@vkoutkias @konfidoproject
KONFIDO: Secure and Trusted Paradigm for Interoperable eHealth Data ExchangeVassilis Koutkias, PhD
Institute of Applied Biosciences, Centre for Research & Technology Hellas
Thessaloniki, GREECE
© HIMSS Europe GmbH
2
The European Framework for Cross-border eHealth Data
Exchange
@vkoutkias @konfidoproject
OpenNCP:
technical outcome of the epSOS project
NOW: part of the eHealth Digital Service
Infrastructure (eHDSI), under the
Connecting Europe Facility (CEF)
PS: Patient Summary
eP: ePrescription
© HIMSS Europe GmbH
3
The epSOS mediated approach
@vkoutkias @konfidoproject
National Contact Point (NCP) in charge of: Interacting with other NCPs Pivoting document Encoding the pivoted document in the national structure Interacting with the National Infrastructure (NI)
© HIMSS Europe GmbH
4
Security in epSOS
@vkoutkias @konfidoproject
Communication security is ensured via cryptography and
secure protocols
Security of communicating parties is not enforced by
technical means; it is instead assumed by legally binding
agreement
No protection is offered against propagation of cyberattacks;
instead, successful attacks in compromising a National
Infrastructure can exploit NCP to propagate to other countries
⇢ These security aspects were out of the epSOS scope
© HIMSS Europe GmbH
5
(means “trust” in Esperanto)
@vkoutkias @konfidoproject
Secure and Trusted Paradigm for Interoperable eHealth Services
KONFIDO Consortium15 partners
7 countries
2 pilots
Co-funded by the Horizon 2020 Framework Programmeof the European Union under Grant Agreement nº 727528.
Here comes…
© HIMSS Europe GmbH
6
@vkoutkias @konfidoproject
1st Pillar: Enhancement of trust and security
of interoperable eHealth services
© HIMSS Europe GmbH
7
1) Security extensions of COTS CPUs for
creating protected execution environments for
eHealth applications
2) Photonic encryption key generation
technologies
3) Homomorphic encryption mechanism
supporting secured health data storage,
processing and exchange
4) Customized SIEM (Security Information
Event and Management) solution for real-time
security monitoring of eHealth applications
5) Blockchain-based disruptive logging and
auditing mechanisms
6) eIDAS-compliant eID infrastructure
Six State-of-the-art Technologies
@vkoutkias @konfidoproject
eID
AS
© HIMSS Europe GmbH
8
@vkoutkias @konfidoproject
2nd Pillar: Continuous validation
and proof-of-concept demonstrations
© HIMSS Europe GmbH
9
@vkoutkias @konfidoproject
Validation Pilots in 3 Member States (Denmark, Italy, Spain)
Pilot 2: Cross-region & cross-border health data exchange in
emergencies
Pilot 1: Cross-border health data exchange for chronic patients
© HIMSS Europe GmbH
10
Pilot 1: Example User Scenario
@vkoutkias @konfidoproject
© HIMSS Europe GmbH
11
User Requirements Engineering
@vkoutkias @konfidoproject
User goals
ThreatsAssetsBusiness Processes
KONFIDO user
scenarios
© HIMSS Europe GmbH
12
@vkoutkias
User goals
ThreatsAssetsBusiness Processes
KONFIDO user
scenarios
User Requirements Engineering
© HIMSS Europe GmbH
13
@vkoutkias @konfidoproject
User goals
ThreatsAssetsBusiness Processes
KONFIDO user
scenarios
STR
IDE
mo
de
l
User Requirements Engineering
© HIMSS Europe GmbH
14
@vkoutkias @konfidoproject
User goals
ThreatsAssetsBusiness Processes
KONFIDO user
scenarios
User Requirements Engineering
© HIMSS Europe GmbH
15
@vkoutkias @konfidoproject
User goals
ThreatsAssetsBusiness Processes
KONFIDO user
scenarios
User Requirements Engineering
© HIMSS Europe GmbH
16
@vkoutkias @konfidoproject
3rd Pillar: Focus on stakeholdersimproving user acceptance - adhering to standards, legal and
ethical directives
© HIMSS Europe GmbH
17
User Engagement Approach:
Pan-European Survey and Workshops with Key Stakeholders
@vkoutkias
Barriers
Results of the survey
with Healthcare
Professionals
© HIMSS Europe GmbH
18
User Engagement Approach:
Pan-European Survey and Workshops with Key Stakeholders
@vkoutkias
Barriers
© HIMSS Europe GmbH
19
User Engagement Approach:
Pan-European Survey and Workshops with Key Stakeholders
@vkoutkias
© HIMSS Europe GmbH
20
Consolidated Barriers & Facilitators for eHealth Acceptance
@vkoutkias
Barriers
Facilitators
The conducted studies and
their results will become
publicly available within June!
© HIMSS Europe GmbH
21
Ultimate Goals
@vkoutkias @konfidoproject
Smartly integrate the different components/tools into a single
toolbox to provide a complete packaged security solution for
eHealth
Deliver a uniform, seamless and interoperable interface,
operating under a common security, privacy and legal
framework, reinforcing trust and user acceptance for eHealth
We need your feedback!!!
@vkoutkias @konfidoproject
Thank you!
Vassilis Koutkias, PhD
Institute of Applied Biosciences, Centre for Research & Technology Hellas,
Thessaloniki, GREECE, [email protected]
More information: http://www.konfido-project.eu/