Data-protection toolkit reducing risks in hospitals and care centers

ProTego is a data protection toolkit specifically designed for hospitals and care centers, because in those environments there are many actors that either produce or consume very sensitive data. That information has a very high price in the black market and is a primary target of cybercriminals. Thus ProTego provides an integrated toolkit to assess risk, to monitor risk, and to reduce risk. Risk assessment and monitoring tools work seamlessly to recalculate risk levels dynamically based on vulnerabilities found. In a similar way risk is reduced by using tools that protect data in all its stages: data at rest, data in transit, and data in use. Last but not least, ProTego also includes an educational framework for all stakeholders.

The main objectives are:
- Holistic approach to protect data from EHR against cyber risks generated by remote devices access, agnostic to health care IT infrastructure
- Improve situational awareness during an attack
- Protect sensitive data inside the hospital infrastructure and at the boundary between hospitals and BYOD/IoT domains
- Cybersecurity solutions for ePHI protection released as integrated toolkit
- Provision of an Educational framework: Methodologies and protocols for the correct usage of cyber-security tools, for attacks prevention and reaction to be used by health sector staff (IT and physicians) and patients
- Validate in scenarios involving emerging technologies in health care informatics: IoT and BYOD

Define project mission, objectives, and user’s needs. Identify stakeholders user roles. Describe Use Cases. Provide Real-life Situations. Describe Cases Studies with their applications later integrated with the toolkit. Conduct extensive study to define toolkit evaluation metrics, both from a functional and a qualitative standpoint.

Support of connected IoT devices. Different types of connected IoT and medical devices were analyzed, and a procedure to integrate them with ProTego was designed.

Educational Framework designed and developed, identifying stakeholders, and providing specific content for each of them based on their educational needs.

Risk assessment tools:
- Complete risk models built and updated for both Pocket EHR and FoodCoach. Demonstrated how ProTego components reduce risks in both scenarios.
- Investigated collaborative, cross-organisation risk modelling via information hiding approach where different stakeholders can focus on their parts of the system.
- Extended dynamic risk assessment, risk recalculation to determine resulting risk level due to vulnerabilities, and recommendations to reduce risk level.
- Additional support for web applications.
- Extended domain model knowledge base to support relevant aspects of mobile devices.
- Extended vulnerability detection capabilities of SIEM to include web applications (besides infrastructure vulnerability detection).
- Improved detection capabilities of the SIEM by using Deep Learning techniques, implementing a new neuronal network architecture based on a combination of multilayer perceptron (MLP) with attention mechanisms.

Risk mitigation tools:
- Developed Parquet Modular Encryption. Data Gateway can be run inside a Trusted Execution Environment utilizing hardware to provide cryptographic protection for data-in-processing. Extended Open Source Fybrik framework supplying role-based, fine-grained access to the underlying FHIR database, providing policy-driven access control and redaction to data down to the FHIR resource.attribute level.
- Modular Access Control and Key Management Framework designed and implemented. Research focused on improving flexibility and functionality, or by providing additional security protection.
- Smartphone continuous authentication architecture designed and implemented, collecting and analysing behavioural user events.
- Network slicing solutions for a hospital environment were studied, and a solution for network isolation in terms of performance and security provided.

Platform architecture devised, integration work undertaken and final version of toolkit delivered. Updatable continuous integration platform deployed.

Ospedale San Raffaele deployed the ProTego toolkit on premise. OSR integrated the ProTego toolkit and FoodCoach, a web application that was used as the demonstrator of the Nutritional Case Study, which makes use of a non-connected device to collect the physical activity of the patient.

Marina Salud implemented Pocket EHR in a cloud-based architecture to show how the ProTego toolkit can be used in a novel, trending and challenging scenario. MS integrated the cloud-based deployment of ProTego with its EMR (Cerner Millennium) through a commercial and wide-used integration engine (Orion Rhapsody). Pocket EHR developed in a serverless cloud infrastructure. “Connected IoT” functionality developed, emulating an IoT trough a Raspberry PI 4, demonstrating how medical vendors can integrate the ProTego toolkit.

Intensive testing of the toolkit was performed in both hospitals with very satisfactory results:
- Acceptance tests
- Non-functional metrics
- Usability evaluation

Research outcomes disseminated and communicated to relevant stakeholders. Dissemination activities performed range from scientific publications and whitepaper to social media and blog posts to press releases and videos. All dissemination and communication targets set in the beginning of the project, have been reached.

SSM (Risk Assessment Tool): Knowledge base extensions to BYOD compiled allowing creation of first-known modelling of systemic cybersecurity risk of BYOD device contexts. Model sharing & concurrent locking, visual representation of logical groups used to enable collaborative, cross-organisational risk modelling. Complete dynamic cycle of vulnerability reporting, resultant systemic risk assessment and recommended controls with associated expected risk level was devised allowing to create the first-known example of model-based ISO27005 cybersecurity risk assessment and recommended controls at runtime to provide Critical Decision Support for practitioners: Dynamic warnings of raised risk levels arising from vulnerabilities & recommended controls.

First-known SIEM integrated with a risk assessment tool created for dynamic risk recalculation in an automated way for both infrastructures and web applications.

The development of Parquet Modular Encryption and its rapid implementation and adoption by the Apache community is a major achievement for ProTego. PME is now part of the standard Apache Spark distribution.

The D-ABAC scheme provides fine-grained and flexible access control and allows to enforce more complex access control policies. The CP-ABAC and C-ABAC scheme improve the state-of-the-art in terms of security. Both scheme protect against attacks where both the access control and key management component as well as the database containing the sensitive medical data, have been compromised.

Developing a mobile continuous authentication solution improves over current market solutions since they are computer-based. This way a new field of applicability, focused on mobile phones and BYOD policies, was explored.

The Network Slicing Isolation solution progressed together with the state-of-the-art open-source network slicing solutions. Its advancements have been aligned and focused on integrating different network virtualization techniques which can be availed by future research and possible integration with a 5G core.