Title | ||
---|---|---|
Securing the weak link of federated systems via trusted execution: a case study from the eHealth domain |
Abstract | ||
---|---|---|
AbstractThe interconnection of organisations from distributed, heterogeneous, and autonomous domains having different regulations often requires a trusted third-party gateway to translate security means applied in one domain to those of a different domain. At that point, sensitive data is exposed unencrypted on the gateway host, thus vulnerable to attacks. In this paper, we provide a solution to this weakness of federated architectures by using hardware-assisted trusted computing (TC). We propose an approach where the new Intel's CPU extension, namely Software Guard eXtension (SGX), is exploited to guarantee the trustworthiness of the weakest link - i.e., the gateway - in spite of an aggressive attack model. The validation of our work was realised through the European eHealth infrastructure, namely OpenNCP, that enables cross-border health care and establishes shared practices to implement mechanisms and policies allowing patient data exchange between distinct national eHealth systems. |
Year | DOI | Venue |
---|---|---|
2019 | 10.1504/ijccbs.2019.106823 | Periodicals |
DocType | Volume | Issue |
Journal | 9 | 4 |
ISSN | Citations | PageRank |
1757-8779 | 0 | 0.34 |
References | Authors | |
0 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Luigi Coppolino | 1 | 239 | 32.53 |
Salvatore D'Antonio | 2 | 0 | 0.34 |
Giovanni Mazzeo | 3 | 0 | 2.03 |
Luigi Romano | 4 | 0 | 0.34 |
Luigi Sgaglione | 5 | 17 | 6.84 |