MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients
-
Upload
marcel-winandy -
Category
Technology
-
view
208 -
download
3
Transcript of MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients
![Page 1: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/1.jpg)
Med-e-Tel 2011, The International eHealth, Telemedicine and Health ICT Forum Luxembourg, 6 - 8 April 2011
Biljana Cubaleska, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy
Ruhr-University Bochum
MediTrust Secure Client Systems for Healthcare IT
to Protect Sensitive Data of Patients
Ammar Alkassar, Christian Stüble Sirrix AG security technologies
![Page 2: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/2.jpg)
Simple E-Health Cloud
![Page 3: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/3.jpg)
Advanced E-Health Cloud
![Page 4: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/4.jpg)
Security Problem Areas
• Data Storage and Processing - Data centers: unauthorized information leakage
- Platform security: vulnerable to malware
- Mobile storage (USB memory sticks)
• Infrastructure Management - Cryptographic keys, certificates
- Hardware / software components
• Usability and User Experience - Smartcard PIN (when unconscious?)
- Time consuming
![Page 5: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/5.jpg)
Platform Security (Server)
unauthorized access (read/modify)
![Page 6: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/6.jpg)
Platform Security (Client)
unauthorized access (read/modify)
authorized download
![Page 7: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/7.jpg)
MediTrust: Project Goals • Secure end-user platform
- Protect medical data from unauthorized access/manipulation - Secure separation of data of different workflows
• Security infrastructure management - Secure domains should span over several hardware nodes
- Central and easy management entity
• Usable security solution - Transparent security protection
- No overhead in the normal workflow
![Page 8: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/8.jpg)
Building Privacy Domains
![Page 9: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/9.jpg)
Technology
• Security infrastructure: Trusted Virtual Domains - TVD: coalition of trusted execution environments - Transparent policy enforcement - Secure communication
• Client platform security: TURAYA.TrustedDesktop - Security Kernel - Implements TVD security model on local platforms - Isolated compartments (virtualization) - Uses Trusted Computing functionality (TPM)
![Page 10: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/10.jpg)
TVD Architecture
Hardware
Turaya Security Kernel
Security Module
VM TVD
Proxy B
TVD B
VM
TVD Proxy A
TVD A
TVD Master A
Hardware
Cred
Policy
![Page 11: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/11.jpg)
TURAYA.TrustedDesktop
Main Security Features: • Full hard-disk encryption • Secure networking • Transparent file encryption • Secure graphical user interface
![Page 12: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/12.jpg)
Secure Networking
![Page 13: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/13.jpg)
Transparent File Encryption
![Page 14: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/14.jpg)
Transparent File Encryption
![Page 15: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/15.jpg)
Transparent File Encryption
![Page 16: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/16.jpg)
Transparent File Encryption
!
![Page 17: MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients](https://reader033.fdocuments.net/reader033/viewer/2022042815/557a2349d8b42a48458b476a/html5/thumbnails/17.jpg)
Conclusion & Outlook
• Security infrastructure to protect sensitive data
• Based on TVDs and TURAYA.TrustedDesktop
• Field study (late 2011) - 20 users (health professionals) - Analysis of effectiveness and usability
• More information online:
MediTrust http://www.rubtrust-meditrust.de
Marcel Winandy [email protected]