Add to collection(s) Add to saved
  1. Social Science
  2. Political Science

Advanced security activities for eHealth Bernd Blobel

advertisement 
Advanced security activities for
eHealth
Bernd Blobel
CEN/ISSS eHealth Standardization Focus Group
Fraunhofer Health Telematics Project Group
EFMI WG Security, Safety and Ethics
EFMI WG Electronic Health Records
PROREC-DE
Fraunhofer Institute for Integrated Circuits IIS,
Erlangen, Germany
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Introduction All developed countries face the challenge to improve
quality, safety and efficiency of their health systems under
the conditions of
- demographic developments with aging and multidiseased citizens,
- increased expectations to quality of life with
increasing demands for health services,
- growing costs for advanced biomedical,
pharmaceutical and technical methods and
products for prevention, diagnosis and therapy,
- changing social and economical environment
moving towards globalisation combined with
increased flexibility and mobility of citizens, goods
and services,
- reduced insurance funds.
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Solution (1)
Turning health systems to customisable,
comprehensive and completely integrated
care in close relation to efficient public
health.
Current development from organisationcentred to process-oriented has to
continue to personalised care (body map
area, patient monitoring). Emphasis of
prevention and home care.
Such development must be supported by
appropriate ICT to support health
telematics and telemedicine (eHealth).
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Solution (2)
Different strategies have been followed
for realising a proper ICT approach
including effective infrastructural services:
a)
“Monolithic” architecture for
comprehensive solutions.
b)
Open, flexible, scalable, portable, userfriendly, standard-based, service-oriented,
knowledge-based, semantically
interoperable, and trustworthy solution.
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Focus Group History
Call for FG
17 December 2003: Kick-off Meeting
Appointment of Chair, Steering Committee and
the Editors Ray Rogers and Francois Mennerat
16 August 2004:
1st draft of the FG Report for internal comments
22 November 2004: 1st draft of the FG Report for public comments
22 February 2005: Circulation of the final draft to eHSFG members
for endorsement
12 December 2005: Open Conference under Dutch EU Presidency
1 March 2005:
Final FG Report
4 March 2005:
Submission to the CEN/ISSS Forum
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
eHealth Europe
Strategic Objectives
Enabling patient mobility as well
as cross boundary access to
health services
Reducing clinical errors as well
as improving patient safety
Improving access to high quality
information for both patients and
health professionals
Improving efficiency of health
services
Critical Applications
Improving access to clinical records:
EHR incl. EHR architecture
Electronic exchange of health data
incl. electronic transfer of
prescriptions (ePrescriptions)
ePrescribing with decision support
Digital imaging and related services
requests and result reporting
Core Data Sets e.g. for health
surveillances
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Infrastructure to underpin applications
Management of any principal’s identification, in the patient’s
context including:
- EU Health Insurance Card (enhanced by carrying medical
data and providing cross-border access control facilities);
- A common approach to patient identifiers;
- Access control and authentication;
Protecting personal information (based on PKI and data cards
(tokens) for professionals and citizens/patients);
Terminological systems for clinical records and medicines;
EU Health Data Cards.
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
FG Recommendations
• Main Recommendation: Establishing a permanent eHealth
Interoperability Platform
• Improving access to records
• Reducing medication-related errors, and e-prescribing
• Safety of health informatics products
• Improving access to quality health information - Metadata for
knowledge resources
• Efficiency of healthcare processes - Workflow models and clinical
pathways
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
FG Recommendations (cont.)
• Electronic transfer of prescriptions
• Information exchange to support inter-working and the mobile
citizen
• Case-mix groupers based on diagnoses and procedures
• Quality indicators
• Improving availability of standards
• Commission's support to European standardisation
• Towards an international multilingual reference terminology
• Security services
• Health cards
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Architectural
Paradigms for
Future-Proof
Semantically
Interoperable
Health
Information
Systems
•
•
•
•
•
•
•
•
•
•
Distribution
Component-orientation (flexibility, scalability)
Separation of platform-independent and platform-specific
modelling Æ
Separation of logical and technological views (portability)
Specification of reference and domain models at metalevel
Interoperability at service level (concepts, contexts,
knowledge)
Enterprise view driven design (user acceptance)
Multi-tier architecture (user acceptance, performance,
etc.)
Appropriate multi-media GUI (illiteracy)
Common terminology and ontology (semantic
interoperability)
Appropriate security and privacy services
Domain n
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Domain 2
Domain 1
Business Concepts
Basic Services/Functions
Component
Decomposition
Relations Network
Component View
Technology View
Engineering View
Computational View
Information View
Enterprise View
Basic Concepts
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Data Security Concept of an Enterprise
• The data security concept is based on the
enterprise business concept, and is part of the
general data processing concept
• Security policies must be derived from
enterprise policies
vulnerability
threat
risk
protection
specification of protection objects
specification of attackers and their motivations
evaluation of probability and consequences of attack
specification of protection measures
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Security Policy
• Security policy is a complex of legal,
organisational, functional, medical, social, ethical
and technical aspects, which must be considered
in the context of data protection and data security.
• Security policy defines the framework, rights and
duties of principals involved, but also
consequences and penalties in the case of
disregard of the fixings taken.
safety
security
accountability
authentication
integrity
confidentiality
non-repudiation
notary’s
functions
availability
services
concepts
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
communication
security
identification
quality
application
security
authorisation
access
control
confidentiality
audit
accountability
non-repudiation
notary’s
functions
availability
integrity
accuracy
digital
signature
hashing
key recovery
encryption
multiple
comp.
...
DES
IDEA
RSA
DSA
SHA-1
MD5
...
ELGAMAL
data
keys
certificates
digital
signature
encryption
hashing
...
multiple
comp.
fire protection
DES
IDEA
RSA
DSA
SHA-1
MD5
...
ELGAMAL
data
keys
certificates
data algorithms mechanisms
access
control
key escrowing
fire protection
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
L e g a l & E th ic al
Fram ework
P o lic y
P o lic y
C o u n c il
A c c e s s C o n tr o l R u le s
I n f o r m a tio n
S y s te m
A d m in is tr a to r
P r ivileg e s
A c c e s s C o n tr o l
TTP
A u th e n tic a tio n
P a tie n t C o n s e n t
A u d it
I n f o r m a tio n A c c e s s
User
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Security-Related Use Case Types
•
•
•
•
•
•
•
•
•
•
•
PolicyManagement
UserManagement
RoleManagement
UserAuthentication
PatientConsent
CommunicationInitialisation
InformationRequest
AccessControl
InformationProvision
InformationTransfer
Audit
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Models Used
• Domain Model
• Authentication Model
• Communication Model
- Secure Object
- Secure Channel
•
•
•
•
•
Policy Model
Role Model
Delegation Model
Control Model
Privilege Management and
Access Control Models
• Audit Model
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
P o lic y
p o lic y_ id e ntifie r : S E T< II>
p o lic y_ na m e : C S
p o lic y_ a utho rity_ ID : O ID
p o lic y_ a utho rity_ na m e : S T
p o lic y_ d o m a in_ id e ntifie r : S E T < O ID >
p o lic y_ d o m a in_ na m e : B A G
p o lic y_ ta rg e t_ lis t : L IS T < IN T>
B a s ic P o lic y
p o lic y_ s ub je c t_ ID : O ID
p o lic y_ s ub je c t_ na m e : S T
ta rg e t_ id e ntifie r : S E T< II>
ta rg e t_ na m e : E N
ta rg e t_ o b je c t : II
o p e ra tio n_ c o d e : C E
p e rm is s io n_ p o lic y : C D
c o ns tra int : O C L
M e ta P o lic y
m e ta _ e xp re s s io n
ra is e d _ a c tio n : C E
C o m p o s it e P o lic y
e ve nt : C V
p o lic y : C D
m p o lic y : C D
p o lic y_ g ro up : S E T< II>
c o ns tra int : O C L
R e la tio ns hip
r o le s : Ro le
R e fra inP o lic y
a c tio n : C E
R o le
s ub je ctD o m a in : OID
r ole _ id e ntifie r : S E T< II>
r ole _ na m e : C S
r ole _ d es c rip tio n : C D
O b lig a tio n P o lic y
e ve nt : C V
e xc e p tio n : E xc e p tio n
A utho ris a tio nP o lic y
D e le g a tio n P o lic y
g ra nte e : O ID
a c c es s R ight s : C E
A ut h+
a c tio n : C E
A utha c tio n : C E
D e le g +
D e le g -
M a na g e m e ntS truc ture
ro le s : R o le
re ls : R e l
m s truc ts : M s truc t
G ro up
gr o up _i d e nti fi e r : S E T< II>
gr o up _na m e : C S
gr o up _d e s c r ip ti o n : C D
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Roles
• For managing role-relationships between
the entities, organisational and functional
roles can be defined.
• Organisational roles specify relations
between entities in the sense of
competence (RIM roles) often reflecting
organisational or structural relations
(hierarchies).
• Functional roles are bound to an act.
Functional roles can be assigned to be
performed during an act. They correspond
to the RIM participation.
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Policy-Driven, Role-Based Access Control
Role_Hierarchy
SR_Policy
1
Structural_Role
Target_Policy
1..*
FR_Policy
1
1 1.. *
User_Assi gnm ent
Principal
0..*
Functional_Role
0..*
1..*
Permission_Assignment
0..*
0..*
1
Session_Role
User_Session
1..*
1..*
Session
Process_P oli cy
1..*
1
0..*
Target_Component
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
“Functional
Roles”
Established in the
CEN ENV 13606
Revision
• Subject of care (normally the patient)
• Subject of care agent (parent, guardian, carer, or
other legal representative)
• Responsible (personal) healthcare professional (the
healthcare professional with the closest relationship
to the patient, often his GP)
• Privileged healthcare professional
• nominated by the subject of care
• nominated by the healthcare facility of care (there is a
nomination by regulation, practice, etc.)
• Healthcare professional (involved in providing direct
care to the patient)
• Health-related professional (indirectly involved in
patient care, teaching, research, etc.)
• Administrator (and any other parties supporting
service provision to the patient)
TTP Functions and Requirements
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
A nonyV a lu e a d d e d
m is a tio n
S e rv ic e s
P ro f. re g is tra tio n
T im e s ta m p in g
In fra s tru c tu ra l
S e rv ic e s
B a s is
s e rv ic e s
S e rv ic e s re la te d to th e b u s in e s s
v a lu e o r s e c u rity o f d o c u m e n t o r
m e s s a g e e x c h a n g e , g iv e n b y a g re e m e n ts o r b y re g u la tio n .
R e g is tra tio n
C e rtific a te h a n d lin g
D ire c to rie s C a rd is s u in g
K ey m anagem ent
N a m in g
S e rv ic e s w h ic h fa c ilita te s
s e c u re c o m m u n ic a tio n s in
a la rg e s c a le in v o lv in g
m u tu a l d is tru s tfu l u s e rs .
A c c e s s c o n tro l
In te g rity
S e c u rity lo g g in g
C o n fid e n tia lity
Id e n tific a tio n & A u th e n tic a tio n N o n -re p u d ia tio n
S e rv ic e s d ire c tly
re la te d to th e s e c u re
c o m m u n ic a tio n
b e tw e e n tw o u s e rs .
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Important eHealth Components (logical view)
Application
Services
Client
Services
Terminology
Services
EHR
Systems
PKI
Policy
Services
ID CA
Services
PMI
ACA
Services
Audit
Services
Directory
Services
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
Conclusions
European Commission and European SDOs
established a project for specifying
requirements for eHealth Interoperability, in
that context addressing the need for close
European and global collaboration of all
stakeholder communities, organisations, other
SDOs, etc.
Currently, the FG Report is under
implementation setting up the political and the
legal framework as well as establishing the
eHealth Interoperability Platform according to
the FG Main Recommendation.
ETSI Security Workshop, Sophia Antipolis, 16-17 January 2006
For further information about the CEN/ISSS eHealth Standardization Focus Group
look at
www.cenehealth.org
Contact:
Bernd Blobel Ph.D.
Associate Professor
Head of the Health Telematics Group
Fraunhofer Institut Integrierte Schaltungen
Am Wolfsmantel 33
91058 Erlangen
Email: bernd.blobel@iis.fraunhofer.de
Tel.: +49-9131-776-7350
Fax : +49-9131-776-7399
Related documents
Milan ERBES
Milan ERBES
One of my main goals in life has been to make my parents proud:
One of my main goals in life has been to make my parents proud:
Download
advertisement