TClouds No. 257243Trustworthy Clouds - Privacy and Resilience for Internet-scale Critical Infrastructure

The Trustworthy Healthcare Information Management

Platform

Outline The Trustworthy Healthcare Information

Management Platform– Description of the Healthcare platform– Built on top of TClouds

Background– State of the art in clouds solutions– TClouds solution

• Brief description of cloud issues addressed

The Trustworthy Healthcare Information Management Platform– Description of the Healthcare platform– Built on top of TClouds

Background– State of the art in clouds solutions– TClouds solution

• Brief description of cloud issues addressed

Outline

Trustworthy Healthcare Platform

It is a system that runs 24/7 over the InternetWhat is it – health platform

Trustworthy Healthcare Platform

It is a system that runs 24/7 over the Internet PCs, smartphones and devices can connect to it and exchange

health information

What is it – health platform

Trustworthy Healthcare Platform

Usages– Users and patients can use it for

• Manage a condition

What is it – health platform

Trustworthy Healthcare Platform

Usages– Users and patients can use it for

• Manage a condition• Take charge of your fitness and general health

What is it – health platform

Trustworthy Healthcare Platform

Usages– Users and patients can use it for

• Manage a condition• Take charge of your fitness and general health• Take care of family members or dear friends

What is it – health platform

Trustworthy Healthcare Platform

What is it – health platform Storing data

– By using the health platform users have acess all their health records in one single place.

Trustworthy Healthcare Platform

Storing data– By using the health platform users have acess all their health records

in one single place.

That is,data can be generated either

by hospitals or directly by users.

Everything goes in the sameplace under users’ control

What is it – health platform

Trustworthy Healthcare Platform

Applications and devices– Data can be easily uploaded into the platform in various ways through

the use of specific applications and devices.

What is it – health platform

Trustworthy Healthcare Platform

Applications and devices– There are application for any needs

• Some give the ability to analyze user data• Some allow to make cross check among different sources• Some allow doctor to save/get important clinical records related to other users• …

– Threre are devices for any needs• To monitor blood pressure• To records running time• To track weight• …

What is it – health platform

Sharing data– Users are in total control of their data.– Users can decide to share their health information to anyone they choose,

whenever they like• Their doctor• A family member• A dear friend• The personal trainer

What is it – health platform

Trustworthy Healthcare Platform

Sharing data & security– Sharing can be done throught specific privacy policies– Allows users a fine grinded control of their health information

What is it – health platform

Trustworthy Healthcare Platform

Sharing data & security– Users can also Audit their dataset– Users have the ability to know who has accessed to their health information,

when and why– Providing to users all the tools they need to promptly take the right counter-

reaction in case of abuse of their data usage.

What is it – health platform

Trustworthy Healthcare Platform

The Trustworthy Healthcare Information Management Platform– Description of the Healthcare platform– Built on top of TClouds

Background– State of the art in clouds solutions– TClouds solution

• Brief description of cloud issues addressed

Outline

PHR

EHRUsers & policies

Sharing Privacy Policy layer

Social Layer

AccountManagement

InterfaceHealth devices

Mobile/web/Desktop health

apps

Secure connection

API - App connector

What is it – health platform Developers API and tools

– Developers can access to user data through an easy-to-use REST interface

– All data in transit is encrypted– Applications needs to be properly registered into the platform in order

to work– Users needs to provide access privacy policy to the apps they want to

use

Trustworthy Healthcare Platform

Security– It is built on top of TClouds technology that makes it extremely

difficult to an attacker to sabotage the Healthcare Platform

What is it – health platform

Trustworthy Healthcare Platform

Security– It is built on top of TClouds technology that makes it extremely

difficult to an attacker to sabotage the Healthcare Platform• And even if in an unfortunate event, the attacker reaches the data. It is

unrecognizable since decryption keys are not stored within the platform itself

è@#ù+*+]=ed34rcw4353*???

What is it – health platform

Trustworthy Healthcare Platform

Security– It is built on top of TClouds technology that makes it extremely

difficult to an attacker to sabotage the Healthcare Platform• And even if in an unfortunate event, the attacker reaches the data. It is

unrecognizable since decryption keys are not stored within the platform itself

è@#ù+*+]=ed34rcw4353*???

Security is brought to an extra level and givesall the safety you need to store all your healthinformation.

What is it – health platform

The Trustworthy Healthcare Information Management Platform– Description of the Healthcare platform– Built on top of TClouds

Background– State of the art in clouds solutions– TClouds solution

• Brief description of cloud issues addressed

Outline

You are probably familiar with many commodity clouds such as

Many companies are attracted to move to the cloud because– appealing business model (Pay Per Use)– Reduced set-up and maintenance costs– Reduced in-house IT resources– Increase flexibility– …

BUT….

How about trust?– This is the main friction that slow down cloud adoption– People is scared to move to the cloud

• Fear to lose access their data– Introduce isolation failure– Potential increase of insider fraud (because you are not responsible to

recruit the IT people– Perceived less resiliancy of systems

• Fear to lose control of data– Permanent deletion policies– Potential reduction of governance– Potential lack of compliances (eg. HIPAA)– Lack of accountability– Lack of transparency– Lack of data protection (eg: encryption, key mgt, data value concentration,

data isolation in a shared environment)

• Fear of vendor lock-in

The Trustworthy Healthcare Information Management Platform– Description of the Healthcare platform– Built on top of TClouds

Background– State of the art in clouds solutions– TClouds solution

• Brief description of cloud issues addressed

Outline

The TClouds solution Uses techniques that allows reduction of

data loss– In terms of

• Reduction of isolation failures: Virtual Machines that share the same HW cannot access each other’s data.

– Data is encryted and keys are not in the same host– VMs are logically divided at hipervisor level throught Trusted

Virtual Domains techniques– VMs are deployed with a user requirements file that allows to

choose whether share the HW with certain companies or not (eg. Philips’ VMs can run on HW different from the one used by IBM and vice-versa)

• Reduction of insider fraud: an internal attacker experiences bad days discovering that everything is encrpted (even running VMs)

• Increase of resiliency of the system– Aims to guarantee 100% uptime at Terms of Service level

Uses techniques that allows to increase data control– In terms of

• Data governance: – Data is always encrypted and keys are stored in different locations– Data is stored in such a way that even in case of steal it is not possible

to get all the entire data but only a scrumbled portion of it.– Malicious insider can’t outage the system at hipervisor level

• Easier control and assessment of compliances by Cloud owner

– Easier for VM owner to impose high-level requirement such as standard compliances (eg: HIPAA/ISO)

• More transparency– Logging is built in into the hipervisor and log events are tightly coupled

among them to invalidate any attempt to remove the attacker footsteps.

• High standard of data protection– Encryption is done either to stored data and to running Virtual

Machines. – Encryption keys are stored in separate locations– Reduction of data value concentration per Hardware resource– High data isolation at hipervisor level in a shared hardware

The TClouds solution

Uses techniques that decreases vendor lock-in– TClouds is based on Open Source technologies– Cloud owner can provide cancellation data and

return service

The TClouds solution

THANKS FOR YOUR ATTENTION

For more information please contact:abitabile.marco@hsr.it

TClouds No. 257243Trustworthy Clouds - Privacy and Resilience for Internet-scale Critical Infrastructure 02/05/2023 29

TClouds No. 257243Trustworthy Clouds - Privacy and Resilience for Internet-scale Critical Infrastructure 02/05/2023 30

TClouds EC CONTRACT N0: 257243

"The TClouds project has received funding from the European Union's Seventh Framework Programme ([FP7/2007-2013])

under grant agreement number ICT-257243.”

If you need further information, please contact the coordinator:

Technikon Forschungs- und Planungsgesellschaft mbHBurgplatz 3a, 9500 Villach, AUSTRIA

Tel: +43 4242 233 55 Fax: +43 4242 233 55 77E-Mail: coordination@tclouds-project.eu

The information in this document is provided “as is”, and no guarantee or warranty is given that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and

liability.