Your SlideShare is downloading. ×
Ehip4 caring through sharing privacy and-security-technical-aspects riccardo scandariato
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Ehip4 caring through sharing privacy and-security-technical-aspects riccardo scandariato


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Caring through Sharing eHIP: Health Information Platform Security & Privacy Riccardo Scandariato IBBT-DistriNet Problem Architectural solution based on XDS reference model No out-of-the-box security&privacy solution Patient data is the asset to protect Sensitivity of information Laws and regulations K.U.Leuven K.U.Leuven 2
  • 2. Security analysis Business level Analyzing the functionality and how it can be misused Search, View, Upload, Notify Abusing the functionality (out-of-the-box thinking) Adding fake data or removing correct data Exploiting unplanned information paths Abusing privileges EXAMPLE: Hiding errors by overwriting documents K.U.Leuven K.U.Leuven 3 Security analysis Technical level Identify assets in E-HIP architecture Data flow diagram (DFD) Determine threats Spoofing identity Tampering with data Repudiation Information disclosure Denial of service Elevation of privilege EXAMPLE: Tampering with communication K.U.Leuven K.U.Leuven 4
  • 3. Security solution In a nutshell Enforce rules to limit who can access what Centralized for ease of management Per-resource rules Establish identities Decentralized due to scale and admin constraints K.U.Leuven K.U.Leuven 5 Security solution What rules? Analyzed the type of rules Identity Roles and affiliation Data sensitivity XACML Location eXtensible Data origin Access Control Patient history Markup Language Treatment or long-lasting relationship Rule Target Condition Effect Subject Resource Action Environment K.U.Leuven K.U.Leuven 6
  • 4. Security solution Establishing identities Federation of ID providers Providers generates a token Proofs identity SAML Attribute Assertion Attributes of subject subject issuer Security service trusts providers signature timestamp SAML version Security Assertions id Markup Language SAML role Attribute ... Statements K.U.Leuven K.U.Leuven 7 Security Implementation view doc usr/pwd Repository permit ID  provider ok? (SAML) Security  service (XACML) K.U.Leuven K.U.Leuven 8
  • 5. Privacy In a nutshell Avoid linkability of data when communicated across contexts Identifiers must be pseudonymized in cross context communication In some applications process must be reversible Ric is working too hard Ric Ric’s is buying blood count vitamins is low K.U.Leuven K.U.Leuven 9 Privacy Reversible IDs Context‐Specific  study_83547 References Prefix Global ID  0100110011 820908 324 56  K.U.Leuven K.U.Leuven Reversible ID !@#$%^@# *&#$!@ 10
  • 6. Privacy Implementation view doc usr/pwd Anonymizer Repository permit ID  provider ok? Security  service K.U.Leuven K.U.Leuven 11 Credits Successful results come from good teamwork IBBT-DistriNet team Kim Wuyts, Eryk Kulikowski, Kris Verlaenen, Ric IBBT-COSIC team Mina Deng, Claudia Diaz, Danny De Cock K.U.Leuven K.U.Leuven 12