Securing the E-Health Cloud

2,946 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,946
On SlideShare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
Downloads
96
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Securing the E-Health Cloud

  1. 1. Securing the E-Health Cloud Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy 1st ACM International Health Informatics Symposium (IHI 2010) Arlington,Virginia, USA, 11-12 November 2010Freitag, 12. November 2010
  2. 2. Introduction Buzzwords of the year: E-Health Cloud ComputingFreitag, 12. November 2010
  3. 3. Introduction Put together: E-Health CloudFreitag, 12. November 2010
  4. 4. Introduction Put together: E-Health Cloud First idea: a paper with both buzzwords (cool!)Freitag, 12. November 2010
  5. 5. Introduction Put together: E-Health Cloud First idea: a paper with both buzzwords (cool!) Seriously: What about security & privacy?Freitag, 12. November 2010
  6. 6. Outline • E-Health Cloud Models • Security & Privacy Problem Areas • Security Architecture for Privacy DomainsFreitag, 12. November 2010
  7. 7. Simple E-Health CloudFreitag, 12. November 2010
  8. 8. Simple E-Health Cloud Examples: ...Freitag, 12. November 2010
  9. 9. Simple E-Health Cloud Examples: • Patients need to manage complex access rights • Patients don‘t understand security implications ... • Privacy: server provider can gain access to data in PHRsFreitag, 12. November 2010
  10. 10. Advanced E-Health CloudFreitag, 12. November 2010
  11. 11. Advanced E-Health CloudFreitag, 12. November 2010
  12. 12. Advanced E-Health CloudFreitag, 12. November 2010
  13. 13. Advanced E-Health CloudFreitag, 12. November 2010
  14. 14. Advanced E-Health CloudFreitag, 12. November 2010
  15. 15. Advanced E-Health CloudFreitag, 12. November 2010
  16. 16. Advanced E-Health CloudFreitag, 12. November 2010
  17. 17. Advanced E-Health CloudFreitag, 12. November 2010
  18. 18. Advanced E-Health Cloud Healthcare Telematics BoundaryFreitag, 12. November 2010
  19. 19. Advanced E-Health Cloud Healthcare Telematics BoundaryFreitag, 12. November 2010
  20. 20. Advanced E-Health Cloud Healthcare Telematics BoundaryFreitag, 12. November 2010
  21. 21. Advanced E-Health Cloud Healthcare Telematics BoundaryFreitag, 12. November 2010
  22. 22. Advanced E-Health Cloud Healthcare Telematics BoundaryFreitag, 12. November 2010
  23. 23. Advanced E-Health Cloud Examples: • Europe Healthcare - Germany, Austria, Netherlands, ... Telematics Boundary • Asia - Taiwan, ...Freitag, 12. November 2010
  24. 24. Advanced E-Health Cloud Examples: • Europe Healthcare - Germany, Austria, Netherlands, ... Telematics Boundary • Asia - Taiwan, ... Huh! Pretty complex. Must be secure, right?Freitag, 12. November 2010
  25. 25. Security Problem Areas • Data Storage and Processing • Data centers: unauthorized information leakage • Platform security: vulnerable to malware • Mobile storage (USB memory sticks) • Infrastructure Management • Cryptographic keys, certificates • Hardware / software components • Usability and User Experience • Smartcard PIN (when unconscious?) • Time consumingFreitag, 12. November 2010
  26. 26. Security Problem Areas • Data Storage and Processing • Data centers: unauthorized information leakage • Platform security: vulnerable to malware • Mobile storage (USB memory sticks) • Infrastructure Management • Cryptographic keys, certificates • Hardware / software components • Usability and User Experience • Smartcard PIN (when unconscious?) • Time consumingFreitag, 12. November 2010
  27. 27. Platform Security (Server)Freitag, 12. November 2010
  28. 28. Platform Security (Server)Freitag, 12. November 2010
  29. 29. Platform Security (Server)Freitag, 12. November 2010
  30. 30. Platform Security (Server)Freitag, 12. November 2010
  31. 31. Platform Security (Server)Freitag, 12. November 2010
  32. 32. Platform Security (Server)Freitag, 12. November 2010
  33. 33. Platform Security (Client)Freitag, 12. November 2010
  34. 34. Platform Security (Client)Freitag, 12. November 2010
  35. 35. Platform Security (Client)Freitag, 12. November 2010
  36. 36. Platform Security (Client)Freitag, 12. November 2010
  37. 37. Platform Security (Client)Freitag, 12. November 2010
  38. 38. Platform Security (Client)Freitag, 12. November 2010
  39. 39. Privacy DomainsFreitag, 12. November 2010
  40. 40. Privacy DomainsFreitag, 12. November 2010
  41. 41. Privacy Domains Security KernelFreitag, 12. November 2010
  42. 42. Privacy Domains Security KernelFreitag, 12. November 2010
  43. 43. Privacy Domains Security KernelFreitag, 12. November 2010
  44. 44. Privacy Domains Security KernelFreitag, 12. November 2010
  45. 45. Privacy Domains Security KernelFreitag, 12. November 2010
  46. 46. Privacy Domains Trusted Virtual Domain Security KernelFreitag, 12. November 2010
  47. 47. Privacy Domains Trusted Virtual Domain Security KernelFreitag, 12. November 2010
  48. 48. Privacy Domains Trusted Virtual Domain Security KernelFreitag, 12. November 2010
  49. 49. Privacy Domains Trusted Virtual Domain Security KernelFreitag, 12. November 2010
  50. 50. Privacy Domains Trusted Virtual Domain Security KernelFreitag, 12. November 2010
  51. 51. Privacy Domains Trusted Virtual Domain Security KernelFreitag, 12. November 2010
  52. 52. Technology: Trusted Virtual Domains (TVDs) TVD = coalition of virtual machines • Isolated compartments • Trust relationships • Transparent policy enforcement • Secure communication • Clienton modern security security functionality) (based platform hardwareFreitag, 12. November 2010
  53. 53. Software Architecture /<%*45%=+5*? 0<5*%<*5-;++*44 6123=8-)*%:*% !"#$ !"#12345*%-"#$ 011#23+435&-./ 617*3859- )*%:*% )*+,%*-./0 A*B4*%:*% 066*41)+4#3 9(::$#;7($< 011#23+435 ;++&,<5=<> "#$!6$#1(77435 %&=)4*&>*4(3+ )3?!!:4**435! )*%:*% %87 7#"+;)$( @(A5A<!B.& !"#$%&(!"#$ C)"(3(+ !"#$%&(!"#$! )66*41)+4#3D 011#23+435&! %&()*+,&-./ -./ )*+,%=5(-C*%<*8 !"#12345*%-"#$ %&()*+,&-./ !%,45*? 73%?@3%* 73%?@3%*Freitag, 12. November 2010
  54. 54. User InterfaceFreitag, 12. November 2010
  55. 55. Conclusion • E-Health Clouds: big security & privacy challenges! • TVDs can solve unaddressed issues: • Establish privacy domains • Extend security to end user platforms • Ongoing projects: study usability & deploy technologyFreitag, 12. November 2010
  56. 56. Conclusion • E-Health Clouds: big security & privacy challenges! • TVDs can solve unaddressed issues: • Establish privacy domains • Extend security to end user platforms • Ongoing projects: study usability & deploy technology (EU FP7 funded) MediTrust (National German)Freitag, 12. November 2010
  57. 57. Questions? Contact: Marcel Winandy Ruhr-University Bochum marcel.winandy@trust.rub.de http://www.trust.rub.deFreitag, 12. November 2010

×