porticor Virtual Private Data solution includes two or three major components:

Start building a trusted environment now... (before it s too late) IT Decision Makers

Managing Enterprise Devices and Apps using System Center Configuration Manager

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Taking a Data-Centric Approach to Security in the Cloud

EESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper.

Overview. The world's first Telekom enterprise PUblic CLOUD with data security and privacy under German law

Digital Rights Management Demonstrator

Cloud Security Introduction and Overview

John Essner, CISO Office of Information Technology State of New Jersey

Windows Phone 8 Security Overview

BYOzzzz: Focusing on the Unsolved Challenges of Mobility, An Industry Perspective

Using BitLocker As Part Of A Customer Data Protection Program: Part 1

Brainloop Cloud Security

University of Central Florida Class Specification Administrative and Professional. Information Security Officer


Chapter 6: Fundamental Cloud Security

HEC Security & Compliance

涉 密 网 络 中 的 数 据 保 护 技 术

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

How To Secure Cloud Computing

The True Story of Data-At-Rest Encryption & the Cloud

Virginia Government Finance Officers Association Spring Conference May 28, Cloud Security 101

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

Cloud Computing Security Considerations

Security Issues On Cloud Computing

Enterprise Data Protection

REMOTE ASSISTANCE SOLUTIONS Private Server

managing the risks of virtualization

What is the Right Security Solution for Mobile Computing? #RSAC

Purpose. Service Model SaaS (Applications) PaaS (APIs) IaaS (Virtualization) Use Case 1: Public Use Case 2: Use Case 3: Public.

Thales e-security Key Isolation for Enterprises and Managed Service Providers

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc.

Securing the Access to Electronic Health Records on Mobile Phones

Patient Records: Challenges for and Approaches to Safety and Security

Longmai Mobile PKI Solution

Security Model for VM in Cloud

A Secure Autonomous Document Architecture for Enterprise Digital Right Management

UNCLASSIFIED Version 1.0 May 2012

Solutions as a Service N.Konstantinidis Technical Director - MNG

Cloud Computing Security Audit

Securing Cloud Computing by GED-i

Configuring your deployment with

Integrating the Healthcare Enterprise (IHE): Enable Seamless and Secure Access to Health Information. IHE Europe Peter Mildenberger (User Co Chair)

Check Point and Security Best Practices. December 2013 Presented by David Rawle

Course Outline. Managing Enterprise Devices and Apps using System Center Configuration ManagerCourse 20696B: 5 days Instructor Led

Entrust IdentityGuard

Cloud security architecture

Securing Data on Portable Media.

Securing Virtual Applications and Servers

EXIN Cloud Computing Foundation

Cloud Security Fails & How the SDLC could (not?) have prevented them

That Point of Sale is a PoS

Advanced Authentication

Securing the Cloud Infrastructure

Course MS20696A Managing Enterprise Devices and Apps using System Center Configuration Manager

Private Cloud for Every Organization

Transcription:

Securing the E-Health Cloud Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy 1st ACM International Health Informatics Symposium (IHI 2010) Arlington, Virginia, USA, 11-12 November 2010

Introduction Buzzwords of the year: E-Health Cloud Computing

Introduction Put together: E-Health Cloud

Introduction Put together: E-Health Cloud First idea: a paper with both buzzwords (cool!)

Introduction Put together: E-Health Cloud First idea: a paper with both buzzwords (cool!) Seriously: What about security & privacy?

Outline E-Health Cloud Models Security & Privacy Problem Areas Security Architecture for Privacy Domains

Simple E-Health Cloud

Simple E-Health Cloud Examples:...

Simple E-Health Cloud Examples: Patients need to manage complex access rights Patients don t understand security implications... Privacy: server provider can gain access to data in PHRs

Advanced E-Health Cloud

Advanced E-Health Cloud

Advanced E-Health Cloud

Advanced E-Health Cloud

Advanced E-Health Cloud

Advanced E-Health Cloud

Advanced E-Health Cloud

Advanced E-Health Cloud

Advanced E-Health Cloud Healthcare Telematics Boundary

Advanced E-Health Cloud Healthcare Telematics Boundary

Advanced E-Health Cloud Healthcare Telematics Boundary

Advanced E-Health Cloud Healthcare Telematics Boundary

Advanced E-Health Cloud Healthcare Telematics Boundary

Advanced E-Health Cloud Healthcare Telematics Boundary Examples: Europe - Germany, Austria, Netherlands,... Asia - Taiwan,...

Advanced E-Health Cloud Healthcare Telematics Boundary Examples: Europe - Germany, Austria, Netherlands,... Asia - Taiwan,... Huh! Pretty complex. Must be secure, right?

Security Problem Areas Data Storage and Processing Data centers: unauthorized information leakage Platform security: vulnerable to malware Mobile storage (USB memory sticks) Infrastructure Management Cryptographic keys, certificates Hardware / software components Usability and User Experience Smartcard PIN (when unconscious?) Time consuming

Security Problem Areas Data Storage and Processing Data centers: unauthorized information leakage Platform security: vulnerable to malware Mobile storage (USB memory sticks) Infrastructure Management Cryptographic keys, certificates Hardware / software components Usability and User Experience Smartcard PIN (when unconscious?) Time consuming

Platform Security (Server)

Platform Security (Server)

Platform Security (Server)

Platform Security (Server)

Platform Security (Server)

Platform Security (Server)

Platform Security (Client)

Platform Security (Client)

Platform Security (Client)

Platform Security (Client)

Platform Security (Client)

Platform Security (Client)

Privacy Domains

Privacy Domains

Privacy Domains Security Kernel

Privacy Domains Security Kernel

Privacy Domains Security Kernel

Privacy Domains Security Kernel

Privacy Domains Security Kernel

Privacy Domains Trusted Virtual Domain Security Kernel

Privacy Domains Trusted Virtual Domain Security Kernel

Privacy Domains Trusted Virtual Domain Security Kernel

Privacy Domains Trusted Virtual Domain Security Kernel

Privacy Domains Trusted Virtual Domain Security Kernel

Privacy Domains Trusted Virtual Domain Security Kernel

Technology: Trusted Virtual Domains (TVDs) TVD = coalition of virtual machines Isolated compartments Trust relationships Transparent policy enforcement Secure communication Client platform security (based on modern hardware security functionality)

Software Architecture /<%*45%=+5*? 0<5*%<*5-;++*44!"#$!"#12345*%-"#$ 011#23+435&-./ )*+,%*-./0 617*3859- )*%:*% 6123=8-)*%:*%!"#$%&'(!"#$ %&'()*+,&-./ 066*41)+4#3 "#$!6$#1(77435 %'87 9(::$#;7($< %&=)4*&>*4(3+ 011#23+435 )3?!!:4**435! 7#"+;)$( @(A5A<!B.& C)"(3(+ )66*41)+4#3D!"#$%&'(!"#$! 011#23+435&! -./ ;++&,<5=<> )*%:*% A*B4*%:*% )*+,%=5(-C*%<*8!"#12345*%-"#$ %&'()*+,&-./ 73%?@3%*!%,45*? 73%?@3%*

User Interface

Conclusion E-Health Clouds: big security & privacy challenges! TVDs can solve unaddressed issues: Establish privacy domains Extend security to end user platforms Ongoing projects: study usability & deploy technology

Conclusion E-Health Clouds: big security & privacy challenges! TVDs can solve unaddressed issues: Establish privacy domains Extend security to end user platforms Ongoing projects: study usability & deploy technology (EU FP7 funded) MediTrust (National German)

Questions? Contact: Marcel Winandy Ruhr-University Bochum marcel.winandy@trust.rub.de http://www.trust.rub.de

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information