Security Security - mHealth and FHIR: mHealth and FHIR:

slicedmitesΑσφάλεια

16 Φεβ 2014 (πριν από 3 χρόνια και 8 μήνες)

76 εμφανίσεις

Security
Security
-
mHealthandFHIR:
mHealth

and

FHIR:
mobile health a
pp
lications
pp
and other Internet uses
SecurityinHL7Standards
Security

in

HL7

Standards
HL7 Security Working Group
JhMhk
J
o
h
n
M
oe
h
r
k
e
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
Ad
A
gen
d
a

Basic mHealth security
Citiit

C
ommun
i
ca
ti
ons secur
it
y

User Authentication

Authorization
RltihitPiCt

R
e
l
a
ti
ons
hi
p
t
o
P
r
i
vacy
C
onsen
t

Audit Lo
gg
in
g
and re
p
ortin
g
gggpg
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
9/26/2013
2
Overall view of mobile device
it
secur
it
y

Functional, Operational, Physical,
ProceduralNetworkUseretc
Procedural
,
Network
,
User
,
etc
..

NIST 800-53 -Security and Privacy Controls
for Federal Information Systems and
Or
g
anizations
g

NIST 800-124 -Guidelines on Cell Phone
andPDASecurity
and

PDA

Security

NIST 800-101
: Guidelines on Mobile Device
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
Forensics
9/26/2013
3
NIST800NIST800
53ControlFamilies53ControlFamilies
NIST

800NIST

800
--
53

Control

Families53

Control

Families
18 Families related to Security
Access ControlMedia Protection
Awareness and TrainingPhysical and Environmental Protection
Audit and AccountabilityPlanning
Security Assessment and AuthorizationPersonnel Security
Configuration ManagementRisk Assessment
Contingency PlanningSystem and Services Acquisition
Identification and AuthenticationSystem and Communications Protection
Incident ResponseSystem and Information Integrity
MaintenanceProgram Management
8 Families related to Privacy
Authority and PurposeIndividual Participation and Redress
blddk
Accounta
b
i
l
ity, Au
d
it, an
d
Ris
k
ManagementSecurity
Data Quality and IntegrityTransparency
Data Minimization and RetentionUse Limitation
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
Rik
SlblSit
Ri
s
k

S
ca
l
a
bl
e
S
ecur
it
y

Risk Assessment is a general and
natural
p
rocess
p

Risk Assessment is applicable to many levels
ofdesignanddeployment
of

design

and

deployment

Standards development –Security Cookbook
Sftdi
MdilDiISO14971

S
o
ft
ware
d
es
i
gn

M
e
di
ca
l

D
ev
i
ce
ISO

14971

Network design

Deploying systems onto network –IEC 80001

Or
g
anizational

be
y
ond network scope

ISO 27001
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
g
y

Nationwide Exchanges –IHE Affinity Deployment
9/26/2013
5
RikSi
Ri
s
k

S
cenar
i
o
In this scenario:
•The vulnerabilit
y
is the
y
hole in the roof

Thethreatistherain
The

threat

is

the

rain

cloud

Raincouldexploitthe

Rain

could

exploit

the
vulnerability
Theriskisthatthebuildingandequipmentinthebuilding
The

risk

is

that

the

building

and

equipment

in

the

building

could be damaged as long as the vulnerability exists and
thereisalikelychancethatrainwillfall.
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
there

is

a

likely

chance

that

rain

will

fall.

6
9/26/2013
RikMt(ISO13335)
Ri
s
k

M
anagemen
t

(ISO13335)
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
9/26/2013
7
Rik
Rtti
Ri
s
k
s –
R
esource pro
t
ec
ti
on

Wrong people get access

剩杨R灥潰汥来g摥湩敤灲潰敲慣捥獳

剩杨R

灥潰汥

来g

摥湩敤

灲潰敲

慣捥獳

Right people see too much (consent)

Unauthorized Create/Update/Delete allowed

剩杨R灥潰汥来g睲潮w摡瑡

剩杨R

灥潰汥

来g

睲潮w

摡瑡

Perception that wrong people got access
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
9/26/2013
8
NIST800NIST800
53ControlFamilies53ControlFamilies
NIST

800NIST

800
--
53

Control

Families53

Control

Families
18 Families related to Security
Access ControlMedia Protection
Awareness and TrainingPhysical and Environmental Protection
Audit and AccountabilityPlanning
Security Assessment and AuthorizationPersonnel Security
Configuration ManagementRisk Assessment
Contingency PlanningSystem and Services Acquisition
Identification and AuthenticationSystem and Communications Protection
Incident ResponseSystem and Information Integrity
MaintenanceProgram Management
8 Families related to Privacy
Authority and PurposeIndividual Participation and Redress
blddk
Accounta
b
i
l
ity, Au
d
it, an
d
Ris
k
ManagementSecurity
Data Quality and IntegrityTransparency
Data Minimization and RetentionUse Limitation
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
mHealth
=
Securitylayers
mHealth

Security

layers
IHE
MHD
HL7
FHIR
HL7/OMG
hData
DICOM
WADO
Continua
RESTful
MHD
FHIR
hData
WADO

Resources
IHEIUA(2013)
Secure RESTful
HTTPTransport
TCP/IP + DNS
IHE

IUA

(2013)
HTTP

Transport
Internet
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
10
BiHTTPit
B
as
i
c
HTTP
secur
it
y

Using HTTPS –Server side TLS/SSL
Nitttddi

N
o
i
mpac
t
on resource con
t
en
t
an
d
enco
di
ng

Authenticates server

Encrypts and Integrity protects communication

Does Not authenticate client

Use Client Authentication Hard to manage

Does not authenticate user
(
see next slide
)
()
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
9/26/2013
11
UAthtiti
U
ser
A
u
th
en
ti
ca
ti
on

Using HTTP Authentication
Bi
/d

乴汢l

B
as
i
c

username
/
passwor
d


N
o
t
⁳捡
l
a

e

Form –username/password Not plugable tech

Kerberos Doesn’t work well outside
organization

SAML

SSO profile okay if enterprise focused

OAuth best if internet focused
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
9/26/2013
12
Hlth
ACtl
H
ea
lth
care -
A
ccess
C
on
t
ro
l
Hlthdl

H
ea
lth
care nee
d
s are more comp
l
ex

But leverage concepts: RBAC, Policy, Tags,

Enforce Privacy Consents

special consent rules, episodic, expired, revoked

Data not simply classifiable into Role

Levera
g
e clinical t
yp
es but need Securit
y
Ta
g
s
gypyg

Policies point at data characteristics

卥湳楴楶SH敡汴e呯灩捳䍡牥
-
呥慭

卥湳楴楶S

䡥慬瑨

呯灩捳

䍡牥
-
呥慭

Break-Glass –safety medical judgement
RidlRl

佢汩瑩
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.

R
es
id
ua
l

R
u
l
es

佢汩


潮o
㤯㈶⼲〱9

HL7PASS
Atl
HL7

PASS

A
ccess con
t
ro
l
Service
Consumer
Service
Provider
Request for Service/
Credentials
Policy Enforcement
Point (PEP)
Request for Service
Interface
1
Policy
Decision
Point
(PDP)
Access Control Decision Information (ADI)
s
Control Service
(ACS)
Access Control
Ifti
(
ACI
)
Access Request
ADI
Security & Privacy
Policy Rules
Contextural
Information
Subject
ACI
Acces
s
a
gement
Resource
ACI
I
n
f
orma
ti
on
(
ACI
)
v
ider
Interface
2
Policy Administration/Security Management
Security Man
a
Privacy
Service Pro
v
Interface
e
nt Management
Privacy

Policies
Privacy Management
3
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
9/26/2013
14
Cons
e
Interface
4
ACtlEi
A
ccess
C
on
t
ro
l

E
ng
i
ne
Ctt
C
on
t
ex
t
•Break-Glass
•PurposeOfUse
Workflo

Workflo
w
Policies
FHIRAPI
FHIR

API
User
•Role

Authz
Patient
•Consent

Care
team
Resource
•Sec Tags

Class
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
9/26/2013
15

Authz
•Facility

Care
-
team
•Deligates

Class
•Dates
mHealth Access Control
DltMdl
D
ep
l
oymen
t

M
o
d
e
l
s
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
9/26/2013
16
InternetUserAuthorization(IUA)
Internet

User

Authorization

(IUA)

Sub-Authorizations user would otherwise have

啳U
-
䍡獥CS業灬ib牯睳敲慰a浯扩汥慰灬楣慴楯a

啳U
䍡獥C

卩浰汥

扲潷獥b

慰a

浯扩汥

慰灬楣慴楯a

敭扥摤敤⁤敶楣攬⁡湤⁴桩牤⁰慲瑹⁳敲癩捥

Enables se
p
aration of concerns: User Identit
y,
User
py,
Authentication, User Delegation of their Rights…

Authenticable claims: user identity, user authentication
mechanism, roles asserted, purpose of use asserted,
policy pointers, ..

OAuth 2.0: JWT/SAML token -Can be proxied to SAML

Authorization is from user perspective and may not be
tithiti
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
same as resource perspec
ti
ve au
th
or
i
za
ti
on
9/26/2013
17
R
SitT
R
esource –
S
ecur
it
y
T
ags

Developing story –stay tuned
Liitik

L
everag
i
ng ex
i
s
ti
ng wor
k


Security/Privacy DAM / Ontology / HCS

DS4P –Metadata use

IHE XD* metadata model

Vocabulary (HL7, OASIS, ISO, etc)

䅣捥獳䍯湴牯C敮杩湥
啳敳䙈䥒䅐A瑯t

䅣捥獳

䍯湴牯C

敮杩湥

–
啳敳

䙈䥒

䅐A

瑯t

FHIR resources have Provenance
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.

FHIR resources have Security Tags
9/26/2013
18
UMt
U
ser
M
anagemen
t

Best Practice: Use federated identity

䱥癥牡来s散畲楴el慹敲

䱥癥牡来

獥捵物瑹

污祥l


abstract healthcare specifics from user management

䥮瑥牮整潲䍯牰潲慴C
佁畴Oor十䵌

䥮瑥牮整



䍯牰潲慴C

–
佁畴O



十䵌

FHIR Servers need to be careful which Identity
Pidthttdfht
P
rov
id
ers
th
ey
t
rus
t
, an
d

f
or w
h
a
t
reason

Might be added to FHIR –for those that really
want it, it should be there in a consistently usable
way
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
9/26/2013
19
ThRlfhHL7SiWG
Th
e
R
o
l
e o
f
t
h
e
HL7

S
ecur
i
ty
WG

HL7SecurityRiskAssessmentProcess

HL7

Security

Risk

Assessment

Process

Provides training on the HL7 Risk
At
A
ssessmen
t
process

Gives direct assistance to WGs durin
g
the
g
risk assessment process

䱩慳潮瑯浈敡汴m

䱩慳潮



浈敡汴m

Liason to FHIR
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
20
9/26/2013
Cli
C
onc
l
us
i
on

Building off of advancements in general Internet
SecurityStandards(HTTPSOAuthSAMLDir)
Security

Standards

(HTTPS
,
OAuth
,
SAML
,
Dir)

pluggable authentication

䉵楬摩湧o晦潦桥慬瑨捡牥獴慮摡牤s

䉵楬摩湧

潦o



桥慬瑨捡牥

獴慮摡牤s


Layering Security in a way that is usable for many
Hlthjt(CtiDICOMIHE
H
ea
lth
care pro
j
ec
t
s
(C
on
ti
nua,
DICOM
,
IHE
,
HL7)

Embedding Security Tags into FHIR Resources

FHIR

Securit
y
Audit Lo
g
Resource
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
yg
9/26/2013
21
R
R
esources
HL7
*
Security
http://wikihl7org/indexphp?title
=
Security

Security

http://wiki
.
hl7
.
org/index
.
php?titleSecurity
* mHealth http://wiki.hl7.org/index.php?title=Mobile_Health
*
FHIRWiki
http://wikihl7org/indexphp?title
=
FHIR

FHIR

Wiki

http://wiki
.
hl7
.
org/index
.
php?titleFHIR
IHE
*
web
http://wwwihenet/

web

http://www
.
ihe
.
net/
* IHE Wiki http://wiki.ihe.net/
DICOM
http://medicalnemaorg/standardhtml
DICOM

http://medical
.
nema
.
org/standard
.
html
Myblog
http://healthcaresecprivacyblogspotcom/
© 2010 Health Level Seven ® International. All Rights Reserved.
HL7 and Health Level Seven are registered trademarks of Health Level Seven International. Reg. U.S. TM Office.
My

blog

http://healthcaresecprivacy
.
blogspot
.
com/
9/26/2013
22