Skip to main content

Advanced Secure Cloud Encrypted Platform for Internationally Orchestrated Solutions in Healthcare

Periodic Reporting for period 1 - ASCLEPIOS (Advanced Secure Cloud Encrypted Platform for Internationally Orchestrated Solutions in Healthcare)

Reporting period: 2018-12-01 to 2020-05-31

Challenges. The ASCLEPIOS proposal identified three key cybersecurity challenges . (1) Many of the existing cybersecurity approaches fail to protect users’ data against attacks that originate from inside and/or external adversaries. (2) Healthcare and medical practitioners and researchers want to analyse healthcare and medical data while preserving privacy and providing security. (3) New generation of healthcare and medical devices is emerging in which some hardware components are replaced by software; users cannot attest trustworthiness of these devices and must rely on the assurances of device vendors, operators, and maintainers.

Objectives. The vision of ASCLEPIOS is to maximize and fortify the trust of users on cloud-based Healthcare services by developing mechanisms to protect sensitive corporate and personal data. The project is addressing the above listed key challenges as objectives. (1) Creating cybersecurity solutions based on Searchable Symmetric Encryption (SSE) and Attribute Based Encryption (ABE) to prevent unauthorized access to data stored in both local and remote storages because data is placed on storages in an unencrypted form or encrypted with a key that is known to others than the data owners, its privacy and security cannot be guaranteed anymore. (2) Elaborating a novel solution which enables users in the Healthcare sector to run Functional Encryption (FE) enabled statistics on healthcare and medical data in a privacy-preserving and secure way. (3) Developing new attestation protocols to check trustworthiness of healthcare and medical devices.

To achieve these objectives the project is developing the ASCLEPIOS framework that integrates cyber services based ABE, SSE and FE schemes and medical device attestation. To showcase the ASCLEPIOS achievements the project is implementing three near production level demonstrators, provided by ASCLEPIOS Healthcare partners involving leading European hospitals: acute stroke response, sleep disorder and antibiotics prescription demonstrator.
Work performed. ASCLEPIOS collected and analysed the user and technical requirements focusing on privacy and security requirements of the Healthcare sector. Having these requirements first, the project partners developed the ASCLEPIOS reference architecture. Next, they elaborated the ASCLEPIOS services based on a new SSE scheme, on the ABE scheme extended with a new revocation mechanism, on the new FE-enabled analytics and on the new attestation protocols for healthcare and medical devices. Further, the project partners elaborated the technical architecture of the ASCLEPIOS framework and started to integrate the ASCLEPIOS service to create this framework. They set up the ASCLEPIOS testbed to support customization and development of the ASCLEPIOS demonstrators. Having the testbed, the demonstrator owners in cooperation with the technology provider partners created early prototypes of the demonstrator applications. These activities were supplemented with a wide range of dissemination activities.
Progress beyond the state of art. The ASCLEPIOS services, based on cutting edge research, created new knowledge. The new SSE scheme defines how different entities can and should communicate with each other to provide protection against malicious adversaries. The data owners can use the extended ABE scheme to encrypt the symmetric key with which the sensitive medical data have been encrypted. The FE-enabled analytics supports authorized users to analyze encrypted data in a privacy preserving way. The new attestation protocol verifies integrity of devices and services in Trusted Execution Environments (TEE) checking correctness, for example the authenticity and integrity of an application, service. These services improve security and increase the way how privacy is preserved in the Healthcare sector.