Newsletter Issue 02, February 2018 - KONFIDO Project

Secure and Trusted Paradigm for Interoperable eHealth

Newsletter

Issue 02, February 2018

Welcome to the second issue of the KONFIDO Newsletter, which presents the current news, results and the next steps of the project.

In this issue You can subscribe to the KONFIDO Newsletter on our website, where it is also available for download.

Connect with us on social media

This project has received funding from the European Union’s Horizon 2020 Framework Programme for Research and Innovation under grant agreement no 727528.

✓

Key KONFIDO Technologies

✓

News & Events

✓

WP3 - User Requirements Analysis: Key Outcomes

✓

WP4 - System Requirements and Overall Design: Progress Update

✓

WP5 - Security mechanisms detailed design for trusted data exchange and storage: Progress Update

✓

Interview with WP3 Leader, Vassilis Koutkias

✓

Interview with WP4 Leader, Luigi Coppolino

✓

Special Issue Announcement

Secure and Trusted Paradigm for Interoperable eHealth Services

Newsletter 02 , February 2018

Key Technologies KONFIDO is organized in four sequential phases, namely, ‘User requirements analysis‘; ‘Design’; ‘Technology development’; and ‘Integration, testing and validation’ (Figure 1). A short description of the KONFIDO technology is listed below.

SIEM Solution

Figure 1: KONFIDO’s four phases

COTS CPU technology Within KONFIDO, secure CPU hardware will be used to create security enclaves where decrypted data are still secured despite any possible intrusion at the processing node. Solutions such as the SGX Intel extensions, enable the creation of a secure tunnel between the federated domains, thus providing additional security during data transfers. The OpenNCP reference implementation can be enhanced by exploiting the SGX Intel extensions to support both remote attestation of the destination endpoint and secure data transfer that remains encrypted.

Physical Unclonable Functions (PUFs) In KONFIDO, low cost photonic physical unclonable functions (PUFs) will be developed from off-the-shelf optical components like low-cost laser sources, LCD arrays etc., aiming at the generation of robust and small footprint photonic hardware key generators with superior unclonability and unpredictability performance relative to conventional hardware/software key generators. The TRL level of such schemes is pushed towards industrial maturity by addressing robust operation under various handling conditions. The integration of photonic PUF generators with conventional authentication mechanisms (RF-IDs) and homomorphic encryption is anticipated to strengthen the overall security and data integrity.

Secure identification KONFIDO addresses the issue of unauthorized access to healthcare data in a holistic manner and will ensure secure identification of patients and healthcare professionals. As far as cross-border identification is concerned, KONFIDO will take into account the guidelines currently developed in the context of the eHealth Network in order to ensure the project’s readiness to maximize return.

A Security Information and Event Management System (SIEM) is a solution able to analyze information and events collected at different levels of the monitored system to discover possible ongoing attacks or anomalous situations. The KONFIDO SIEM system will support a distributed analysis of large volumes of data in order to deal with the federated deployment characteristic of OpenNCP compliant scenarios. Techniques developed in the framework of previous European projects, tackling high heterogeneity of data, anomaly detection and visual analytics will be will be utilized, extended and adapted to the needs of the healthcare domain.

Homomorphic Encryption Homomorphic encryption (HE) is a recent cryptographic method that allows direct computation on encrypted data, eliminating the need to decrypt it. KONFIDO will deploy a dual-purpose homomorphic encryption mechanism (HEM) which, combined with more lightweight symmetric encryption schemes, will reinforce security levels at both runtime (data transmission/exchange and processing) and rest mode (data storage) throughout the lifecycle of citizens’ healthcare data. Research work will be focused on lowering the required computational power so that processing of sensitive data can be outsourced in a trusted and secure manner. Finally, KONFIDO’s photonic key-generator device will be applied to establish the HE keys.

Blockchain Blockchain is a cloud-based transaction ledger, with distributed records across the networks of all participants. In KONFIDO, each log entry will be stored in at least two different log systems: one in the country of operation and one in the country of origin. Critical operations for the entire KONFIDO system could be recorded by many of the National Contact Point (NCP) log systems. This allows each NCP to keep a complete and coherent view of what is happening. If one or more blocks are deleted, the confrontation between the hashes of the newly formed blocks and those recorded by the other log systems will result in a mismatch. As new blocks are periodically produced by the log systems, the window of opportunity for an attacker to tamper with the data is drastically reduced.


Page 2



News & Events 1/2 The KONFIDO End-user Survey

KONFIDO 2nd End-user Workshop

Our End-user survey focusing on patients/citizens was conducted during November, 2017. Aiming at the widest possible participation, KONFIDO followed a social media campaign and contacted several patient associations and groups across Europe. More than 400 responses were collected.

The 2nd End-user workshop was held on October 20, in Athens, in the context of the eHealth Forum and the Digital Health Conference. KONFIDO partners presented key aspects of the project and had lively and fruitful discussions with the participants of the event.

KONFIDO 2nd Plenary Meeting The plenary meeting was held on October 2-4, 2017, in Procida, Italy. The partners presented their progress, got up to date with the project's status and discussed the future planning with major emphasis on the system architecture and its implementation. Upcoming events were also discussed .

In conjunction with the 2nd plenary meeting, KONFIDO celebrated its 1st Advisory Board and Ethics Review Committee meeting, which provided useful feedback on a broad spectrum of the project activities.


Page 3



News & Events 2/2 KONFIDO Presentations at ISSE17 and TRUSTECH2017

KONFIDO Presentations at ICBHI 2017

KONFIDO was presented by partner Bit4id at two important events. The Information Security Solutions Europe-EEMA annual independent security Conference that was held in Belgium, November 14-15, 2017, and at TRUSTECH, which was held in Cannes, France, November 28-30, 2017.

The latest outcomes of WP3 (“User Requirements Analysis”) were presented by CERTH-INAB in the International Conference on Biomedical and Health Informatics (ICBHI 2017), which was held in Thessaloniki, Greece, November 18-21, 2017.

KONFIDO Presentation at the H2020 Clustering Workshop KONFIDO was presented by EULAMBIA in the H2020 Project Clustering Workshop organised by the ReCRED project, which was held in January 31, 2018, Athens, Greece.

The Workshop aimed to establish tight connections among H2020 projects relevant with the fields of privacy and security and attracted 25 H2020 projects. The agenda of the Workshop along with the projects that participated is available here.

KONFIDO listed on cyberwatching.eu KONFIDO became recently part of the European observatory of research and innovation in the field of cybersecurity and privacy (cyberwatching.eu) ecosystem. The project is listed on the R&I service catalogue.

Upcoming Events ✓ 3rd KONFIDO Plenary Meeting: to be held in

London, February 27-28, 2018, and hosted by ICL. ✓ ISCIS Security Workshop: to be held in London,

February 26, 2018, organized by ICL. KONFIDO partners will present various aspects of the project progress.


Page 4



WP3 – User Requirements Analysis Key Outcomes (1/2) WP3 carried out its activities throughout the first year of the project. An iterative process was employed where the outcomes of the WP3 tasks were combined for the definition of the KONFIDO design goals (Figure 2). First, WP3 conducted a gap analysis study for interoperable and secure solutions at the systemic level by reviewing and mapping relevant technical and legal frameworks as well as ethical and social norms at the European level with a major focus on the KONFIDO pilot-site countries (i.e. Denmark, Italy and Spain). Figure 2: Task 3.3 methodology rationale

WP3 then defined and analysed user scenarios with major emphasis on cross-border health data exchange (Figure 3) and, based on these, it conducted a user requirements elicitation phase starting from the definition of the underlying business processes and proceeding to the identification of threats, assets and, ultimately, high-level user goals (Figure 4). Pursuing intense interaction with the wider healthcare community, in order to validate the methods and the outcomes of our approach, WP3 concluded with the identification of barriers and facilitators for eHealth acceptance linked with cybersecurity. For this purpose, a survey involving all possible relevant stakeholders, i.e. HCPs, staff at healthcare IT departments, industrial healthcare IT stakeholders and patients/citizens) as well as two Workshops took place. As part of the user requirements elicitation phase, seven key business processes were identified based on the two pilot scenarios. The threat analysis generated the index of threats and assets to be protected. Other information sources, such as the outcomes from relevant EU projects and initiatives were

Figure 3: Flowchart for the second KONFIDO scenario

Figure 4: Example of a goal elicitation (Goal 4) following the KONFIDO methodology rationale

WP3 Publications P. Natsiavas, C. Kakalou, K. Votis, D. Tzovaras, N. Maglaveras, I. Komnios and V. Koutkias (2018) Identification of Barriers and Facilitators for eHealth Acceptance: The KONFIDO Study. In: Precision Medicine Powered by pHealth and Connected Health. IFMBE Proceedings, vol 66. Springer, Singapore. J. Rasmussen, P. Natsiavas, K. Votis, K. Moschou, P. Campegiani, L. Coppolino, I. Cano, D. Marí, G. Faiella, O. Stan, O. Abdelrahman, M. Nalin, I. Baroni, M. Voss-Knude, V.A. Vella, E. Grivas, C. Mesaritakis, J. Dumortier, J. Petersen, D. Tzovaras, L. Romano, I. Komnios and V. Koutkias (2018) Gap Analysis for Information Security in Interoperable Solutions at a Systemic Level: The KONFIDO Approach. In: Precision Medicine Powered by pHealth and Connected Health. IFMBE Proceedings, vol 66. Springer, Singapore. P. Natsiavas, C. Kakalou, K. Votis, D. Tzovaras, N. Maglaveras and V. Koutkias (2018) User Requirements Elicitation Towards a Secure and Interoperable Solution for Health Data Exchange. In: Proceedings of the 2018 ISCIS Security Workshop, Imperial College London. Springer.


Page 5



WP3 – User Requirements Analysis Key Outcomes (2/2) Further analysis was conducted on the produced results, linking the yielded goals with their respective information sources, perceived threats and related business processes (Figure 5). The user goals identified were ranked in terms of their significance and, while they may not all be applicable in the current scope of the KONFIDO project, they provide useful insight and valuable input in the design processes undertaken in WP4. The main focus of the second part of the KONFIDO End-user survey was the identification of the patients’/citizens’ concerns and awareness about sharing their health data (Figures 6 and 8). The key facilitators identified by the participants were the need for aligning legislation among EU members, the demand for better control of eHealth data from private companies as well as a flexible and comprehensive consent process (see Figure 9). The majority of the participants expressed a desire to be better informed and therefore more confident handling their personal/health data (see Figure 7).

Figure 5: Goals linked to their information sources, threats and business processes

Figure 6: Answers to question “Q30: Please rank the following barriers, hindering acceptance of cross-border health data exchange”.

Figure 7: Answers to question “Q28: Regarding legislation, please rank the most important things to be improved regarding cross-

Figure 8: Answers to question “Q21: Would you use a European

border health data exchange”.

Union ID card to facilitate cross-border medical data exchange?”

Figure 9: Perceived barriers and facilitators of eHealth acceptance in the scope of the 2nd End-user Workshop and the 2nd part of the End-user survey


Page 6



WP4 – System Requirements and Overall Design Progress Update The definition of the KONFDO architecture was based on the requirements specified in the deliverables of WP3 and consists of a modular architecture aiming at addressing the ultimate goal of increasing trust and security of eHealth data exchange. The KONFIDO solution is structured as a toolbox composed of different services and tools, which can be combined in order to address a wide range of possible eHealth scenarios and to solve many vulnerabilities in the exchange and processing of health data (Figure 10). Figure 10: KONFIDO Toolbox

The KONFIDO deployment architecture and distribution depends on many aspects; examples of these are the scenario under analysis and the vulnerability assessment of the software involved in the scenario. Considering the OpenNCP scenario and the relative vulnerability assessment, the deployment architecture and distribution of the KONFIDO toolbox is presented in Figure 11.

Figure 11: KONFIDO deployment architecture

WP4 provided detailed system requirements and technical specifications for the KONFIDO system and its components, based on input taken from the DoA, WP3 Deliverables, the End-user workshops as well as input from several informal discussions within the Consortium. It covers general functional, non-functional and system requirements per component. End-user requirements are emphasized to ensure that the development work results in solutions that address real world problems and challenges.

WP4 Publications M. Staffa, L. Coppolino, L. Sgaglione, E. Gelenbe, I. Komnios, E. Grivas, O. Stan and L. Castaldo (2018) KONFIDO: An OpenNCP-based Secure eHealth Data Exchange System. In: Proceedings of the 2018 ISCIS Security Workshop, Imperial College London. Springer. L. Coppolino, S. D’Antonio, L. Romano, L. Sgaglione and M. Staffa (2017) Addressing Security Issues in the eHeatlh Domain Relying on SIEM Solutions. In: Proceedings of the 41st IEEE Annual Computer Software and Applications Conference COMPSAC 2017. R. Martino, S. D’Antonio, L. Coppolino and L. Romano (2017) Security in Cross - Border Medical Data Interchange: A Technical Analysis and a Discussion of Possible Improvements. In: Proceedings of the 41st IEEE Annual Computer Software and Applications Conference COMPSAC 2017.


Page 7



WP5 - Security mechanisms detailed design for trusted data exchange and storage Progress Update (1/2) In the last six months, WP5 produced 7 deliverables, which are briefly described below: D5.1 described an approach to enhance OpenNCP security features with secure CPU hardware, and in particular with the new extension of Intel’s CPU, namely, Software Guard Extension (SGX).

Figure 12: Schematic presenting the operational principal of a typical optical PUF

D5.3 presented a novel approach towards the development of a photonic physical unclonable function (p-PUF) that provides irreversible and unpredictable responses through a non-replicable random physical mechanism (Figure 12). In KONFIDO, PUF modules that combine high entropy and robust operation will be developed and employed as true random number generators, feeding key generation modules, and potentially as challengeresponse providers for ultra-secure authentication schemes. D5.5 was devoted to the design of a generic interface for different homomorphic cryptosystems which will be integrated in the new version of Cingulata crypto-compiler. (This will allow to evaluate the most recent FHE schemes and select the most appropriate one for implementing KONFIDO pilots.)

Figure 13: Modular view of the FHE environment

D5.7 described the first elements of design for an updated version of Cingulata compiler for homomorphic-based applications as part of KONFIDO toolbox of security solutions for eHealth data (Figure 13). The aim is to conceive an extension of the current crypto-compiler and Run-Time Execution Environment providing support for a more efficient and flexible execution of applications on homomorphic encrypted data. D5.9 described an interoperability interface for the connection of homomorphic encrypted data with OpenNCP.


Page 8



WP5 - Security mechanisms detailed design for trusted data exchange and storage Progress Update (2/2) D5.11 presented the design of the KONFIDO Security Information and Event Management (SIEM) solution. The KONFIDO SIEM will extend and customize existing SIEM solutions based on the specific requirements of a federated environment compliant to the OpenNCP model. It will be able to analyse information and events collected using a holistic approach at the different levels of the Figure 14: SIEM components monitored system to discover possible ongoing attacks, or anomalous situations (see Figure 14). D5.15 documented the provision of eIDAS authentication for OpenNCP to deliver the KONFIDO pilots in Denmark, Italy, and Spain. None of these countries has implemented a fully functional eIDAS Node and, as such, in order to successfully conduct the pilots, KONFIDO will implement an eIDAS Node that will manage at least one eID for each one of the piloting countries. Also, OpenNCP has to be changed in order to act as a Service Provider, i.e. the online service that requires the eIDAS Node to do an eIDAS compliant authentication mechanism and, upon receiving the result of the authentication, it will authenticate the user and allow him/her to access privileged resources on the system.

WP5 Publications M. Akriotou, C. Mesaritakis, E. Grivas, C. Chaintoutis, A. Fragkos, D. Syvridis (2018) Random number generation from a secure photonic physical unclonable hardware module. In: Proceedings of the 2018 ISCIS Security Workshop, Imperial College London. Springer. S. Carpov, S. Aubry and R. Sirdey (2017) A multi-start heuristic for multiplicative depth minimization of boolean circuits. In: Proceedings of the 28th International Workshop on Combinatorial Algorithms. Cingulata (open-source code repository and wiki): https://github.com/CEA-LIST/Cingulata. (2017)


Page 9



Interview with WP3 Leader, Vassilis Koutkias (CERTH) Researcher Vassilis Koutkias, with the Institute of Applied Biosciences at the Centre for Research & Technology Hellas (CERTH) and KONFIDO WP3 Leader provides an overview of WP3, which was devoted to the “user requirements analysis” of the project.

What was the overall approach of WP3? WP3 aimed to provide the foundations for designing a secure and interoperable toolkit capable of fostering cross-border health data exchange within the European Union (EU). Current technical efforts inadequately address interoperability and useracceptance, resulting in limited impact. To this end, first, WP3 conducted a gap analysis study for interoperable and secure solutions at the systemic level by reviewing and mapping relevant technical and legal frameworks as well as ethical and social norms at the EU level with a major focus on the KONFIDO pilot-site countries (Denmark, Italy and Spain). WP3 then defined and analyzed user scenarios with major emphasis on cross-border health data exchange and, subsequently, conducted a user requirements elicitation phase starting from the definition of the underlying business processes and proceeding to the identification of threats, assets and, ultimately, high-level user goals. Equally important, seeking for intense interaction with the wider eHealth ecosystem, WP3 also pursued the identification of barriers and facilitators for eHealth acceptance linked with cybersecurity. For this purpose, a pan-European survey involving all possible relevant stakeholders, i.e. healthcare professionals, staff at Health Information Technologies (HIT) departments, industrial HIT stakeholders and patients/citizens, as well as two Workshops took place, which also validated the methods and the outcomes of our approach.

WP3 concluded its activities recently. What were the key outcomes? Indeed, WP3 carried out its activities throughout the first year of the project. Among various findings, I could summarize the following: According to the gap analysis outcomes, full adherence with information security standards is currently not universally met. In view of the rapid pace of cybersecurity technologies, sustainability plans shall be defined for adapting existing/evolving frameworks to the state-of-the-art. Overall, lack of integration towards a holistic security approach was clearly identified. For each user scenario considered in the project, our analysis concluded with a comprehensive workflow, highlighting challenges and open issues for their application in our pilot studies. The threat analysis resulted in a set of 30 user goals in total, which were documented in detail. Finally, indicative barriers of HIT acceptance include lack of awareness regarding HIT risks and legislations, lack of a security-oriented culture, and management commitment, as well as usability constraints, while important facilitators concern the adoption of standards and the current efforts toward a common EU legislation framework.

What were the biggest challenges that you faced in the scope of WP3 work? KONFIDO is a very ambitious, multidisciplinary project. WP3 had to move fast to identify the underlying challenges, and provide useful input for the design of the KONFIDO solution. Apparently, this solution shall not rely only on technological foundations/advancements, but also on organizational, legal and human aspects. The required multidisciplinarity was addressed through the remarkable collaboration of the entire Consortium, which illustrated - from the very beginning - a strong commitment to WP3 and the project goals at large.

What is the foreseen impact of WP3 outcomes? WP3 enabled us to define a comprehensive set of user requirements, a set of barriers and facilitators for HIT acceptance and, ultimately, a set of recommendations for the KONFIDO technical design (WP4). We argue that our results provide important insights to address secure and interoperable health data exchange, while our methodological framework constitutes an applicable paradigm that can be reused for investigating other kinds of cybersecurity-related risks in the health sector. Thus, we strongly believe that these outcomes are important not only for KONFIDO, but for comprehending cybersecurity issues in health in general and developing useful and acceptable technical solutions (for both patients/citizens and healthcare providers). This project has received funding from the European Union’s Horizon 2020 Framework Programme for Research and Innovation under grant agreement no 727528.

Page 10



Interview with WP4 Leader, Luigi Coppolino (CINI) Associate Professor Luigi Coppolino with the Department of Engineering, University of Naples “Parthenope”, Italy and KONFIDO WP4 Leader provides an overview of WP4, which is devoted to the “system requirements and overall design” aspects of the project.

What are the primary goals of WP4? WP4 aims at providing a systemic view of the KONFIDO solution. Since its inception, KONFIDO was formulated as a use-case driven project and this is especially evident in the WP4 structure. Indeed, the “privacy-preserving” solution designed in KONFIDO is being defined based on the requirements imposed by the use cases analysis, which was recently concluded by WP3. In WP4, we are translating these requirements to system-level specifications and thoroughly designing a solution based on the appropriate adoption of existing technological artifacts and on the development of novel technical approaches. This work requires a detailed and comprehensive analysis of workflows, in order to specify in detail the interactions among the technical components with a major focus on the needs of the KONFIDO end-users.

What is the overall approach followed by WP4? One of the biggest concerns related to a cross-border, privacy-preserving, ehealth data exchange solution comes from the extreme heterogeneity of interacting infrastructures. This is not simply a technology problem. In fact the main issue arises from the heterogeneity and the complexity in terms of regulations, procedures, and overall organization in the healthcare sector. To cope with this major challenge, very early, i.e. from the KONFIDO kick-off meeting, our Consortium agreed to elaborate on a toolbox organization for KONFIDO, which is going to provide a kind of “Swiss army knife” for cross-border ehealth data exchange. More specifically, KONFIDO will provide a set of security tools, which will be selected and customized for specific deployments in the KONFIDO pilot studies. Our Consortium will thus demonstrate the use of the KONFIDO toolkit solution with respect to two main realistic scenarios deployed in three different European countries, namely, Denmark, Italy and Spain.

What are the current outcomes of WP4? The KONFIDO development cycle was conceived as an iterative, spiral model. This means that the overall development of the KONFIDO toolkit will progress by continuously refining requirements, component interfaces and the overall architectural design. Currently, a first version for all such outputs has already been released. The architectural design was particularly challenging, given the choice to elaborate on a “toolbox solution”. It was thus decided to initially focus on a KONFIDO deployment able to further secure a cross-border data exchange scenario based on the widely adopted – though still evolving – OpenNCP framework.

Do you see any risks in fulfilling the WP4 goals? I feel that we are doing a great job, as a Consortium, working side-by-side and coping together with critical decisions and situations. Thanks to the strong collaboration and commitment from all partners, I believe that any issue should arise will be promptly and properly tackled. Thus, I would say that I am not worried about fulfilling WP4 goals. The next steps of the project concern our first implementation phase (as part of WP6) and we are all keen in our Consortium to see our designs being implemented and then validated in the project pilot studies (as part of WP7).


Page 11



Special Issue Announcement KONFIDO and the SHiELD H2020 project co-organize a Special Issue on Security and Privacy in Cloud-based Systems in the IET Software journal.


Page 12


KONFIDO Consortium 15 partners from 7 countries

Want to find out more about KONFIDO? Visit our website at konfido-project.eu Sign up for the KONFIDO newsletter Connect with us on social media:

Contact Info Ioannis Komnios KONFIDO Project Coordinator

[email protected]


Page 13