MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients

483 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
483
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients

  1. 1. MediTrust Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients Biljana Cubaleska, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy Ruhr-University Bochum Ammar Alkassar, Christian Stüble Sirrix AG security technologiesMed-e-Tel 2011, The International eHealth, Telemedicine and Health ICT ForumLuxembourg, 6 - 8 April 2011
  2. 2. Simple E-Health Cloud
  3. 3. Advanced E-Health Cloud
  4. 4. Security Problem Areas•  Data Storage and Processing -  Data centers: unauthorized information leakage -  Platform security: vulnerable to malware -  Mobile storage (USB memory sticks)•  Infrastructure Management -  Cryptographic keys, certificates -  Hardware / software components•  Usability and User Experience -  Smartcard PIN (when unconscious?) -  Time consuming
  5. 5. Platform Security (Server) unauthorized access (read/modify)
  6. 6. Platform Security (Client) authorized download unauthorized access (read/modify)
  7. 7. MediTrust: Project Goals•  Secure end-user platform -  Protect medical data from unauthorized access/manipulation -  Secure separation of data of different workflows•  Security infrastructure management -  Secure domains should span over several hardware nodes -  Central and easy management entity•  Usable security solution -  Transparent security protection -  No overhead in the normal workflow
  8. 8. Building Privacy Domains
  9. 9. Technology•  Security infrastructure: Trusted Virtual Domains -  TVD: coalition of trusted execution environments -  Transparent policy enforcement -  Secure communication•  Client platform security: TURAYA.TrustedDesktop -  Security Kernel -  Implements TVD security model on local platforms -  Isolated compartments (virtualization) -  Uses Trusted Computing functionality (TPM)
  10. 10. TVD ArchitectureTVD  B   TVD  A   TVD   TVD   TVD   Proxy  A   Policy Master  A   VM   VM   Proxy  B   Cred Turaya  Security  Kernel   Hardware   Security   Module   Hardware  
  11. 11. TURAYA.TrustedDesktop Main Security Features: • Full hard-disk encryption • Secure networking • Transparent file encryption • Secure graphical user interface
  12. 12. Secure Networking
  13. 13. Transparent File Encryption
  14. 14. Transparent File Encryption
  15. 15. Transparent File Encryption
  16. 16. Transparent File Encryption !  
  17. 17. Conclusion & Outlook•  Security infrastructure to protect sensitive data•  Based on TVDs and TURAYA.TrustedDesktop•  Field study (late 2011) -  20 users (health professionals) - Analysis of effectiveness and usability•  More information online: MediTrust http://www.rubtrust-meditrust.de Marcel Winandy marcel.winandy@trust.rub.de

×