The interconnection of organisations from distributed, heterogeneous, and autonomous domains having different regulations often requires a trusted third-party gateway to translate security means applied in one domain to those of a different domain. At that point, sensitive data is exposed unencrypted on the gateway host, thus vulnerable to attacks. In this paper, we provide a solution to this weakness of federated architectures by using hardware-assisted trusted computing (TC). We propose an approach where the new Intel's CPU extension, namely Software Guard eXtension (SGX), is exploited to guarantee the trustworthiness of the weakest link - i.e., the gateway - in spite of an aggressive attack model. The validation of our work was realised through the European eHealth infrastructure, namely OpenNCP, that enables cross-border health care and establishes shared practices to implement mechanisms and policies allowing patient data exchange between distinct national eHealth systems.
Titolo: | Securing the weak link of federated systems via trusted execution: A case study from the eHealth domain |
Autori: | |
Data di pubblicazione: | 2019 |
Rivista: | |
Handle: | http://hdl.handle.net/11367/84312 |
Appare nelle tipologie: | 1.1 Articolo in rivista |