Date post: | 12-Jun-2015 |
Category: |
Technology |
Upload: | marcel-winandy |
View: | 205 times |
Download: | 3 times |
Med-e-Tel 2011, The International eHealth, Telemedicine and Health ICT Forum Luxembourg, 6 - 8 April 2011
Biljana Cubaleska, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy
Ruhr-University Bochum
MediTrust Secure Client Systems for Healthcare IT
to Protect Sensitive Data of Patients
Ammar Alkassar, Christian Stüble Sirrix AG security technologies
Simple E-Health Cloud
Advanced E-Health Cloud
Security Problem Areas
• Data Storage and Processing - Data centers: unauthorized information leakage
- Platform security: vulnerable to malware
- Mobile storage (USB memory sticks)
• Infrastructure Management - Cryptographic keys, certificates
- Hardware / software components
• Usability and User Experience - Smartcard PIN (when unconscious?)
- Time consuming
Platform Security (Server)
unauthorized access (read/modify)
Platform Security (Client)
unauthorized access (read/modify)
authorized download
MediTrust: Project Goals • Secure end-user platform
- Protect medical data from unauthorized access/manipulation - Secure separation of data of different workflows
• Security infrastructure management - Secure domains should span over several hardware nodes
- Central and easy management entity
• Usable security solution - Transparent security protection
- No overhead in the normal workflow
Building Privacy Domains
Technology
• Security infrastructure: Trusted Virtual Domains - TVD: coalition of trusted execution environments - Transparent policy enforcement - Secure communication
• Client platform security: TURAYA.TrustedDesktop - Security Kernel - Implements TVD security model on local platforms - Isolated compartments (virtualization) - Uses Trusted Computing functionality (TPM)
TVD Architecture
Hardware
Turaya Security Kernel
Security Module
VM TVD
Proxy B
TVD B
VM
TVD Proxy A
TVD A
TVD Master A
Hardware
Cred
Policy
TURAYA.TrustedDesktop
Main Security Features: • Full hard-disk encryption • Secure networking • Transparent file encryption • Secure graphical user interface
Secure Networking
Transparent File Encryption
Transparent File Encryption
Transparent File Encryption
Transparent File Encryption
!
Conclusion & Outlook
• Security infrastructure to protect sensitive data
• Based on TVDs and TURAYA.TrustedDesktop
• Field study (late 2011) - 20 users (health professionals) - Analysis of effectiveness and usability
• More information online:
MediTrust http://www.rubtrust-meditrust.de
Marcel Winandy [email protected]