SlideShare una empresa de Scribd logo

Ehip4 caring through sharing privacy and-security-technical-aspects riccardo scandariato

imec.archive
imec.archive
1 de 6
Descargar para leer sin conexión
Caring through Sharing eHIP: Health Information Platform Security & Privacy Riccardo Scandariato IBBT-DistriNet Problem Architectural solution based on XDS reference model No out-of-the-box security&privacy solution Patient data is the asset to protect Sensitivity of information Laws and regulations K.U.Leuven K.U.Leuven 2
Security analysis Business level Analyzing the functionality and how it can be misused Search, View, Upload, Notify Abusing the functionality (out-of-the-box thinking) Adding fake data or removing correct data Exploiting unplanned information paths Abusing privileges EXAMPLE: Hiding errors by overwriting documents K.U.Leuven K.U.Leuven 3 Security analysis Technical level Identify assets in E-HIP architecture Data flow diagram (DFD) Determine threats Spoofing identity Tampering with data Repudiation Information disclosure Denial of service Elevation of privilege EXAMPLE: Tampering with communication K.U.Leuven K.U.Leuven 4
Security solution In a nutshell Enforce rules to limit who can access what Centralized for ease of management Per-resource rules Establish identities Decentralized due to scale and admin constraints K.U.Leuven K.U.Leuven 5 Security solution What rules? Analyzed the type of rules Identity Roles and affiliation Data sensitivity XACML Location eXtensible Data origin Access Control Patient history Markup Language Treatment or long-lasting relationship Rule Target Condition Effect Subject Resource Action Environment K.U.Leuven K.U.Leuven 6
Security solution Establishing identities Federation of ID providers Providers generates a token Proofs identity SAML Attribute Assertion Attributes of subject subject issuer Security service trusts providers signature timestamp SAML version Security Assertions id Markup Language SAML role Attribute ... Statements K.U.Leuven K.U.Leuven 7 Security Implementation view doc usr/pwd Repository permit ID  provider ok? (SAML) Security  service (XACML) K.U.Leuven K.U.Leuven 8
Privacy In a nutshell Avoid linkability of data when communicated across contexts Identifiers must be pseudonymized in cross context communication In some applications process must be reversible Ric is working too hard Ric Ric’s is buying blood count vitamins is low K.U.Leuven K.U.Leuven 9 Privacy Reversible IDs Context‐Specific  study_83547 References Prefix Global ID  0100110011 820908 324 56  K.U.Leuven K.U.Leuven Reversible ID !@#$%^@# *&#$!@ 10
Privacy Implementation view doc usr/pwd Anonymizer Repository permit ID  provider ok? Security  service K.U.Leuven K.U.Leuven 11 Credits Successful results come from good teamwork IBBT-DistriNet team Kim Wuyts, Eryk Kulikowski, Kris Verlaenen, Ric IBBT-COSIC team Mina Deng, Claudia Diaz, Danny De Cock K.U.Leuven K.U.Leuven 12

Recomendados

ediscovery
ediscoveryediscovery
ediscoverye.law International
 
Archiveslegalsolutions plaquette a a 2012 1
Archiveslegalsolutions plaquette a a 2012 1Archiveslegalsolutions plaquette a a 2012 1
Archiveslegalsolutions plaquette a a 2012 1archiveslegalsolutions
 
Hacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesHacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesCarlo Pelliccioni, CISSP
 
Towards Using Semantic Features for Near-Duplicate Video Detection
Towards Using Semantic Features for Near-Duplicate Video DetectionTowards Using Semantic Features for Near-Duplicate Video Detection
Towards Using Semantic Features for Near-Duplicate Video DetectionWesley De Neve
 
BUTLER IoT - Luxemburg presentation 8 9-12
BUTLER IoT - Luxemburg presentation 8 9-12BUTLER IoT - Luxemburg presentation 8 9-12
BUTLER IoT - Luxemburg presentation 8 9-12JobT
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectDETER-Project
 
MPG tech law
MPG tech lawMPG tech law
MPG tech lawAlbert Penilla
 
MPG tech law
MPG tech lawMPG tech law
MPG tech lawAlbert Penilla
 

Recomendados

ediscovery
ediscoveryediscovery
ediscoverye.law International
 
Archiveslegalsolutions plaquette a a 2012 1
Archiveslegalsolutions plaquette a a 2012 1Archiveslegalsolutions plaquette a a 2012 1
Archiveslegalsolutions plaquette a a 2012 1archiveslegalsolutions
 
Hacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesHacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesCarlo Pelliccioni, CISSP
 
Towards Using Semantic Features for Near-Duplicate Video Detection
Towards Using Semantic Features for Near-Duplicate Video DetectionTowards Using Semantic Features for Near-Duplicate Video Detection
Towards Using Semantic Features for Near-Duplicate Video DetectionWesley De Neve
 
BUTLER IoT - Luxemburg presentation 8 9-12
BUTLER IoT - Luxemburg presentation 8 9-12BUTLER IoT - Luxemburg presentation 8 9-12
BUTLER IoT - Luxemburg presentation 8 9-12JobT
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectDETER-Project
 
MPG tech law
MPG tech lawMPG tech law
MPG tech lawAlbert Penilla
 
MPG tech law
MPG tech lawMPG tech law
MPG tech lawAlbert Penilla
 
Digital Audio Watermarking
Digital Audio WatermarkingDigital Audio Watermarking
Digital Audio WatermarkingHasit Trivedi
 
Stegnography Systems for Securing DataFile in Image
Stegnography Systems for Securing DataFile in ImageStegnography Systems for Securing DataFile in Image
Stegnography Systems for Securing DataFile in ImageInternational Journal of Engineering Inventions www.ijeijournal.com
 
Tinysec
TinysecTinysec
TinysecDhara Ladumor
 
Ki2417591763
Ki2417591763Ki2417591763
Ki2417591763IJERA Editor
 
A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...
A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...
A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...Shalu Singh
 
An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...
An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...
An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...idescitation
 
Sandberg v deetzen_trcomm_2010
Sandberg v deetzen_trcomm_2010Sandberg v deetzen_trcomm_2010
Sandberg v deetzen_trcomm_2010Nitesh Chilakala
 
Session10part1 Server Intro
Session10part1 Server IntroSession10part1 Server Intro
Session10part1 Server IntroISSGC Summer School
 
ASFWS 2011 : Code obfuscation: Quid Novi ?
ASFWS 2011 : Code obfuscation: Quid Novi ?ASFWS 2011 : Code obfuscation: Quid Novi ?
ASFWS 2011 : Code obfuscation: Quid Novi ?Cyber Security Alliance
 
A Brief Survey on Robust Video Watermarking Techniques
A Brief Survey on Robust Video Watermarking TechniquesA Brief Survey on Robust Video Watermarking Techniques
A Brief Survey on Robust Video Watermarking Techniquestheijes
 
An analysis of digital watermarking in frequency domain
An analysis of digital watermarking in frequency domainAn analysis of digital watermarking in frequency domain
An analysis of digital watermarking in frequency domainLikan Patra
 
Wordpress & HTML5 by Rob Larsen
Wordpress & HTML5 by Rob LarsenWordpress & HTML5 by Rob Larsen
Wordpress & HTML5 by Rob LarsenGeorge Mamadashvili
 
Benny Salaets - Realising the Digital Agend in Flanders
Benny Salaets - Realising the Digital Agend in FlandersBenny Salaets - Realising the Digital Agend in Flanders
Benny Salaets - Realising the Digital Agend in Flandersimec.archive
 
A2 Bforum P1 02 Ka Ho Sl Vincent Naessens E Idea
A2 Bforum P1 02 Ka Ho Sl Vincent Naessens E IdeaA2 Bforum P1 02 Ka Ho Sl Vincent Naessens E Idea
A2 Bforum P1 02 Ka Ho Sl Vincent Naessens E Ideaimec.archive
 
Ecrea3b Lakel Amar Paper
Ecrea3b Lakel Amar PaperEcrea3b Lakel Amar Paper
Ecrea3b Lakel Amar Paperimec.archive
 
Rdc Listing Presentation 081909 R3
Rdc Listing Presentation 081909 R3Rdc Listing Presentation 081909 R3
Rdc Listing Presentation 081909 R3cjharrington
 
Diva Presentation
Diva PresentationDiva Presentation
Diva Presentationchriskovacs
 
Brokerage 2007 vodtec
Brokerage 2007 vodtecBrokerage 2007 vodtec
Brokerage 2007 vodtecimec.archive
 
OASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsOASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsJamie Clark
 
Atrapando Circulos
Atrapando CirculosAtrapando Circulos
Atrapando Circulosiesaguia
 
38708257 fotosintesis2
38708257 fotosintesis238708257 fotosintesis2
38708257 fotosintesis2biocarmelianas
 
Ilse Roelants - mobility setting the scene
Ilse Roelants - mobility setting the sceneIlse Roelants - mobility setting the scene
Ilse Roelants - mobility setting the sceneimec.archive
 

Más contenido relacionado

La actualidad más candente

Digital Audio Watermarking
Digital Audio WatermarkingDigital Audio Watermarking
Digital Audio WatermarkingHasit Trivedi
 
A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...
A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...
A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...Shalu Singh
 
An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...
An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...
An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...idescitation
 
Sandberg v deetzen_trcomm_2010
Sandberg v deetzen_trcomm_2010Sandberg v deetzen_trcomm_2010
Sandberg v deetzen_trcomm_2010Nitesh Chilakala
 
ASFWS 2011 : Code obfuscation: Quid Novi ?
ASFWS 2011 : Code obfuscation: Quid Novi ?ASFWS 2011 : Code obfuscation: Quid Novi ?
ASFWS 2011 : Code obfuscation: Quid Novi ?Cyber Security Alliance
 
A Brief Survey on Robust Video Watermarking Techniques
A Brief Survey on Robust Video Watermarking TechniquesA Brief Survey on Robust Video Watermarking Techniques
A Brief Survey on Robust Video Watermarking Techniquestheijes
 
An analysis of digital watermarking in frequency domain
An analysis of digital watermarking in frequency domainAn analysis of digital watermarking in frequency domain
An analysis of digital watermarking in frequency domainLikan Patra
 

La actualidad más candente (11)

Digital Audio Watermarking
Digital Audio WatermarkingDigital Audio Watermarking
Digital Audio Watermarking
 
Stegnography Systems for Securing DataFile in Image
Stegnography Systems for Securing DataFile in ImageStegnography Systems for Securing DataFile in Image
Stegnography Systems for Securing DataFile in Image
 
Tinysec
TinysecTinysec
Tinysec
 
Ki2417591763
Ki2417591763Ki2417591763
Ki2417591763
 
A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...
A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...
A Robust Deinterlacing Multiple Image Watermarking Technique in Discrete Wave...
 
An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...
An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...
An Overview of Visual Cryptography based Video Watermarking Schemes: Techniqu...
 
Sandberg v deetzen_trcomm_2010
Sandberg v deetzen_trcomm_2010Sandberg v deetzen_trcomm_2010
Sandberg v deetzen_trcomm_2010
 
Session10part1 Server Intro
Session10part1 Server IntroSession10part1 Server Intro
Session10part1 Server Intro
 
ASFWS 2011 : Code obfuscation: Quid Novi ?
ASFWS 2011 : Code obfuscation: Quid Novi ?ASFWS 2011 : Code obfuscation: Quid Novi ?
ASFWS 2011 : Code obfuscation: Quid Novi ?
 
A Brief Survey on Robust Video Watermarking Techniques
A Brief Survey on Robust Video Watermarking TechniquesA Brief Survey on Robust Video Watermarking Techniques
A Brief Survey on Robust Video Watermarking Techniques
 
An analysis of digital watermarking in frequency domain
An analysis of digital watermarking in frequency domainAn analysis of digital watermarking in frequency domain
An analysis of digital watermarking in frequency domain
 

Destacado

Benny Salaets - Realising the Digital Agend in Flanders
Benny Salaets - Realising the Digital Agend in FlandersBenny Salaets - Realising the Digital Agend in Flanders
Benny Salaets - Realising the Digital Agend in Flandersimec.archive
 
A2 Bforum P1 02 Ka Ho Sl Vincent Naessens E Idea
A2 Bforum P1 02 Ka Ho Sl Vincent Naessens E IdeaA2 Bforum P1 02 Ka Ho Sl Vincent Naessens E Idea
A2 Bforum P1 02 Ka Ho Sl Vincent Naessens E Ideaimec.archive
 
Ecrea3b Lakel Amar Paper
Ecrea3b Lakel Amar PaperEcrea3b Lakel Amar Paper
Ecrea3b Lakel Amar Paperimec.archive
 
Rdc Listing Presentation 081909 R3
Rdc Listing Presentation 081909 R3Rdc Listing Presentation 081909 R3
Rdc Listing Presentation 081909 R3cjharrington
 
Diva Presentation
Diva PresentationDiva Presentation
Diva Presentationchriskovacs
 
Brokerage 2007 vodtec
Brokerage 2007 vodtecBrokerage 2007 vodtec
Brokerage 2007 vodtecimec.archive
 
OASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsOASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsJamie Clark
 
Atrapando Circulos
Atrapando CirculosAtrapando Circulos
Atrapando Circulosiesaguia
 
38708257 fotosintesis2
38708257 fotosintesis238708257 fotosintesis2
38708257 fotosintesis2biocarmelianas
 
Ilse Roelants - mobility setting the scene
Ilse Roelants - mobility setting the sceneIlse Roelants - mobility setting the scene
Ilse Roelants - mobility setting the sceneimec.archive
 
Scentsy Fall/Winter 2014 Catalog
Scentsy Fall/Winter 2014 CatalogScentsy Fall/Winter 2014 Catalog
Scentsy Fall/Winter 2014 Catalogdaton3gurl
 
Ict Sd09 Overal In Je Leven Kom Je 1700 Tegen
Ict Sd09 Overal In Je Leven Kom Je 1700 TegenIct Sd09 Overal In Je Leven Kom Je 1700 Tegen
Ict Sd09 Overal In Je Leven Kom Je 1700 Tegenimec.archive
 
The Connected Smart Cities Network and Living Labs - Towards Horizon 2020 - K...
The Connected Smart Cities Network and Living Labs - Towards Horizon 2020 - K...The Connected Smart Cities Network and Living Labs - Towards Horizon 2020 - K...
The Connected Smart Cities Network and Living Labs - Towards Horizon 2020 - K...imec.archive
 
Briefing on OASIS XLIFF OMOS TC 20160121
Briefing on OASIS XLIFF OMOS TC 20160121Briefing on OASIS XLIFF OMOS TC 20160121
Briefing on OASIS XLIFF OMOS TC 20160121Jamie Clark
 
Ecrea1a Van Audenhove Leo Ppt
Ecrea1a Van Audenhove Leo PptEcrea1a Van Audenhove Leo Ppt
Ecrea1a Van Audenhove Leo Pptimec.archive
 
08 Afsluitevent Transecare
08 Afsluitevent Transecare08 Afsluitevent Transecare
08 Afsluitevent Transecareimec.archive
 
WeBBT 2009 Coconut & MyBBT
WeBBT 2009 Coconut & MyBBTWeBBT 2009 Coconut & MyBBT
WeBBT 2009 Coconut & MyBBTimec.archive
 

Destacado (20)

Wordpress & HTML5 by Rob Larsen
Wordpress & HTML5 by Rob LarsenWordpress & HTML5 by Rob Larsen
Wordpress & HTML5 by Rob Larsen
 
Benny Salaets - Realising the Digital Agend in Flanders
Benny Salaets - Realising the Digital Agend in FlandersBenny Salaets - Realising the Digital Agend in Flanders
Benny Salaets - Realising the Digital Agend in Flanders
 
A2 Bforum P1 02 Ka Ho Sl Vincent Naessens E Idea
A2 Bforum P1 02 Ka Ho Sl Vincent Naessens E IdeaA2 Bforum P1 02 Ka Ho Sl Vincent Naessens E Idea
A2 Bforum P1 02 Ka Ho Sl Vincent Naessens E Idea
 
Ecrea3b Lakel Amar Paper
Ecrea3b Lakel Amar PaperEcrea3b Lakel Amar Paper
Ecrea3b Lakel Amar Paper
 
Rdc Listing Presentation 081909 R3
Rdc Listing Presentation 081909 R3Rdc Listing Presentation 081909 R3
Rdc Listing Presentation 081909 R3
 
Diva Presentation
Diva PresentationDiva Presentation
Diva Presentation
 
Brokerage 2007 vodtec
Brokerage 2007 vodtecBrokerage 2007 vodtec
Brokerage 2007 vodtec
 
OASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsOASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of things
 
Atrapando Circulos
Atrapando CirculosAtrapando Circulos
Atrapando Circulos
 
38708257 fotosintesis2
38708257 fotosintesis238708257 fotosintesis2
38708257 fotosintesis2
 
Ilse Roelants - mobility setting the scene
Ilse Roelants - mobility setting the sceneIlse Roelants - mobility setting the scene
Ilse Roelants - mobility setting the scene
 
Scentsy Fall/Winter 2014 Catalog
Scentsy Fall/Winter 2014 CatalogScentsy Fall/Winter 2014 Catalog
Scentsy Fall/Winter 2014 Catalog
 
Ict Sd09 Overal In Je Leven Kom Je 1700 Tegen
Ict Sd09 Overal In Je Leven Kom Je 1700 TegenIct Sd09 Overal In Je Leven Kom Je 1700 Tegen
Ict Sd09 Overal In Je Leven Kom Je 1700 Tegen
 
The Connected Smart Cities Network and Living Labs - Towards Horizon 2020 - K...
The Connected Smart Cities Network and Living Labs - Towards Horizon 2020 - K...The Connected Smart Cities Network and Living Labs - Towards Horizon 2020 - K...
The Connected Smart Cities Network and Living Labs - Towards Horizon 2020 - K...
 
Sumo
SumoSumo
Sumo
 
Briefing on OASIS XLIFF OMOS TC 20160121
Briefing on OASIS XLIFF OMOS TC 20160121Briefing on OASIS XLIFF OMOS TC 20160121
Briefing on OASIS XLIFF OMOS TC 20160121
 
Ecrea1a Van Audenhove Leo Ppt
Ecrea1a Van Audenhove Leo PptEcrea1a Van Audenhove Leo Ppt
Ecrea1a Van Audenhove Leo Ppt
 
GROUP5-SYLLABLES
GROUP5-SYLLABLESGROUP5-SYLLABLES
GROUP5-SYLLABLES
 
08 Afsluitevent Transecare
08 Afsluitevent Transecare08 Afsluitevent Transecare
08 Afsluitevent Transecare
 
WeBBT 2009 Coconut & MyBBT
WeBBT 2009 Coconut & MyBBTWeBBT 2009 Coconut & MyBBT
WeBBT 2009 Coconut & MyBBT
 

Similar a Ehip4 caring through sharing privacy and-security-technical-aspects riccardo scandariato

Projecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudProjecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudScientia Groups
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...Novell
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...Novell
 
PROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationPROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationMichael Scovetta
 
OSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOpenStorageSummit
 
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar SantosIt's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santossantosomar
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidOpen Data Center Alliance
 
Integrating network virtualization security in OpenStack Deployments.pdf
Integrating network virtualization security in OpenStack Deployments.pdfIntegrating network virtualization security in OpenStack Deployments.pdf
Integrating network virtualization security in OpenStack Deployments.pdfOpenStack Foundation
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in CloudLenin Aboagye
 
Cloud Security Topics: Network Intrusion Detection for Amazon EC2
Cloud Security Topics: Network Intrusion Detection for Amazon EC2Cloud Security Topics: Network Intrusion Detection for Amazon EC2
Cloud Security Topics: Network Intrusion Detection for Amazon EC2Alert Logic
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalMahmoud Yassin
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
Wayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonWayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonEduserv
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
CRENNO Technologies Network Consultancy & Session Border Controller Solut...
CRENNO Technologies Network Consultancy & Session Border Controller Solut...CRENNO Technologies Network Consultancy & Session Border Controller Solut...
CRENNO Technologies Network Consultancy & Session Border Controller Solut...Erol TOKALACOGLU
 

Similar a Ehip4 caring through sharing privacy and-security-technical-aspects riccardo scandariato (20)

Projecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudProjecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the Cloud
 
Monetizing the Enterprise: Borderless Networks
Monetizing the Enterprise: Borderless NetworksMonetizing the Enterprise: Borderless Networks
Monetizing the Enterprise: Borderless Networks
 
Unit 08: Security for Web Applications
Unit 08: Security for Web ApplicationsUnit 08: Security for Web Applications
Unit 08: Security for Web Applications
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
PROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal VerificationPROCEED and Crowd-Sourced Formal Verification
PROCEED and Crowd-Sourced Formal Verification
 
OSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal Stern
 
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar SantosIt's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santos
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
 
Integrating network virtualization security in OpenStack Deployments.pdf
Integrating network virtualization security in OpenStack Deployments.pdfIntegrating network virtualization security in OpenStack Deployments.pdf
Integrating network virtualization security in OpenStack Deployments.pdf
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in Cloud
 
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
 
Cloud Security Topics: Network Intrusion Detection for Amazon EC2
Cloud Security Topics: Network Intrusion Detection for Amazon EC2Cloud Security Topics: Network Intrusion Detection for Amazon EC2
Cloud Security Topics: Network Intrusion Detection for Amazon EC2
 
Pragmatic approach to_dds_security_2008
Pragmatic approach to_dds_security_2008Pragmatic approach to_dds_security_2008
Pragmatic approach to_dds_security_2008
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelEnterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - Intel
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 
Wayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonWayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan Richardson
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
 
CRENNO Technologies Network Consultancy & Session Border Controller Solut...
CRENNO Technologies Network Consultancy & Session Border Controller Solut...CRENNO Technologies Network Consultancy & Session Border Controller Solut...
CRENNO Technologies Network Consultancy & Session Border Controller Solut...
 

Más de imec.archive

iMinds-iLab.o, Open Innovation in ICT
iMinds-iLab.o, Open Innovation in ICTiMinds-iLab.o, Open Innovation in ICT
iMinds-iLab.o, Open Innovation in ICTimec.archive
 
Accio presentation closing event
Accio presentation closing eventAccio presentation closing event
Accio presentation closing eventimec.archive
 
PRoF+ Patient Room of the Future
PRoF+ Patient Room of the FuturePRoF+ Patient Room of the Future
PRoF+ Patient Room of the Futureimec.archive
 
Results of the Apollon pilot in homecare and independent living
Results of the Apollon pilot in homecare and independent livingResults of the Apollon pilot in homecare and independent living
Results of the Apollon pilot in homecare and independent livingimec.archive
 
Delivery of feedback on Health, Home Security and Home Energy in Aware Homes ...
Delivery of feedback on Health, Home Security and Home Energy in Aware Homes ...Delivery of feedback on Health, Home Security and Home Energy in Aware Homes ...
Delivery of feedback on Health, Home Security and Home Energy in Aware Homes ...imec.archive
 
NMMU-Emmanuel Haven Living Lab
NMMU-Emmanuel Haven Living LabNMMU-Emmanuel Haven Living Lab
NMMU-Emmanuel Haven Living Labimec.archive
 
The Humanicité workshops
The Humanicité workshopsThe Humanicité workshops
The Humanicité workshopsimec.archive
 
A Real-World Experimentation Platform
A Real-World Experimentation PlatformA Real-World Experimentation Platform
A Real-World Experimentation Platformimec.archive
 
ENoLL @ AAL Forum 2012
ENoLL @ AAL Forum 2012ENoLL @ AAL Forum 2012
ENoLL @ AAL Forum 2012imec.archive
 
ENoLL 6th Wave Results Ceremony (Jesse Marsh)
ENoLL 6th Wave Results Ceremony (Jesse Marsh)ENoLL 6th Wave Results Ceremony (Jesse Marsh)
ENoLL 6th Wave Results Ceremony (Jesse Marsh)imec.archive
 
Apollon-23/05/2012-9u30- Parallell session: Living Labs added value
Apollon-23/05/2012-9u30- Parallell session: Living Labs added value Apollon-23/05/2012-9u30- Parallell session: Living Labs added value
Apollon-23/05/2012-9u30- Parallell session: Living Labs added value imec.archive
 
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across borders
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across bordersApollon - 22/5/12 - 11:30 - Local SME's - Innovating Across borders
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across bordersimec.archive
 
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future InternetApollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internetimec.archive
 
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future InternetApollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internetimec.archive
 
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future InternetApollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internetimec.archive
 
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future InternetApollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internetimec.archive
 
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across borders
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across bordersApollon - 22/5/12 - 11:30 - Local SME's - Innovating Across borders
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across bordersimec.archive
 
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation EcosystemsApollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystemsimec.archive
 
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation EcosystemsApollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystemsimec.archive
 
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation EcosystemsApollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystemsimec.archive
 

Más de imec.archive (20)

iMinds-iLab.o, Open Innovation in ICT
iMinds-iLab.o, Open Innovation in ICTiMinds-iLab.o, Open Innovation in ICT
iMinds-iLab.o, Open Innovation in ICT
 
Accio presentation closing event
Accio presentation closing eventAccio presentation closing event
Accio presentation closing event
 
PRoF+ Patient Room of the Future
PRoF+ Patient Room of the FuturePRoF+ Patient Room of the Future
PRoF+ Patient Room of the Future
 
Results of the Apollon pilot in homecare and independent living
Results of the Apollon pilot in homecare and independent livingResults of the Apollon pilot in homecare and independent living
Results of the Apollon pilot in homecare and independent living
 
Delivery of feedback on Health, Home Security and Home Energy in Aware Homes ...
Delivery of feedback on Health, Home Security and Home Energy in Aware Homes ...Delivery of feedback on Health, Home Security and Home Energy in Aware Homes ...
Delivery of feedback on Health, Home Security and Home Energy in Aware Homes ...
 
NMMU-Emmanuel Haven Living Lab
NMMU-Emmanuel Haven Living LabNMMU-Emmanuel Haven Living Lab
NMMU-Emmanuel Haven Living Lab
 
The Humanicité workshops
The Humanicité workshopsThe Humanicité workshops
The Humanicité workshops
 
A Real-World Experimentation Platform
A Real-World Experimentation PlatformA Real-World Experimentation Platform
A Real-World Experimentation Platform
 
ENoLL @ AAL Forum 2012
ENoLL @ AAL Forum 2012ENoLL @ AAL Forum 2012
ENoLL @ AAL Forum 2012
 
ENoLL 6th Wave Results Ceremony (Jesse Marsh)
ENoLL 6th Wave Results Ceremony (Jesse Marsh)ENoLL 6th Wave Results Ceremony (Jesse Marsh)
ENoLL 6th Wave Results Ceremony (Jesse Marsh)
 
Apollon-23/05/2012-9u30- Parallell session: Living Labs added value
Apollon-23/05/2012-9u30- Parallell session: Living Labs added value Apollon-23/05/2012-9u30- Parallell session: Living Labs added value
Apollon-23/05/2012-9u30- Parallell session: Living Labs added value
 
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across borders
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across bordersApollon - 22/5/12 - 11:30 - Local SME's - Innovating Across borders
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across borders
 
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future InternetApollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
 
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future InternetApollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
 
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future InternetApollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
 
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future InternetApollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
Apollon - 22/5/12 - 16:00 - Smart Open Cities and the Future Internet
 
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across borders
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across bordersApollon - 22/5/12 - 11:30 - Local SME's - Innovating Across borders
Apollon - 22/5/12 - 11:30 - Local SME's - Innovating Across borders
 
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation EcosystemsApollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
 
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation EcosystemsApollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
 
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation EcosystemsApollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
Apollon - 22/5/12 - 09:00 - User-driven Open Innovation Ecosystems
 

Ehip4 caring through sharing privacy and-security-technical-aspects riccardo scandariato

  • 1. Caring through Sharing eHIP: Health Information Platform Security & Privacy Riccardo Scandariato IBBT-DistriNet Problem Architectural solution based on XDS reference model No out-of-the-box security&privacy solution Patient data is the asset to protect Sensitivity of information Laws and regulations K.U.Leuven K.U.Leuven 2
  • 2. Security analysis Business level Analyzing the functionality and how it can be misused Search, View, Upload, Notify Abusing the functionality (out-of-the-box thinking) Adding fake data or removing correct data Exploiting unplanned information paths Abusing privileges EXAMPLE: Hiding errors by overwriting documents K.U.Leuven K.U.Leuven 3 Security analysis Technical level Identify assets in E-HIP architecture Data flow diagram (DFD) Determine threats Spoofing identity Tampering with data Repudiation Information disclosure Denial of service Elevation of privilege EXAMPLE: Tampering with communication K.U.Leuven K.U.Leuven 4
  • 3. Security solution In a nutshell Enforce rules to limit who can access what Centralized for ease of management Per-resource rules Establish identities Decentralized due to scale and admin constraints K.U.Leuven K.U.Leuven 5 Security solution What rules? Analyzed the type of rules Identity Roles and affiliation Data sensitivity XACML Location eXtensible Data origin Access Control Patient history Markup Language Treatment or long-lasting relationship Rule Target Condition Effect Subject Resource Action Environment K.U.Leuven K.U.Leuven 6
  • 4. Security solution Establishing identities Federation of ID providers Providers generates a token Proofs identity SAML Attribute Assertion Attributes of subject subject issuer Security service trusts providers signature timestamp SAML version Security Assertions id Markup Language SAML role Attribute ... Statements K.U.Leuven K.U.Leuven 7 Security Implementation view doc usr/pwd Repository permit ID  provider ok? (SAML) Security  service (XACML) K.U.Leuven K.U.Leuven 8
  • 5. Privacy In a nutshell Avoid linkability of data when communicated across contexts Identifiers must be pseudonymized in cross context communication In some applications process must be reversible Ric is working too hard Ric Ric’s is buying blood count vitamins is low K.U.Leuven K.U.Leuven 9 Privacy Reversible IDs Context‐Specific  study_83547 References Prefix Global ID  0100110011 820908 324 56  K.U.Leuven K.U.Leuven Reversible ID !@#$%^@# *&#$!@ 10
  • 6. Privacy Implementation view doc usr/pwd Anonymizer Repository permit ID  provider ok? Security  service K.U.Leuven K.U.Leuven 11 Credits Successful results come from good teamwork IBBT-DistriNet team Kim Wuyts, Eryk Kulikowski, Kris Verlaenen, Ric IBBT-COSIC team Mina Deng, Claudia Diaz, Danny De Cock K.U.Leuven K.U.Leuven 12