SlideShare a Scribd company logo

Protecting Personal Data in a IoT Network with UMA

D
Domenico Catalano

Protecting Personal Data in a IoT Network with UMA: a patient-centric use case

Healthcare
1 of 31
Download to read offline
Protecting Personal Data in an IoT Network with UMA A Patient Centric use case Domenico Catalano, Oracle Italy Maciej Machulak, Cloud Identity Limited Kantara Initiative Workshop 3rd Nov. 2014 - Dublin 1
Agenda Personal Data in an IoT Network Risks and Challenges about Personal Data UMA Approach and Use case Conclusion Q&A 2
3 With more than seven billion people and businesses, and at least 35 billion devices, communicating, transacting, and even negotiating with each other, a new world comes into being: The World of Digital Business
Nike’s Digital Master 4 Nike’s Fuelband allows athletes to track their workouts, share their performance online, and even receive an advice from digital “coaches”. Meanwhile both social media and digital products provide Nike with rich data on customers, their activities, and their preferences.
Risks about Personal Data “ 5 Individual Organization Fully 78% of consumers think it is hard to trust companies when it comes to use of their personal data.” Orange, The Future of Digital Trust, 2014 Individuals have little visibility into the practices of the organizations they are putting their trust in – until their data is breached or misused.
Challenges to Mitigate Risks Unlocking the value of Personal Data: From Collection to Usage New approaches for decentralized and distributed network environment. Who has data about you? Where is the data about you located? 6 Protection and Security Accountability Right and Responsibility for using Personal Data New approaches that help individuals understand how and when data is collected. How the data is being used and the implications of these actions. Empower individual more effectively and efficiently. Context Aware Source:World Economic Forum 2013 Report: Unlocking the Value of Personal Data: From Collection to Usage
Personal Data Management Services A mapping of Market Source: Word Economic Forum Report (2014): Rethinking Personal Data: A new lens for Strengthening Trust 7
User-Managed Access (UMA) Concept and Terminology 8 UMA defines how to: Protect resources Authorize access Enforce policy A centralized Authorization Server governs access based on Individual Policy.
Ubiquitous Networking of IoT 9 TV PC PDA Home Electronics Vehicle Sensors Camera Smart Card RFIDtag Telematics Navigation Device Home Server Gateway Medical Device Mobile Device Wearable PC Data, Resource, Web/Application Server, Content Object-to-Object Communication Human-to-Human Communication Internet Human-to-Object Communication Human with Attached Device Objects Source: Shaping Future Service Environments with the Cloud and Internet of Things: Networking Challenges and Service Evolution
A simplified IoT Taxonomy Dumb Thing Intelligence Thing Smart Thing 10 Intelligence Web-based Service Context-awareness End-to-End connectivity Data handling and processing capabilities Real-time identification and tracking of object Network capability Context-aware Connecting to anything Tag-based
UMA for IoT Network 11 Smart IoT Network Intelligence Thing Thing Dumb Thing
UMA for IoT Network A patient-centric use case 12
Patient-Centric Use case Actors and Roles Intelligence Thing Smart Thing 13 Patient Doctor Electronic Stethoscope Client Client EHR RS Patient Monitor RFIDtag
Patient-Centric Use case Security Domains and Goals 14 Doctor’s Security Domain Patient’s Security Domain Hospital’s Security Domain Heartbeats data Control and authorize data sharing EHR Resource Owner Resource Owner Requesting Party Prevent unauthorized object connection
Patient-Centric scenario UMA Features Resource Protection Authorization Patient Consent 15
Resource Protection UMA Dynamic Registration IoT Network Electronic Stethoscope UMA Personal Authorization Server Secret Patient Monitor RFIDtag OAuth 2.0 Dynamic Client Registration Protocol 16 Day Hospital Request Patient Registration Department Doctor’s team sw_stmt
UMA as Authorization Mechanism for IoT 17
Authorization Flow Authentication and Authorization in Constrained Environment (ACE) 18 Resource Server Intelligence Thing UMA Authorization Server AuthN Manager Authentication and Authorization http://tools.ietf.org/pdf/draft-gerdes-ace-actors-01.pdf Policy Department Doctor’s team Doctor Patient
Authorization Flow Revealing Electronic Stethoscope Pairing with Electronic Stethoscope Authorization Requested… 19
Authorization Flow Authentication and Authorization National Healthcare System Authentication Process Fingerprint 20
Creating a Protected Resource Patient’s Data Association Electronic Stethoscope Data Uploading 21
New Protected Resource Patient Notification Personal UMA AS Heartbeat data added as protected resource View Close 22 Patient
EHR Client Access and Patient Consent UMA Flow Protect with PAT 23 Heartbeats data PAT: Permission Access Token AAT: Authorization Access Token RPT: Requesting Party Token Patient Resource Owner Authorization Server Authorization API EHR System UMA Client Protection API manage Consent PAT Access RPT AAT with RPT Client redirects the Requesting Party to AS Patient Monitor Requesting Party IdP/Claim Provider Claim Client Authenticate Request UserInfo EHR: Electronic Healthcare Record RS
Patient-Centric Platform Healthcare Patient Platform My Team My Day My Health Data Add more 12.00 Lunch 24 Main Doctor Dr. Alan Smith Cardiologists Dr. Peter Doole Radiologist Dr. Alice Gale Hematologist 8.00-9.00 Cardio Therapy About Me Heartbeats X-Ray Electro Cardio Graph Mrs. Mary Davidson, 72 Chat with a doctor Ask Share my data Who has data about me My Consent
Patient-Centric Platform < Back Who has data about me: X-ray 25 Healthcare Patient Platform Research X-Ray Medical Doctor Radiology Departiment Diagnostic research Biomedical Saint James Hospital X-RAY Specialists X-Ray Operators Peter Doole LifeScience Hospital Healthdata Alice Gale Hospitals
Advantages of UMA Approach Applicable to constrained resources, different nature of things, data and owners. 26 Designed for centralising the Authorization process for distributed resources. Developed to meet the Privacy By Design principles.
UMA for Patient-Centric Scenario Benefits • Improve Patient-centric Experience. • Prevent medical errors through authorization processes. • Empower Patients on controlling their Personal data (healthcare data). 27
Future Works • Inheriting Data sharing policy • Delegation with Notification 28
In the News https://kantarainitiative.org/uma-takes-home-award-from-eic-2014/ 29
Acknowledgements • Eve Maler (Chair UMA WG), Adrian Gropper (Hearthurl), George Fletcher (AOL) • UMA Work Group • User-Managed Access (UMA) Core Protocol • OAuth 2.0 Dynamic Client Registration Protocol • Securing Internet of Things • Actors in the ACE Architecture • Rethinking Personal Data: A New Lens for Strengthening Trust 30 References
Questions? Thank you @UMAWG tinyurl.com/umawg |tinyurl.com/umafaq 31

Recommended

Uma sec council_june_22_v4
Uma sec council_june_22_v4Uma sec council_june_22_v4
Uma sec council_june_22_v4
Domenico Catalano
 
User-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management PlatformUser-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management Platform
Domenico Catalano
 
Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMA Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMA
kantarainitiative
 
UMA as Authorization mechanism for IoT: a healthcare scenario
UMA as Authorization mechanism for IoT: a healthcare scenarioUMA as Authorization mechanism for IoT: a healthcare scenario
UMA as Authorization mechanism for IoT: a healthcare scenario
Domenico Catalano
 
11 ways blockchain can improve the healthcare industry
11 ways blockchain can improve the healthcare industry11 ways blockchain can improve the healthcare industry
11 ways blockchain can improve the healthcare industry
JohnsMike1
 
Blockchain in Healthcare: An Overview
Blockchain in Healthcare: An OverviewBlockchain in Healthcare: An Overview
Blockchain in Healthcare: An Overview
Debut Infotech
 
How blockchain is revolutionising healthcare industry’s challenges of genomic...
How blockchain is revolutionising healthcare industry’s challenges of genomic...How blockchain is revolutionising healthcare industry’s challenges of genomic...
How blockchain is revolutionising healthcare industry’s challenges of genomic...
Tyrone Systems
 
Developing a Healthcare Blockchain Solution
Developing a Healthcare Blockchain SolutionDeveloping a Healthcare Blockchain Solution
Developing a Healthcare Blockchain Solution
LeewayHertz
 

Recommended

Uma sec council_june_22_v4
Uma sec council_june_22_v4Uma sec council_june_22_v4
Uma sec council_june_22_v4
Domenico Catalano
 
User-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management PlatformUser-Access Manager: Key to Life Management Platform
User-Access Manager: Key to Life Management Platform
Domenico Catalano
 
Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMA Protecting Personal Data in a IoT Network with UMA
Protecting Personal Data in a IoT Network with UMA
kantarainitiative
 
UMA as Authorization mechanism for IoT: a healthcare scenario
UMA as Authorization mechanism for IoT: a healthcare scenarioUMA as Authorization mechanism for IoT: a healthcare scenario
UMA as Authorization mechanism for IoT: a healthcare scenario
Domenico Catalano
 
11 ways blockchain can improve the healthcare industry
11 ways blockchain can improve the healthcare industry11 ways blockchain can improve the healthcare industry
11 ways blockchain can improve the healthcare industry
JohnsMike1
 
Blockchain in Healthcare: An Overview
Blockchain in Healthcare: An OverviewBlockchain in Healthcare: An Overview
Blockchain in Healthcare: An Overview
Debut Infotech
 
How blockchain is revolutionising healthcare industry’s challenges of genomic...
How blockchain is revolutionising healthcare industry’s challenges of genomic...How blockchain is revolutionising healthcare industry’s challenges of genomic...
How blockchain is revolutionising healthcare industry’s challenges of genomic...
Tyrone Systems
 
Developing a Healthcare Blockchain Solution
Developing a Healthcare Blockchain SolutionDeveloping a Healthcare Blockchain Solution
Developing a Healthcare Blockchain Solution
LeewayHertz
 
Evaluation and Innovative Solution for Wellstar Health System
Evaluation and Innovative Solution for Wellstar Health SystemEvaluation and Innovative Solution for Wellstar Health System
Evaluation and Innovative Solution for Wellstar Health System
Md Jobair Hossain Faruk
 
Towards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Towards Blockchain-Based Secure Data Management for Remote Patient MonitoringTowards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Towards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Md Jobair Hossain Faruk
 
Role Of Blockchain Technology In Healthcare Sector
Role Of Blockchain Technology In Healthcare SectorRole Of Blockchain Technology In Healthcare Sector
Role Of Blockchain Technology In Healthcare Sector
Techugo
 
Centrifuge Systems Overview
Centrifuge Systems OverviewCentrifuge Systems Overview
Centrifuge Systems Overview
Russ Holmes
 
IRJET - A Survey on Blockchain Technology for Electronic Health Record
IRJET - A Survey on Blockchain Technology for Electronic Health RecordIRJET - A Survey on Blockchain Technology for Electronic Health Record
IRJET - A Survey on Blockchain Technology for Electronic Health Record
IRJET Journal
 
IRJET- Blockchain Technology for Securing Healthcare Records
IRJET- Blockchain Technology for Securing Healthcare RecordsIRJET- Blockchain Technology for Securing Healthcare Records
IRJET- Blockchain Technology for Securing Healthcare Records
IRJET Journal
 
IRJET- Electronic Health Records
IRJET- Electronic Health RecordsIRJET- Electronic Health Records
IRJET- Electronic Health Records
IRJET Journal
 
Speeding up Healthcare Application with HTTP/2
Speeding up Healthcare Application with HTTP/2Speeding up Healthcare Application with HTTP/2
Speeding up Healthcare Application with HTTP/2
CitiusTech
 
Exploring the Possibilities of Blockchain in Healthcare
Exploring the Possibilities of Blockchain in HealthcareExploring the Possibilities of Blockchain in Healthcare
Exploring the Possibilities of Blockchain in Healthcare
Ionixx Technologies Inc.
 
HCAD_600_Paper1_Amer
HCAD_600_Paper1_AmerHCAD_600_Paper1_Amer
HCAD_600_Paper1_Amer
Amer Nazar
 
Centrifuge Systems Overview 2 14
Centrifuge Systems Overview 2 14Centrifuge Systems Overview 2 14
Centrifuge Systems Overview 2 14
Russ Holmes
 
The state of uma 2014 11-03
The state of uma 2014 11-03The state of uma 2014 11-03
The state of uma 2014 11-03
kantarainitiative
 
CB insights: How Blockchain Technology Could Disrupt Healthcare
CB insights: How Blockchain Technology Could Disrupt HealthcareCB insights: How Blockchain Technology Could Disrupt Healthcare
CB insights: How Blockchain Technology Could Disrupt Healthcare
Levi Shapiro
 
Iaetsd cplm cloud facilitated privacy shielding leakage
Iaetsd cplm cloud facilitated privacy shielding leakageIaetsd cplm cloud facilitated privacy shielding leakage
Iaetsd cplm cloud facilitated privacy shielding leakage
Iaetsd Iaetsd
 
Blockchain for medical records
Blockchain for medical recordsBlockchain for medical records
Blockchain for medical records
Celine George
 
Accenture-Informed-Consent-Data-Motion
Accenture-Informed-Consent-Data-MotionAccenture-Informed-Consent-Data-Motion
Accenture-Informed-Consent-Data-Motion
Steven Tiell
 
Knowing me, knowing you, knowing your disease
Knowing me, knowing you, knowing your diseaseKnowing me, knowing you, knowing your disease
Knowing me, knowing you, knowing your disease
eHealth Forum
 
Personal Health Record over Encrypted Data Using Cloud Service
Personal Health Record over Encrypted Data Using Cloud ServicePersonal Health Record over Encrypted Data Using Cloud Service
Personal Health Record over Encrypted Data Using Cloud Service
YogeshIJTSRD
 
Personal Data Privacy Semantics in Multi-Agent Systems Interactions
Personal Data Privacy Semantics in Multi-Agent Systems InteractionsPersonal Data Privacy Semantics in Multi-Agent Systems Interactions
Personal Data Privacy Semantics in Multi-Agent Systems Interactions
Jean-Paul Calbimonte
 
AI Underwriting Case Study for Life Insurance company
AI Underwriting Case Study for Life Insurance company AI Underwriting Case Study for Life Insurance company
AI Underwriting Case Study for Life Insurance company
Artivatic.ai
 
EHLP - July 2015 pg 6-8
EHLP - July 2015 pg 6-8EHLP - July 2015 pg 6-8
EHLP - July 2015 pg 6-8
Caroline Rivett
 
Internet of things & healthcare
Internet of things & healthcareInternet of things & healthcare
Internet of things & healthcare
khalidhassan105
 

More Related Content

What's hot

Speeding up Healthcare Application with HTTP/2
Speeding up Healthcare Application with HTTP/2Speeding up Healthcare Application with HTTP/2
Speeding up Healthcare Application with HTTP/2
CitiusTech
 
HCAD_600_Paper1_Amer
HCAD_600_Paper1_AmerHCAD_600_Paper1_Amer
HCAD_600_Paper1_Amer
Amer Nazar
 
Iaetsd cplm cloud facilitated privacy shielding leakage
Iaetsd cplm cloud facilitated privacy shielding leakageIaetsd cplm cloud facilitated privacy shielding leakage
Iaetsd cplm cloud facilitated privacy shielding leakage
Iaetsd Iaetsd
 
Accenture-Informed-Consent-Data-Motion
Accenture-Informed-Consent-Data-MotionAccenture-Informed-Consent-Data-Motion
Accenture-Informed-Consent-Data-Motion
Steven Tiell
 
Personal Health Record over Encrypted Data Using Cloud Service
Personal Health Record over Encrypted Data Using Cloud ServicePersonal Health Record over Encrypted Data Using Cloud Service
Personal Health Record over Encrypted Data Using Cloud Service
YogeshIJTSRD
 

What's hot (20)

Evaluation and Innovative Solution for Wellstar Health System
Evaluation and Innovative Solution for Wellstar Health SystemEvaluation and Innovative Solution for Wellstar Health System
Evaluation and Innovative Solution for Wellstar Health System
 
Towards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Towards Blockchain-Based Secure Data Management for Remote Patient MonitoringTowards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Towards Blockchain-Based Secure Data Management for Remote Patient Monitoring
 
Role Of Blockchain Technology In Healthcare Sector
Role Of Blockchain Technology In Healthcare SectorRole Of Blockchain Technology In Healthcare Sector
Role Of Blockchain Technology In Healthcare Sector
 
Centrifuge Systems Overview
Centrifuge Systems OverviewCentrifuge Systems Overview
Centrifuge Systems Overview
 
IRJET - A Survey on Blockchain Technology for Electronic Health Record
IRJET - A Survey on Blockchain Technology for Electronic Health RecordIRJET - A Survey on Blockchain Technology for Electronic Health Record
IRJET - A Survey on Blockchain Technology for Electronic Health Record
 
IRJET- Blockchain Technology for Securing Healthcare Records
IRJET- Blockchain Technology for Securing Healthcare RecordsIRJET- Blockchain Technology for Securing Healthcare Records
IRJET- Blockchain Technology for Securing Healthcare Records
 
IRJET- Electronic Health Records
IRJET- Electronic Health RecordsIRJET- Electronic Health Records
IRJET- Electronic Health Records
 
Speeding up Healthcare Application with HTTP/2
Speeding up Healthcare Application with HTTP/2Speeding up Healthcare Application with HTTP/2
Speeding up Healthcare Application with HTTP/2
 
Exploring the Possibilities of Blockchain in Healthcare
Exploring the Possibilities of Blockchain in HealthcareExploring the Possibilities of Blockchain in Healthcare
Exploring the Possibilities of Blockchain in Healthcare
 
HCAD_600_Paper1_Amer
HCAD_600_Paper1_AmerHCAD_600_Paper1_Amer
HCAD_600_Paper1_Amer
 
Centrifuge Systems Overview 2 14
Centrifuge Systems Overview 2 14Centrifuge Systems Overview 2 14
Centrifuge Systems Overview 2 14
 
The state of uma 2014 11-03
The state of uma 2014 11-03The state of uma 2014 11-03
The state of uma 2014 11-03
 
CB insights: How Blockchain Technology Could Disrupt Healthcare
CB insights: How Blockchain Technology Could Disrupt HealthcareCB insights: How Blockchain Technology Could Disrupt Healthcare
CB insights: How Blockchain Technology Could Disrupt Healthcare
 
Iaetsd cplm cloud facilitated privacy shielding leakage
Iaetsd cplm cloud facilitated privacy shielding leakageIaetsd cplm cloud facilitated privacy shielding leakage
Iaetsd cplm cloud facilitated privacy shielding leakage
 
Blockchain for medical records
Blockchain for medical recordsBlockchain for medical records
Blockchain for medical records
 
Accenture-Informed-Consent-Data-Motion
Accenture-Informed-Consent-Data-MotionAccenture-Informed-Consent-Data-Motion
Accenture-Informed-Consent-Data-Motion
 
Knowing me, knowing you, knowing your disease
Knowing me, knowing you, knowing your diseaseKnowing me, knowing you, knowing your disease
Knowing me, knowing you, knowing your disease
 
Personal Health Record over Encrypted Data Using Cloud Service
Personal Health Record over Encrypted Data Using Cloud ServicePersonal Health Record over Encrypted Data Using Cloud Service
Personal Health Record over Encrypted Data Using Cloud Service
 
Personal Data Privacy Semantics in Multi-Agent Systems Interactions
Personal Data Privacy Semantics in Multi-Agent Systems InteractionsPersonal Data Privacy Semantics in Multi-Agent Systems Interactions
Personal Data Privacy Semantics in Multi-Agent Systems Interactions
 
AI Underwriting Case Study for Life Insurance company
AI Underwriting Case Study for Life Insurance company AI Underwriting Case Study for Life Insurance company
AI Underwriting Case Study for Life Insurance company
 

Similar to Protecting Personal Data in a IoT Network with UMA

Cloud assisted privacy preserving and data integrity for mobile health monito...
Cloud assisted privacy preserving and data integrity for mobile health monito...Cloud assisted privacy preserving and data integrity for mobile health monito...
Cloud assisted privacy preserving and data integrity for mobile health monito...
eSAT Journals
 
Cloud Based Services and their Security Evaluation in the Hospitals
Cloud Based Services and their Security Evaluation in the HospitalsCloud Based Services and their Security Evaluation in the Hospitals
Cloud Based Services and their Security Evaluation in the Hospitals
ijtsrd
 
1-78-blockchainandhealthitalgorithmsprivacydata_whitepaper
1-78-blockchainandhealthitalgorithmsprivacydata_whitepaper1-78-blockchainandhealthitalgorithmsprivacydata_whitepaper
1-78-blockchainandhealthitalgorithmsprivacydata_whitepaper
Raúl van Riezen
 
Health Information Technology Implementation Challenges and Responsive Soluti...
Health Information Technology Implementation Challenges and Responsive Soluti...Health Information Technology Implementation Challenges and Responsive Soluti...
Health Information Technology Implementation Challenges and Responsive Soluti...
International Journal of Modern Research in Engineering and Technology
 

Similar to Protecting Personal Data in a IoT Network with UMA (20)

EHLP - July 2015 pg 6-8
EHLP - July 2015 pg 6-8EHLP - July 2015 pg 6-8
EHLP - July 2015 pg 6-8
 
Internet of things & healthcare
Internet of things & healthcareInternet of things & healthcare
Internet of things & healthcare
 
Cloud assisted privacy preserving and data integrity for mobile health monito...
Cloud assisted privacy preserving and data integrity for mobile health monito...Cloud assisted privacy preserving and data integrity for mobile health monito...
Cloud assisted privacy preserving and data integrity for mobile health monito...
 
Cloud Based Services and their Security Evaluation in the Hospitals
Cloud Based Services and their Security Evaluation in the HospitalsCloud Based Services and their Security Evaluation in the Hospitals
Cloud Based Services and their Security Evaluation in the Hospitals
 
E-Health Care Cloud Solution
E-Health Care Cloud SolutionE-Health Care Cloud Solution
E-Health Care Cloud Solution
 
Securing the digital front door
Securing the digital front doorSecuring the digital front door
Securing the digital front door
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by Design
 
DIGITAL HEALTH: DATA PRIVACY AND SECURITY WITH CLOUD COMPUTING
DIGITAL HEALTH: DATA PRIVACY AND SECURITY WITH CLOUD COMPUTING DIGITAL HEALTH: DATA PRIVACY AND SECURITY WITH CLOUD COMPUTING
DIGITAL HEALTH: DATA PRIVACY AND SECURITY WITH CLOUD COMPUTING
 
The Internet Of Things UOP
The Internet Of Things UOPThe Internet Of Things UOP
The Internet Of Things UOP
 
Securing Data with Block chain and AI ppt
Securing Data with Block chain and AI pptSecuring Data with Block chain and AI ppt
Securing Data with Block chain and AI ppt
 
Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.
Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.
Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.
 
Towards a fair (My)Data economy
Towards a fair (My)Data economyTowards a fair (My)Data economy
Towards a fair (My)Data economy
 
The Delivery of Web Mining in Healthcare System on Cloud Computing
The Delivery of Web Mining in Healthcare System on Cloud ComputingThe Delivery of Web Mining in Healthcare System on Cloud Computing
The Delivery of Web Mining in Healthcare System on Cloud Computing
 
The Use of AI and Blockchain in Connected Medical Devices
The Use of AI and Blockchain in Connected Medical DevicesThe Use of AI and Blockchain in Connected Medical Devices
The Use of AI and Blockchain in Connected Medical Devices
 
1-78-blockchainandhealthitalgorithmsprivacydata_whitepaper
1-78-blockchainandhealthitalgorithmsprivacydata_whitepaper1-78-blockchainandhealthitalgorithmsprivacydata_whitepaper
1-78-blockchainandhealthitalgorithmsprivacydata_whitepaper
 
MEDBLOCK
MEDBLOCKMEDBLOCK
MEDBLOCK
 
IoT tietoturva terveydenhuollossa, 2017-03-21, gko
IoT tietoturva terveydenhuollossa, 2017-03-21, gkoIoT tietoturva terveydenhuollossa, 2017-03-21, gko
IoT tietoturva terveydenhuollossa, 2017-03-21, gko
 
Terminology guide for digital health in 2021
Terminology guide for digital health in 2021Terminology guide for digital health in 2021
Terminology guide for digital health in 2021
 
Webinar digitally transforming healthcare with blockchain
Webinar digitally transforming healthcare with blockchainWebinar digitally transforming healthcare with blockchain
Webinar digitally transforming healthcare with blockchain
 
Health Information Technology Implementation Challenges and Responsive Soluti...
Health Information Technology Implementation Challenges and Responsive Soluti...Health Information Technology Implementation Challenges and Responsive Soluti...
Health Information Technology Implementation Challenges and Responsive Soluti...
 

Recently uploaded

Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service Available
Dipal Arora
 
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...
indiancallgirl4rent
 
9316020077📞Goa Call Girls Numbers, Call Girls Whatsapp Numbers Goa
9316020077📞Goa Call Girls Numbers, Call Girls Whatsapp Numbers Goa9316020077📞Goa Call Girls Numbers, Call Girls Whatsapp Numbers Goa
9316020077📞Goa Call Girls Numbers, Call Girls Whatsapp Numbers Goa
russian goa call girl and escorts service
 
Hubli Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Hubli Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetHubli Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Hubli Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Call Girls Service
 
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetSambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Call Girls Service
 
Call Now ☎ 9999965857 !! Call Girls in Hauz Khas Escort Service Delhi N.C.R.
Call Now ☎ 9999965857 !! Call Girls in Hauz Khas Escort Service Delhi N.C.R.Call Now ☎ 9999965857 !! Call Girls in Hauz Khas Escort Service Delhi N.C.R.
Call Now ☎ 9999965857 !! Call Girls in Hauz Khas Escort Service Delhi N.C.R.
ktanvi103
 
Ernakulam Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Ernakulam Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetErnakulam Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Ernakulam Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Call Girls Chandigarh
 
dhanbad Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
dhanbad Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meetdhanbad Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
dhanbad Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Call Girls Service
 
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Me
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near MeVIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Me
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Me
mriyagarg453
 
(Deeksha) 💓 9920725232 💓High Profile Call Girls Navi Mumbai You Can Get The S...
(Deeksha) 💓 9920725232 💓High Profile Call Girls Navi Mumbai You Can Get The S...(Deeksha) 💓 9920725232 💓High Profile Call Girls Navi Mumbai You Can Get The S...
(Deeksha) 💓 9920725232 💓High Profile Call Girls Navi Mumbai You Can Get The S...
Ahmedabad Call Girls
 
Call Girls Service Faridabad 📲 9999965857 ヅ10k NiGhT Call Girls In Faridabad
Call Girls Service Faridabad 📲 9999965857 ヅ10k NiGhT Call Girls In FaridabadCall Girls Service Faridabad 📲 9999965857 ヅ10k NiGhT Call Girls In Faridabad
Call Girls Service Faridabad 📲 9999965857 ヅ10k NiGhT Call Girls In Faridabad
gragmanisha42
 
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real MeetChandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
priyashah722354
 
(Ajay) Call Girls in Dehradun- 8854095900 Escorts Service 50% Off with Cash O...
(Ajay) Call Girls in Dehradun- 8854095900 Escorts Service 50% Off with Cash O...(Ajay) Call Girls in Dehradun- 8854095900 Escorts Service 50% Off with Cash O...
(Ajay) Call Girls in Dehradun- 8854095900 Escorts Service 50% Off with Cash O...
indiancallgirl4rent
 
Call Girls Patiala Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Patiala Just Call 8250077686 Top Class Call Girl Service AvailableCall Girls Patiala Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Patiala Just Call 8250077686 Top Class Call Girl Service Available
Dipal Arora
 
VIP Call Girl DLF Phase 2 Gurgaon (Noida) Just Meet Me@ 9711199012
VIP Call Girl DLF Phase 2 Gurgaon (Noida) Just Meet Me@ 9711199012VIP Call Girl DLF Phase 2 Gurgaon (Noida) Just Meet Me@ 9711199012
VIP Call Girl DLF Phase 2 Gurgaon (Noida) Just Meet Me@ 9711199012
adityaroy0215
 
VIP Call Girl Sector 88 Gurgaon Delhi Just Call Me 9899900591
VIP Call Girl Sector 88 Gurgaon Delhi Just Call Me 9899900591VIP Call Girl Sector 88 Gurgaon Delhi Just Call Me 9899900591
VIP Call Girl Sector 88 Gurgaon Delhi Just Call Me 9899900591
adityaroy0215
 

Recently uploaded (20)

Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 9907093804 Top Class Call Girl Service Available
 
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...
 
9316020077📞Goa Call Girls Numbers, Call Girls Whatsapp Numbers Goa
9316020077📞Goa Call Girls Numbers, Call Girls Whatsapp Numbers Goa9316020077📞Goa Call Girls Numbers, Call Girls Whatsapp Numbers Goa
9316020077📞Goa Call Girls Numbers, Call Girls Whatsapp Numbers Goa
 
Hubli Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Hubli Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetHubli Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Hubli Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
 
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetSambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Sambalpur Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
 
Jaipur Call Girls 9257276172 Call Girl in Jaipur Rajasthan
Jaipur Call Girls 9257276172 Call Girl in Jaipur RajasthanJaipur Call Girls 9257276172 Call Girl in Jaipur Rajasthan
Jaipur Call Girls 9257276172 Call Girl in Jaipur Rajasthan
 
Call Now ☎ 9999965857 !! Call Girls in Hauz Khas Escort Service Delhi N.C.R.
Call Now ☎ 9999965857 !! Call Girls in Hauz Khas Escort Service Delhi N.C.R.Call Now ☎ 9999965857 !! Call Girls in Hauz Khas Escort Service Delhi N.C.R.
Call Now ☎ 9999965857 !! Call Girls in Hauz Khas Escort Service Delhi N.C.R.
 
Ernakulam Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Ernakulam Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real MeetErnakulam Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
Ernakulam Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
 
dhanbad Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
dhanbad Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meetdhanbad Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
dhanbad Call Girls 👙 6297143586 👙 Genuine WhatsApp Number for Real Meet
 
Call Girl Raipur 📲 9999965857 whatsapp live cam sex service available
Call Girl Raipur 📲 9999965857 whatsapp live cam sex service availableCall Girl Raipur 📲 9999965857 whatsapp live cam sex service available
Call Girl Raipur 📲 9999965857 whatsapp live cam sex service available
 
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Me
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near MeVIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Me
VIP Call Girls Noida Sia 9711199171 High Class Call Girl Near Me
 
(Deeksha) 💓 9920725232 💓High Profile Call Girls Navi Mumbai You Can Get The S...
(Deeksha) 💓 9920725232 💓High Profile Call Girls Navi Mumbai You Can Get The S...(Deeksha) 💓 9920725232 💓High Profile Call Girls Navi Mumbai You Can Get The S...
(Deeksha) 💓 9920725232 💓High Profile Call Girls Navi Mumbai You Can Get The S...
 
Call Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In Raipur
Call Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In RaipurCall Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In Raipur
Call Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In Raipur
 
Call Girls Service Faridabad 📲 9999965857 ヅ10k NiGhT Call Girls In Faridabad
Call Girls Service Faridabad 📲 9999965857 ヅ10k NiGhT Call Girls In FaridabadCall Girls Service Faridabad 📲 9999965857 ヅ10k NiGhT Call Girls In Faridabad
Call Girls Service Faridabad 📲 9999965857 ヅ10k NiGhT Call Girls In Faridabad
 
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real MeetChandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
Chandigarh Call Girls 👙 7001035870 👙 Genuine WhatsApp Number for Real Meet
 
❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...
❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...
❤️♀️@ Jaipur Call Girls ❤️♀️@ Jaispreet Call Girl Services in Jaipur QRYPCF ...
 
(Ajay) Call Girls in Dehradun- 8854095900 Escorts Service 50% Off with Cash O...
(Ajay) Call Girls in Dehradun- 8854095900 Escorts Service 50% Off with Cash O...(Ajay) Call Girls in Dehradun- 8854095900 Escorts Service 50% Off with Cash O...
(Ajay) Call Girls in Dehradun- 8854095900 Escorts Service 50% Off with Cash O...
 
Call Girls Patiala Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Patiala Just Call 8250077686 Top Class Call Girl Service AvailableCall Girls Patiala Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Patiala Just Call 8250077686 Top Class Call Girl Service Available
 
VIP Call Girl DLF Phase 2 Gurgaon (Noida) Just Meet Me@ 9711199012
VIP Call Girl DLF Phase 2 Gurgaon (Noida) Just Meet Me@ 9711199012VIP Call Girl DLF Phase 2 Gurgaon (Noida) Just Meet Me@ 9711199012
VIP Call Girl DLF Phase 2 Gurgaon (Noida) Just Meet Me@ 9711199012
 
VIP Call Girl Sector 88 Gurgaon Delhi Just Call Me 9899900591
VIP Call Girl Sector 88 Gurgaon Delhi Just Call Me 9899900591VIP Call Girl Sector 88 Gurgaon Delhi Just Call Me 9899900591
VIP Call Girl Sector 88 Gurgaon Delhi Just Call Me 9899900591
 

Protecting Personal Data in a IoT Network with UMA

  • 1. Protecting Personal Data in an IoT Network with UMA A Patient Centric use case Domenico Catalano, Oracle Italy Maciej Machulak, Cloud Identity Limited Kantara Initiative Workshop 3rd Nov. 2014 - Dublin 1
  • 2. Agenda Personal Data in an IoT Network Risks and Challenges about Personal Data UMA Approach and Use case Conclusion Q&A 2
  • 3. 3 With more than seven billion people and businesses, and at least 35 billion devices, communicating, transacting, and even negotiating with each other, a new world comes into being: The World of Digital Business
  • 4. Nike’s Digital Master 4 Nike’s Fuelband allows athletes to track their workouts, share their performance online, and even receive an advice from digital “coaches”. Meanwhile both social media and digital products provide Nike with rich data on customers, their activities, and their preferences.
  • 5. Risks about Personal Data “ 5 Individual Organization Fully 78% of consumers think it is hard to trust companies when it comes to use of their personal data.” Orange, The Future of Digital Trust, 2014 Individuals have little visibility into the practices of the organizations they are putting their trust in – until their data is breached or misused.
  • 6. Challenges to Mitigate Risks Unlocking the value of Personal Data: From Collection to Usage New approaches for decentralized and distributed network environment. Who has data about you? Where is the data about you located? 6 Protection and Security Accountability Right and Responsibility for using Personal Data New approaches that help individuals understand how and when data is collected. How the data is being used and the implications of these actions. Empower individual more effectively and efficiently. Context Aware Source:World Economic Forum 2013 Report: Unlocking the Value of Personal Data: From Collection to Usage
  • 7. Personal Data Management Services A mapping of Market Source: Word Economic Forum Report (2014): Rethinking Personal Data: A new lens for Strengthening Trust 7
  • 8. User-Managed Access (UMA) Concept and Terminology 8 UMA defines how to: Protect resources Authorize access Enforce policy A centralized Authorization Server governs access based on Individual Policy.
  • 9. Ubiquitous Networking of IoT 9 TV PC PDA Home Electronics Vehicle Sensors Camera Smart Card RFIDtag Telematics Navigation Device Home Server Gateway Medical Device Mobile Device Wearable PC Data, Resource, Web/Application Server, Content Object-to-Object Communication Human-to-Human Communication Internet Human-to-Object Communication Human with Attached Device Objects Source: Shaping Future Service Environments with the Cloud and Internet of Things: Networking Challenges and Service Evolution
  • 10. A simplified IoT Taxonomy Dumb Thing Intelligence Thing Smart Thing 10 Intelligence Web-based Service Context-awareness End-to-End connectivity Data handling and processing capabilities Real-time identification and tracking of object Network capability Context-aware Connecting to anything Tag-based
  • 11. UMA for IoT Network 11 Smart IoT Network Intelligence Thing Thing Dumb Thing
  • 12. UMA for IoT Network A patient-centric use case 12
  • 13. Patient-Centric Use case Actors and Roles Intelligence Thing Smart Thing 13 Patient Doctor Electronic Stethoscope Client Client EHR RS Patient Monitor RFIDtag
  • 14. Patient-Centric Use case Security Domains and Goals 14 Doctor’s Security Domain Patient’s Security Domain Hospital’s Security Domain Heartbeats data Control and authorize data sharing EHR Resource Owner Resource Owner Requesting Party Prevent unauthorized object connection
  • 15. Patient-Centric scenario UMA Features Resource Protection Authorization Patient Consent 15
  • 16. Resource Protection UMA Dynamic Registration IoT Network Electronic Stethoscope UMA Personal Authorization Server Secret Patient Monitor RFIDtag OAuth 2.0 Dynamic Client Registration Protocol 16 Day Hospital Request Patient Registration Department Doctor’s team sw_stmt
  • 17. UMA as Authorization Mechanism for IoT 17
  • 18. Authorization Flow Authentication and Authorization in Constrained Environment (ACE) 18 Resource Server Intelligence Thing UMA Authorization Server AuthN Manager Authentication and Authorization http://tools.ietf.org/pdf/draft-gerdes-ace-actors-01.pdf Policy Department Doctor’s team Doctor Patient
  • 19. Authorization Flow Revealing Electronic Stethoscope Pairing with Electronic Stethoscope Authorization Requested… 19
  • 20. Authorization Flow Authentication and Authorization National Healthcare System Authentication Process Fingerprint 20
  • 21. Creating a Protected Resource Patient’s Data Association Electronic Stethoscope Data Uploading 21
  • 22. New Protected Resource Patient Notification Personal UMA AS Heartbeat data added as protected resource View Close 22 Patient
  • 23. EHR Client Access and Patient Consent UMA Flow Protect with PAT 23 Heartbeats data PAT: Permission Access Token AAT: Authorization Access Token RPT: Requesting Party Token Patient Resource Owner Authorization Server Authorization API EHR System UMA Client Protection API manage Consent PAT Access RPT AAT with RPT Client redirects the Requesting Party to AS Patient Monitor Requesting Party IdP/Claim Provider Claim Client Authenticate Request UserInfo EHR: Electronic Healthcare Record RS
  • 24. Patient-Centric Platform Healthcare Patient Platform My Team My Day My Health Data Add more 12.00 Lunch 24 Main Doctor Dr. Alan Smith Cardiologists Dr. Peter Doole Radiologist Dr. Alice Gale Hematologist 8.00-9.00 Cardio Therapy About Me Heartbeats X-Ray Electro Cardio Graph Mrs. Mary Davidson, 72 Chat with a doctor Ask Share my data Who has data about me My Consent
  • 25. Patient-Centric Platform < Back Who has data about me: X-ray 25 Healthcare Patient Platform Research X-Ray Medical Doctor Radiology Departiment Diagnostic research Biomedical Saint James Hospital X-RAY Specialists X-Ray Operators Peter Doole LifeScience Hospital Healthdata Alice Gale Hospitals
  • 26. Advantages of UMA Approach Applicable to constrained resources, different nature of things, data and owners. 26 Designed for centralising the Authorization process for distributed resources. Developed to meet the Privacy By Design principles.
  • 27. UMA for Patient-Centric Scenario Benefits • Improve Patient-centric Experience. • Prevent medical errors through authorization processes. • Empower Patients on controlling their Personal data (healthcare data). 27
  • 28. Future Works • Inheriting Data sharing policy • Delegation with Notification 28
  • 29. In the News https://kantarainitiative.org/uma-takes-home-award-from-eic-2014/ 29
  • 30. Acknowledgements • Eve Maler (Chair UMA WG), Adrian Gropper (Hearthurl), George Fletcher (AOL) • UMA Work Group • User-Managed Access (UMA) Core Protocol • OAuth 2.0 Dynamic Client Registration Protocol • Securing Internet of Things • Actors in the ACE Architecture • Rethinking Personal Data: A New Lens for Strengthening Trust 30 References
  • 31. Questions? Thank you @UMAWG tinyurl.com/umawg |tinyurl.com/umafaq 31