Periodic Reporting for period 1 - PAROMA-MED (Privacy Aware and Privacy Preserving Distributed and Robust Machine Learning for Medical Applications)
Reporting period: 2022-07-01 to 2023-12-31
The overall objective of the action is to develop, validate and evaluate a platform-based (edge-central cloud) delivery framework for privacy and security assured services and applications in federative cross-border environments. The project work towards achieving this overall objective has been performed in the following way as it is documented in the indicated deliverables.
To this purpose, the project will develop new architectures, technologies, tools and services to support:
automatic attestation of federation partners;
privacy- and security – by-design, integrating standard compliance and performance / QoS requirements into a policy framework;
consumers with their rights for opt-in / opt-out consent, portability and right to be forgotten requests, as well as transparency in access to their private-data;
federative Identity and Access Management, based on Zero Trust principles, continuous risk assessment and on confidentiality, integrity and authenticity insurance;
privacy-preserving and trusted data – storage and – processing in federative environments;
flexible and secure access over the Internet to private-data and service resources;
AI / ML by-design, integrating platform services to be used by application developers for data-intensive applications;
Zero Touch deployment and automatic life-cycle management of services and applications;
managed Privacy and Security operations for automated policy enforcement and cyber-threat detection and mitigation
To this purpose, the project will develop new architectures, technologies, tools and services to support:
automatic attestation of federation partners;
privacy- and security – by-design, integrating standard compliance and performance / QoS requirements into a policy framework;
consumers with their rights for opt-in / opt-out consent, portability and right to be forgotten requests, as well as transparency in access to their private-data;
federative Identity and Access Management, based on Zero Trust principles, continuous risk assessment and on confidentiality, integrity and authenticity insurance;
privacy-preserving and trusted data – storage and – processing in federative environments;
flexible and secure access over the Internet to private-data and service resources;
AI / ML by-design, integrating platform services to be used by application developers for data-intensive applications;
Zero Touch deployment and automatic life-cycle management of services and applications;
managed Privacy and Security operations for automated policy enforcement and cyber-threat detection and mitigation
Initially, a representative use case was developed with the relevant stakeholders to set the project's overarching goal for integrated demonstration, considering the healthcare specifics. This use case encompasses scenarios involving cross-border interactions and introduces data ownership schemes addressing privacy and data value protection. PAROMA-MED outlined extensive functional and non-functional requirements, recognizing federated ecosystems as integral to the data economy. Furthermore, early-stage analysis of federated machine learning was conducted to support the project's overarching ambition.
Following the definition of requirements and use cases the project embarked on defining functional components and enablers necessary to support use case scenarios. Concepts were proposed and a high-level architecture of the platform has been defined, taking into account the need for early evaluation and validation. Privacy and security frameworks were identified against which project outcomes would be cross-checked to ensure adequate evidence of protection.
PAROMA-MED conducted a deeper analysis of security and privacy frameworks, defining measurable indices for calculating project KPIs.
Concurrently, PAROMA-MED finalised a set of enabling technologies to support cross-border federative practices. Identity Management, based on Zero Trust principles aligned with federated identity management.
A holistic approach was taken to address the data layer of the project platform, focusing on database interactions, data lifecycle management, and traceability and protection mechanisms. The networking level of the project platform was strengthened with the production of the first version of the interconnection prototype, emphasizing strong network mechanisms to ensure maximum protection.
Lastly, use case details were gradually analyzed and tested within a common testbed environment resembling a federation topology, with integration of relevant artifacts underway.
Following the definition of requirements and use cases the project embarked on defining functional components and enablers necessary to support use case scenarios. Concepts were proposed and a high-level architecture of the platform has been defined, taking into account the need for early evaluation and validation. Privacy and security frameworks were identified against which project outcomes would be cross-checked to ensure adequate evidence of protection.
PAROMA-MED conducted a deeper analysis of security and privacy frameworks, defining measurable indices for calculating project KPIs.
Concurrently, PAROMA-MED finalised a set of enabling technologies to support cross-border federative practices. Identity Management, based on Zero Trust principles aligned with federated identity management.
A holistic approach was taken to address the data layer of the project platform, focusing on database interactions, data lifecycle management, and traceability and protection mechanisms. The networking level of the project platform was strengthened with the production of the first version of the interconnection prototype, emphasizing strong network mechanisms to ensure maximum protection.
Lastly, use case details were gradually analyzed and tested within a common testbed environment resembling a federation topology, with integration of relevant artifacts underway.