CoreGRID: European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies.

Slides:

Advertisements

Similar presentations

National HIT Agenda and HIE John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.

Advertisements

Report on the Workshop on GENI and Security or, What Happens When the GENI Leaves the Bottle? Matt Bishop Department of Computer Science University of.

Lousy Introduction into SWITCHaai

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks MyProxy and EGEE Ludek Matyska and Daniel.

European and Chinese Cooperation on Grid Is Quality Assurance a field for cooperation for Grids? ENG Andrea Manieri.

1 2 nd Shanghai, 19/02/06 Architecture for Next Generation Grids Kostas Tserpes, NTUA Shanghai, 20th of February 2006.

CoreGRID: European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies.

XtreemOS IP project is funded by the European Commission under contract IST-FP XtreemOS: Building and Promoting a Linux-based Operating System.

CoreGRID: European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies.

CoreGRID: European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies.

CoreGRID: European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies.

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies Grid.

CoreGRID European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies.

Conclusions from e-Health

DG INFSO- Grid Research & Infrastructures: W. Boch, M. Campolargo 1 Delivery of Industrial-strength Grid Middleware: establishing an effective European.

Interoperable EHRs Proposed Vision for HIE in Southern Illinois Stakeholder Meeting April 23, 2009 Nick Bonvino Executive Consultant Connect SI *NB Consulting,

Current status of grids: the need for standards Mike Mineter TOE-NeSC, Edinburgh.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

TNC 2008 / Short Lived Credential Service Implementation Based on National AAI Short Lived Credential Service Implementation Based on National AAI Emir.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

1 Skilling Up for Patient-Centered E-Health E. Vance Wilson University of Wisconsin-Milwaukee.

Trust Management of Services in Cloud Environments:

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Secure Electronic Health Records: The German Experience By Michael Deighan.

Slide: 1 Welcome to the workshop ESRFUP-WP7 User Single Entry Point.

EGEE-II INFSO-RI Enabling Grids for E-sciencE The gLite middleware distribution OSG Consortium Meeting Seattle,

Engineering Medical Information Systems

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

ULTIMA*ERP - Enterprise Hospital

2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.

A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality

RIVERA SÁNCHEZ-1 CSE 5810 User Authentication in Mobile Healthcare Applications Yaira K. Rivera Sánchez Computer Science & Engineering Department University.

Active Directory ® Certificate Services Infrastructure Planning and Design Published: June 2010 Updated: November 2011.

Frankfurt (Germany), 6-9 June 2011 IT COMPLIANCE IN SMART GRIDS Martin Schaefer – Sweden – Session 6 – 0210.

INFSO-RI Enabling Grids for E-sciencE SA1: Cookbook (DSA1.7) Ian Bird CERN 18 January 2006.

Gregorio Martínez Pérez University of Murcia PROVIDING SECURITY TO UNIVERSITY ENVIRONMENT COMMUNICATIONS.

European Grid Initiative Federated Cloud update Peter solagna Pre-GDB Workshop 10/11/

Open Health Tools Membership Presentation July Karos Health is focused on elevating the quality of patient care by enabling the sharing and storing.

Enabling Dynamic Data and Indirect Mutual Trust for Cloud Computing Storage Systems.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲吳俊逸.

AN INTEGRATED FRAMEWORK FOR VO-ORIENTED AUTHORIZATION, POLICY-BASED MANAGEMENT AND ACCOUNTING Andrea Caltroni 3, Vincenzo Ciaschini 1, Andrea Ferraro 1,

Connect. Communicate. Collaborate The authN and authR infrastructure of perfSONAR MDM Ann Arbor, MI, September 2008.

Topic 3A SEMANTIC INTEROPERABILITY: REUSE OF EHR DATA Mats Sundgren.

Glite. Architecture Applications have access both to Higher-level Grid Services and to Foundation Grid Middleware Higher-Level Grid Services are supposed.

26/05/2005 Research Infrastructures - 'eInfrastructure: Grid initiatives‘ FP INFRASTRUCTURES-71 DIMMI Project a DI gital M ulti M edia I nfrastructure.

Identity Management in DEISA/PRACE Vincent RIBAILLIER, Federated Identity Workshop, CERN, June 9 th, 2011.

DTI Mission – 29 June LCG Security Ian Neilson LCG Security Officer Grid Deployment Group CERN.

E-Science Security Roadmap Grid Security Task Force From original presentation by Howard Chivers, University of York Brief content:  Seek feedback on.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

Distributed Data Access Control Mechanisms and the SRM Peter Kunszt Manager Swiss Grid Initiative Swiss National Supercomputing Centre CSCS GGF Grid Data.

Identity Protection and Pseudonymisation White Paper Proposal for 2008/09 A. Estelrich (GIP-DMP) S. Bittins (Fraunhofer ISST)

Big Data Security Issues in Cloud Management. BDWG Big Data Working Group Researchers 1: Data analytics for security 2: Privacy preserving 3: Big data-scale.

The Hague, 2nd EGEE Conference - November 22-26, 2004 NA2 Dissemination & Outreach High Performance Computer systems Lab University of Cyprus SEE - UCY.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Services for Distributed e-Infrastructure Access Tiziana Ferrari on behalf.

Web and mobile access to digital repositories Mario Torrisi National Institute of Nuclear Physics – Division of

Grid based telemedicine application

Grid Computing Security Mechanisms: the state-of-the-art

JRA3 Introduction Åke Edlund EGEE Security Head

DJRA3.1 issues Olle Mulmo.

Ahmet Fatih Mustacoglu

Grid Security M. Jouvin / C. Loomis (LAL-Orsay)

Common Solutions to Common Problems

Grid Engine Diego Scardaci (INFN – Catania)

GN2 JRA5 Roaming and Authorisation Jürgen Rauschenbach, DFN-Verein

gLite The EGEE Middleware Distribution

Presentation transcript:

CoreGRID: European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies Data Privacy Considerations in Intensive Care Grids University of Cyprus, FORTH ICS and General Hospital of Nicosia J. Luna, M. Flouris, M. Marazakis, A.Bilas, M. Dikaiakos, H. Gjermundrod and T. Kyprianou June-2008

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 2 Outline The Intensive Care Grid: –Motivation. –High-level Architecture. Security Requirements. Privacy Protocol. Conclusions and Future Work. Published Material.

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 3 The Intensive Care Grid Intensive Care Units (ICUs) require mechanisms for data acquisition, validation, storage, analysis, correlation, etc. ICGrid has been prototyped over EGEE (Enabling Grids for E-Science in Europe) to cope with these needs. ICGrids hybrid architecture combines sensors and Grid- enabled software tools. Everyday an ICU generates approx. 350 Mbytes: –Actual sensors Data (not considering images). –Metadata, including patients information and physicians annotations.

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 4 High-level architecture

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 5 Security Requirements for Data and Metadata How to implement a data security solution for ICGrid, compliant with Legal and Technological approaches? We applied a data-security analysis framework defined in previous research to investigate Players, Trust Assumptions, Security Primitives, Attacks and Damages. Current security mechanisms: –Secure inter-site channels (i.e. GSIFTP). –EGEE Central Services (i.e. CA, VOMS) and implemented AuthN/AuthZ mechanisms are trusted. Identified Vulnerabilities: –Attackers with revoked credentials (latency in propagating revocation information). -> OGF –Compromised Storage Elements provide full control over stored data.

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 6 Privacy Protocol Two basic mechanisms: –Cryptography (VO-level confidentiality, integrity) for Data and Metadata. Design criteria: performance, encryption keys do not traverse the network. –Data Fragmentation (high availability, confidentiality, scalability). Secondary mechanisms: –Mandatory Access Control for Metadata. –A Secure Log to back-trace operations.

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 7 Proposed Security Architecture over gLite Compression Mandatory Access Control + Encryption Data Encryption+ Fragmentation Fragmented+Encrypted Data GSIFTP Encryption Key Never Disclosed Secure Logging capabilities

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 8 Conclusions and Future Work Due to new vulnerabilities being introduced, keeping patients privacy has become a priority for Intensive Care Grids. Comprehensive Privacy Solutions should encompass Legal and Technological aspects. Interoperability Now! Based on a security analysis framework, a Privacy Protocol (cryptography, fragmentation) has been proposed for ICGrid. The protocol is being implement with the EGEE middleware (gLite). Prototype and follow-up being presented at OGF in Barcelona.

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 9 Published Material An analysis of security services in Grid storage systems. In CoreGRID Workshop on Grid Middleware (Also published as TR-0090). D.IA.16 Update of the Survey Material on Trust and Security. Collaboration WP Providing security to the Desktop Data Grid. In CoreGRID PCGrid Workshop Using the gLite middleware to implement a secure Intensive Care Grid System. Accepted for the CoreGRID Workshop on Grid Middleware Knowledge and Data Management in Grids: notes on the state of the art. Collaboration WP2. To be published as CoreGrid White Paper WHP

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 10 Thank you for your attention! Questions? Jesus Luna

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 11 Architecture

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies 12 Example: Electronic Health Card (Germany) To replace European Health Insurance Card. Patient decides IF and WHICH information can be recorded or deleted and WHO has access to it. Two-keys principle: –The card itself. –PIN as sign of consent. In emergencies, data can be accessed with a Health Professional Card (i.e. ICU, paramedics). 50 most recent accesses are logged. Administrative Data Cryptoprocessor