Model-Based Security Assessment on the Design of a Patient-Centric Data Sharing Platform

Matthew Banton; Thais Webber; Agastya Silvina; Juliana Bowles

doi:10.1007/978-3-031-16011-0_5

Model-Based Security Assessment on the Design of a Patient-Centric Data Sharing Platform

Matthew Banton, Thais Webber, Agastya Silvina, Juliana Bowles^*

^*Corresponding author for this work

Research output: Chapter in Book/Published conference output › Conference publication

Abstract

The architectural design of a healthcare data sharing system must cope with security requirements especially when the system integrates different data sources and patient-centric features. The design choices come with different risks, where vulnerabilities and threats highly depend on how the system components interact and depend on each other to operate as well as how it handles the external connections. This paper focuses on security aspects arising early in the design phase of a patient-centric system. The system presents a blend of emergent technologies such as novel authentication methods, blockchain for access control, and a data lake for patient metadata storage and retrieval based on access rules. We exploit a model-based approach to tackle security assessment using attack-defense trees (ADtrees) formalism and other support diagrams altogether as a way to model and analyse potential attack paths to the system and its countermeasures. The modelling approach helps creating a framework to support the attack vectors analysis and the proposal of appropriate defense mechanisms within the system architecture.

Original language	English
Title of host publication	From Data to Models and Back - 10th International Symposium, DataMod 2021, Revised Selected Papers
Editors	Juliana Bowles, Giovanna Broccia, Roberto Pellungrini
Publisher	Springer
Pages	61-77
Number of pages	17
ISBN (Electronic)	978-3-031-16011-0
ISBN (Print)	9783031160103
DOIs	https://doi.org/10.1007/978-3-031-16011-0_5
Publication status	Published - 15 Oct 2022
Event	10th International Symposium on From Data Models and Back, DataMod 2021, held as a satellite event of the 19th International Conference on Software Engineering and Formal Methods, SEFM 2021 - Virtual, Online Duration: 6 Dec 2021 → 7 Dec 2021

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	13268 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	10th International Symposium on From Data Models and Back, DataMod 2021, held as a satellite event of the 19th International Conference on Software Engineering and Formal Methods, SEFM 2021
City	Virtual, Online
Period	6/12/21 → 7/12/21

Bibliographical note

Funding Information:
The research in this paper was supported by the EU H2020 project SERUMS: Securing Medical Data in Smart Patient-Centric Healthcare Systems (grant code 826278).

Keywords

Attack-defense trees
Data sharing
Healthcare systems
Patient-centric system
Security assessment

Access to Document

10.1007/978-3-031-16011-0_5

Cite this

Banton, M., Webber, T., Silvina, A., & Bowles, J. (2022). Model-Based Security Assessment on the Design of a Patient-Centric Data Sharing Platform. In J. Bowles, G. Broccia, & R. Pellungrini (Eds.), From Data to Models and Back - 10th International Symposium, DataMod 2021, Revised Selected Papers (pp. 61-77). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13268 LNCS). Springer. https://doi.org/10.1007/978-3-031-16011-0_5

Banton, Matthew ; Webber, Thais ; Silvina, Agastya et al. / Model-Based Security Assessment on the Design of a Patient-Centric Data Sharing Platform. From Data to Models and Back - 10th International Symposium, DataMod 2021, Revised Selected Papers. editor / Juliana Bowles ; Giovanna Broccia ; Roberto Pellungrini. Springer, 2022. pp. 61-77 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{48981fd8d61b4a2f88181b1cce453c0c,

title = "Model-Based Security Assessment on the Design of a Patient-Centric Data Sharing Platform",

abstract = "The architectural design of a healthcare data sharing system must cope with security requirements especially when the system integrates different data sources and patient-centric features. The design choices come with different risks, where vulnerabilities and threats highly depend on how the system components interact and depend on each other to operate as well as how it handles the external connections. This paper focuses on security aspects arising early in the design phase of a patient-centric system. The system presents a blend of emergent technologies such as novel authentication methods, blockchain for access control, and a data lake for patient metadata storage and retrieval based on access rules. We exploit a model-based approach to tackle security assessment using attack-defense trees (ADtrees) formalism and other support diagrams altogether as a way to model and analyse potential attack paths to the system and its countermeasures. The modelling approach helps creating a framework to support the attack vectors analysis and the proposal of appropriate defense mechanisms within the system architecture.",

keywords = "Attack-defense trees, Data sharing, Healthcare systems, Patient-centric system, Security assessment",

author = "Matthew Banton and Thais Webber and Agastya Silvina and Juliana Bowles",

note = "Funding Information: The research in this paper was supported by the EU H2020 project SERUMS: Securing Medical Data in Smart Patient-Centric Healthcare Systems (grant code 826278). ; 10th International Symposium on From Data Models and Back, DataMod 2021, held as a satellite event of the 19th International Conference on Software Engineering and Formal Methods, SEFM 2021 ; Conference date: 06-12-2021 Through 07-12-2021",

year = "2022",

month = oct,

day = "15",

doi = "10.1007/978-3-031-16011-0_5",

language = "English",

isbn = "9783031160103",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "61--77",

editor = "Juliana Bowles and Giovanna Broccia and Roberto Pellungrini",

booktitle = "From Data to Models and Back - 10th International Symposium, DataMod 2021, Revised Selected Papers",

address = "Germany",

}

Banton, M, Webber, T, Silvina, A & Bowles, J 2022, Model-Based Security Assessment on the Design of a Patient-Centric Data Sharing Platform. in J Bowles, G Broccia & R Pellungrini (eds), From Data to Models and Back - 10th International Symposium, DataMod 2021, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 13268 LNCS, Springer, pp. 61-77, 10th International Symposium on From Data Models and Back, DataMod 2021, held as a satellite event of the 19th International Conference on Software Engineering and Formal Methods, SEFM 2021, Virtual, Online, 6/12/21. https://doi.org/10.1007/978-3-031-16011-0_5

Model-Based Security Assessment on the Design of a Patient-Centric Data Sharing Platform. / Banton, Matthew; Webber, Thais; Silvina, Agastya et al.
From Data to Models and Back - 10th International Symposium, DataMod 2021, Revised Selected Papers. ed. / Juliana Bowles; Giovanna Broccia; Roberto Pellungrini. Springer, 2022. p. 61-77 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13268 LNCS).

Research output: Chapter in Book/Published conference output › Conference publication

TY - GEN

T1 - Model-Based Security Assessment on the Design of a Patient-Centric Data Sharing Platform

AU - Banton, Matthew

AU - Webber, Thais

AU - Silvina, Agastya

AU - Bowles, Juliana

N1 - Funding Information: The research in this paper was supported by the EU H2020 project SERUMS: Securing Medical Data in Smart Patient-Centric Healthcare Systems (grant code 826278).

PY - 2022/10/15

Y1 - 2022/10/15

N2 - The architectural design of a healthcare data sharing system must cope with security requirements especially when the system integrates different data sources and patient-centric features. The design choices come with different risks, where vulnerabilities and threats highly depend on how the system components interact and depend on each other to operate as well as how it handles the external connections. This paper focuses on security aspects arising early in the design phase of a patient-centric system. The system presents a blend of emergent technologies such as novel authentication methods, blockchain for access control, and a data lake for patient metadata storage and retrieval based on access rules. We exploit a model-based approach to tackle security assessment using attack-defense trees (ADtrees) formalism and other support diagrams altogether as a way to model and analyse potential attack paths to the system and its countermeasures. The modelling approach helps creating a framework to support the attack vectors analysis and the proposal of appropriate defense mechanisms within the system architecture.

AB - The architectural design of a healthcare data sharing system must cope with security requirements especially when the system integrates different data sources and patient-centric features. The design choices come with different risks, where vulnerabilities and threats highly depend on how the system components interact and depend on each other to operate as well as how it handles the external connections. This paper focuses on security aspects arising early in the design phase of a patient-centric system. The system presents a blend of emergent technologies such as novel authentication methods, blockchain for access control, and a data lake for patient metadata storage and retrieval based on access rules. We exploit a model-based approach to tackle security assessment using attack-defense trees (ADtrees) formalism and other support diagrams altogether as a way to model and analyse potential attack paths to the system and its countermeasures. The modelling approach helps creating a framework to support the attack vectors analysis and the proposal of appropriate defense mechanisms within the system architecture.

KW - Attack-defense trees

KW - Data sharing

KW - Healthcare systems

KW - Patient-centric system

KW - Security assessment

UR - http://www.scopus.com/inward/record.url?scp=85141693281&partnerID=8YFLogxK

UR - https://link.springer.com/chapter/10.1007/978-3-031-16011-0_5

U2 - 10.1007/978-3-031-16011-0_5

DO - 10.1007/978-3-031-16011-0_5

M3 - Conference publication

AN - SCOPUS:85141693281

SN - 9783031160103

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 61

EP - 77

BT - From Data to Models and Back - 10th International Symposium, DataMod 2021, Revised Selected Papers

A2 - Bowles, Juliana

A2 - Broccia, Giovanna

A2 - Pellungrini, Roberto

PB - Springer

T2 - 10th International Symposium on From Data Models and Back, DataMod 2021, held as a satellite event of the 19th International Conference on Software Engineering and Formal Methods, SEFM 2021

Y2 - 6 December 2021 through 7 December 2021

ER -

Banton M, Webber T, Silvina A, Bowles J. Model-Based Security Assessment on the Design of a Patient-Centric Data Sharing Platform. In Bowles J, Broccia G, Pellungrini R, editors, From Data to Models and Back - 10th International Symposium, DataMod 2021, Revised Selected Papers. Springer. 2022. p. 61-77. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-031-16011-0_5