Securing the weak link of federated systems via trusted execution: a case study from the eHealth domain Online publication date: Thu, 16-Apr-2020
by Luigi Coppolino; Salvatore D'Antonio; Giovanni Mazzeo; Luigi Romano; Luigi Sgaglione
International Journal of Critical Computer-Based Systems (IJCCBS), Vol. 9, No. 4, 2019
Abstract: The interconnection of organisations from distributed, heterogeneous, and autonomous domains having different regulations often requires a trusted third-party gateway to translate security means applied in one domain to those of a different domain. At that point, sensitive data is exposed unencrypted on the gateway host, thus vulnerable to attacks. In this paper, we provide a solution to this weakness of federated architectures by using hardware-assisted trusted computing (TC). We propose an approach where the new Intel's CPU extension, namely Software Guard eXtension (SGX), is exploited to guarantee the trustworthiness of the weakest link - i.e., the gateway - in spite of an aggressive attack model. The validation of our work was realised through the European eHealth infrastructure, namely OpenNCP, that enables cross-border health care and establishes shared practices to implement mechanisms and policies allowing patient data exchange between distinct national eHealth systems.
Online publication date: Thu, 16-Apr-2020
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Critical Computer-Based Systems (IJCCBS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email firstname.lastname@example.org