The document provides an overview of the 2net system, including its product overview describing how biometric data flows from devices to the cloud platform, as well as its security and privacy features leveraging Qualcomm's expertise in network operations. Key aspects covered include the 2net hub, cloud platform, and end-to-end data flows, as well as Qualcomm's focus on proactive data protection, cybersecurity initiatives, and use of a premier enterprise wireless data platform.

1. #CONNECT2013
2net System Overview, Security and Privacy
Rajeev Rajan
Sr. Director, Product Management, Qualcomm Life

2. Session Agenda
2
• Qualcomm
Life,
2net,
Healthy
Circles,
Qualcomm
Life
Ecosystem…High-­‐Level
Overview
• 2net
Product
Overview…The
Body’s
Systems
• 2net
Security
&
Privacy
Overview…The
Immune
System

3. Our Mission
Mobilize healthcare
Our Vision
A world with access to healthcare anytime, anywhere
3

4. Low Energy
2net
Cloud
Pla-orm
Home
Hub
Sample
Scenario
Bill’s
blood
pressure
reading
is
collected
over
short-­‐
range
radio,
and
wirelessly
communicated
over
3G
by
his
2net
Home
Hub
to
the
2net
Cloud
Pla@orm,
to
be
delivered
to
his
doctor
thru
2net’s
Customers/Partners.
2net
Customers/
PartnersCellular
3G
2net Use-Case
4

5. Customer/In-­‐House
HealthyCircles
ConnecIng
the
Care
Team
Accelerates
AdopIon
HIE/EHR
Clinical
Data
Lab
Results
Rx
Data
Tradi=onal
Healthcare
Se?ngs
EMR1
EMR2
5

6. Qualcomm Life Ecosystem
Note:
Both
the
2net
Hub
and
PlaUorm
are
(1)
FDA
listed
Class
I
MDDS
(US)
(2)
CE
registered,
Class
I
listed
MDD
under
EU
DirecIve
93/42/EEC
(Europe)
(3)
Class
I
listed
CMDCAS
(Canada).
6

7. #CONNECT2013
2net Product Overview
… The Body’s Systems

8. Disease Management Kits
Diabetes
COPD / AsthmaCHF
Wellness/Prevention
8

9. 2net Hub : High level Data Flows
1
2
4
6
3
5
Legend
2
Biometric
data
flow
Device
command
flow
Data
flow
step
number
2net
Service
Pla-orm/
Cloud
2net
Hub
2net
Customer
Pla-orm
/Cloud
9

10. High Level System Design
Hub
Cellular
Data
Network
2net
Service
Platform
Internet
Dashboard
Visualization/
Analysis
Customer
data
handling
2net
Connect
Server
Biometric
data
10
1. Captures
the
biometric
measurement
data
from
health
care
and
fitness
data
from
customer
or
collaborator
wireless
devices
2. Stores
the
biometric
measurement
data
in
a
secure
system
3. Delivers
the
data
to
integrated
portals/databases

11. Carrier
Network
Data
Connectivity
Plan
• Customer
application
InternetDevice Agents
Hub Software
Customer
Interface
Cellular
Carrier
Portal
Customer
Care
(Tier 2/3)
Device Agents
Pharma
Fitness
Medical
USE
Consumer
and/or
Payer
Billing
Provisioning
Carrier
Transaction
Billing
Device Agents
Hub App
Software
Firmware/OS
Customer 1
Contract Manufacturer
Venture Corp
(Singapore/Malaysia)
Hub
Design
…
Internet
Buy
Hubs
Relationships
(Carriers,
OEMs,
Licensees,
CM/ODMs etc.)
• TransacIons
• Data
Storage,
Databases
2net End-to-End (E2E) Architecture
HUB PLATFORM
San
Diego,
USA
OTHER
CUSTOMERS/PARTNERS
CUSTOMER/PARTNER
Hub Software
Hub
Configurations
Hub Config
File (Authorization)
Home
11

12. Biometric Data Flow : End-to-End
TransacIon
Storage
(Encrypted)
Device
Customer
Portal
Decrypt
Server
Adapter
Device
specific
“Agents”
(DAs)are
installed
on
the
2net
hub.
These
agents
iniIate
data
transfers
from
the
devices
using
short-­‐range
radios
(BT,
BTLE,
Wi-­‐Fi,
etc.).
Data
is
uploaded
to
the
2net
Cloud
PlaUorm
over
the
cellular
network.
The
data
is
transmieed
over
authenIcated
SSL
connecIons.
Internet
Device
TransacIons
2net
Cloud
Pla-orm
Device
data
is
decrypted
and
transmieed
to
the
customer.
Thru
Server
Adapters
(SAs),
including
non-­‐standard
interfaces)
…
2net
CUSTOMERS
12
2net Hub
Encrypted
Hub Software
Radio Manager
Device Agent
For
data
delivery,
the
2net
Cloud
stores
the
encrypted
data
for
transmission
to
the
customers.
Cellular
Data
Network

13. #CONNECT2013
2net Security and Privacy
… The Immune System

14. FRB
Feature
Request
Board
ES
Engineering
Sample
FC
Feature
Complete
CS
Commercial
Sample
CPL
Customer
Product
Line
14
Qualcomm Product Security Initiative

15. Deliver
world-­‐class
cyber
security
and
risk
management
capabiliIes
Qualcomm
IT
:
InformaIon
Security
and
Risk
Management
Overview
Align
cyber
risk
profile
with
desired
level
Informa=on
Deliver
security
capabiliIes
to
advance
Company
business
strategy
Promote
responsible
security
behavior
consistent
with
Company
policies
and
values
15

16. Monitoring & Response
" Advanced security monitoring for attacks, data theft, policy violations, and
vulnerabilities
" Subjective analysis, triage, and coordination
Threat Management
" Intelligence and counter intelligence gathering, analysis, and sharing inside and
outside the company
" Proactively address threat trends
" Hunter-killer
Application Security
" Secure coding practices, training and testing
Cyber
Security
and
Threat
Management
16

17. Focus
on
ProacIve
Data
ProtecIon
Business
Security
Engineering
" Partner
with
engineering
and
business
leaders
to
manage
cyber
risk
profiles,
including
improvements
to
technical
and
administraIve
processes
" Drive
security-­‐related
business
knowledge
into
IT
pracIces
Security
Architecture
" Strategic
development,
direcIon
segng,
evangelizing,
and
knowledge
transfer
of
enterprise
security
architecture
standards,
policies,
concepts,
and
roadmaps
" Oien
assigned
as
security
SMEs
on
non-­‐security
driven
projects
" Special
projects
ex.
predicIve
analyIcs
Compliance
" Support
compliance
with
laws,
regulaIons,
industry
standards
(ex:
ISO,
ITAR,
Privacy,
PCI,
HIPAA),
and
contractual
requirements
" Contract
reviews
with
Legal
and
Procurement
17

18. Education and Awareness
" Educate employees and increase their cyber security awareness through
development and maintenance of the Company security awareness program
Policies and Guidelines
" Partner, develop, and maintain:
" Corporate cyber policies (ex. E-media, CCI, Conduct)
" Internal cyber security standards such as hardening and logging requirements
Focus on Proactive Data Protection contd.
18

19. Leveraging Qualcomm’s Unmatched Expertise
• OperaIng
for
over
25
years
• 4
con=nents,
40
countries,
8
dedicated
Network
Opera=ons
Centers
• Helping
over
10,000
businesses
manage
millions
of
mission
criIcal
devices
A Premier Enterprise Wireless Data Platform
19

20. End-­‐to-­‐end
SoluIon
Leverages
Qualcomm’s
Network
OperaIons
Center
§ Device integration
support
§ QCL built device agents
for each medical device
§ Test and Validation with
each medical device
§ Integration to device
logistics partners
§ Device design
§ Development
§ Certifications
§ Adaptive for future
med device
integration
§ Global roadmap
§ Test and validation
§ CM selection,
onboarding
§ ISO 13485
§ FDA-Listed Class I
Device (MDDS)
§ CE registered, Class I
MDD (Europe)
§ Integration to device
logistics partners
§ International Operators
§ Global data plans
§ Integration to NOC
§ Technical knowledge of
respective architectures
§ Reliable delivery of data
to the customer
applications through a
single simple interface
§ Two-way device
communication
§ OTA updates,
provisioning, device
agent pushes
§ PCI compliant data
centers
§ Designed for HIPAA
compliance, privacy and
security
§ Access to healthcare
data platform for “mix
and match” of devices
and applications
§ 3rd party apps
§ 2net portal
§ Web services
§ FDA-Listed Class 1
Device (MDDS)
§ CE registered, Class I
MDD (Europe)
§ Activation &
provisioning
§ OTA software updates
and agent mgmt
§ Device management,
version control, CM
§ Network management
§ Active network
monitoring
§ Timely enterprise
support
§ Direct carrier
engineering support
§ Fraud detection, Carrier
billing reconciliation
§ End-to-end enterprise
management of
message delivery
§ Reliability, Redundancy
Medical Devices Hub Networks
Network
Management
Data Management
Customer
Applications
20

21. QCL – 2netTM – Security and Privacy Highlights
On
Hub
Biometric
data
encrypIon
:
Advanced
EncrypIon
Standard
(AES)
128
Cellular
Network
Private
Network
(APN)
Transport
Layer
(Over
Cellular
and
Internet)
Secure
Sockets
Layer
(SSL)
via
heps
(MulIple
cerIficate
authoriIes)
Server/Database
Rack/Servers
in
secure
area
Oracle
naIve
(if
needed)
Data
Integrity
Security
Hash
Algorithm
(SHA)-­‐256
Hash
for
every
Hub
to
2netTM
Service
PlaUorm
(SP)/Cloud
transmission
Cloud
Data-­‐center
Controls
Located
in
ISO
27001
cerIfied
and
PCI
compliant
datacenters
(excluding
UK)
HIPAA
Security
Rule
Compliance
Checklist
Underlying
Protocols
TCP/IP
UMTS
Multi-Level Controls
Upper
ApplicaIon
Layers
XML
1EEE
11073/
HTTPS
SSL
TCP/IP
UMTS
21

22. Service Security
Database,
OLTP
Customer
Services
Hub
Communications
-­‐
data
-­‐
SMS
Hubapp
and
DA
software
2net
Service
Platform
Data
Posting
Data
SA
REST
Services
2net
Customer
Data
handling
Firmware
Android
HUBAPPDA
Encryption
AES128
HTTPS
SSL
Private APN
UMTS/EDGE/GPRS
Cellular
END TO END
DATA
INTEGRITY:
Secure
Hash
Algo
SHA-256
Server system certifications:
·∙
Located in ISO 27001 certified and PCI compliant
datacenters (excluding UK)
·∙
Limited physical and logical access to servers
·∙
Firewall, Intrusion Detection Systems, Audit logging
·∙
HIPAA Security Rule Compliance Checklist
Decryption
HTTPS
Internet (SSL)
22

23. Service Security
Component
Security
Hub
–
Data
encrypIon
with
Advanced
EncrypIon
Standard
(AES)
128
Over-­‐the-­‐Air
(OTA)
and
Internet
–
Private
cellular
data
network
(Private
APN)
–
Secure
Sockets
Layer
(SSL)
via
HTTPS
(mulIple
cerIficate
authoriIes)
SP
Server,
Database
and
Cloud
–
Limited
physical
and
logical
access
to
servers
–
Located
in
ISO
27001
cerIfied
and
PCI
compliant
datacenters
(excluding
UK)
–
Firewall,
Intrusion
DetecIon
Systems,
Audit
logging
–
HIPAA
Security
Rule
Compliance
Checklist
–
Oracle
naIve
database
security
(if
required)
Data
Integrity
–
Security
Hash
Algorithm
(SHA)-­‐256
hash
for
every
hub
to
Service
PlaUorm/Cloud
transmission
Underlying
Protocols
–
Internet
transacIons
over
TCP/IP
–
Wireless
link
between
hub
and
cellular
carrier
uses
UMTS
or
EDGE/GPRS
23

24. © 2013 Qualcomm Life. All rights reserved.
#CONNECT2013
Thank you