KONFIDO - Secure and Trusted Paradigm for Interoperable eHealth Services

1. The new security extensions provided by some of the main CPU vendors;
2. Physical Unclonable Function (PUF)-based security solutions that are based on photonic technologies;
3. Homomorphic encryption mechanisms;
4. Customized extensions of the selected Security Information and Event Management (SIEM) solutions;
5. A set of disruptive logging and auditing mechanisms developed in other technology sectors – such as blockchain – and transferred to the healthcare domain;
6. A customized eIDAS-compliant eID implementation.

• Better acceptance of eHealth solutions among patients;
• Encouraging Member States to widen the use of eHealth;
• Ensuring the right of patients to cross-border healthcare;
• Supporting the development of European legal and operational standards for cross-border data exchange and patient privacy protection;
• Better protection against unauthorized use of personal data, breach of confidentiality and cybercrime;
• Increasing the awareness of stakeholders, private and public ones, on the current level of data security;
• Definition of clear architectures that will promote interoperability between eHealth solutions;
• Advancement of available information security and privacy technologies, being one of the first reference implementations to integrate a series of solutions proposed by EU projects (OpenNCP, STORK/eIDAS etc.).

Please briefly describe the results your project achieved so far

The key results of KONFIDO project so far are summarised below:

• Creation of a guidance report for the processing of health-related data in the European Union, focusing on legal and policy obstacles and solutions at EU level and national level in the three pilot countries (Denmark, Italy, Spain).
• Release of a gap analysis for interoperable eHealth solutions at a systemic level, focused on security and privacy mechanisms developed in various projects and initiatives.
• Organisation of two (2) end-user workshops targeting key stakeholders in the eHealth sector in Europe, as well as two (2) end-user surveys, one targeting healthcare professionals, health IT stuff and health authorities and another targeting patients/citizens.
• Design of the KONFIDO modular architecture that consists of several complementary security-enhancing technologies.
• Design and initial implementation of the six technological components:
  • Intel’s SGX environment integration in OpenNCP;
  • A Physical Unclonable Function module based on photonic technologies;
  • An interface for Fully Homomorphic Encryption and its integration with OpenNCP;
  • A customised SIEM consisting of multiple federated monitoring nodes;
  • A blockchain-based logging mechanism and a blockchain-based informed consent mechanism;
  • An eIDAS-compliant eID for OpenNCP.

What are the next steps for your project?

KONFIDO interim prototypes of the individual components will be ready by May 2018, while the first integrated KONFIDO prototype will be ready in October 2018.

The first pilot round in Italy, Spain and Denmark will take place between November and December 2018, involving end-users from these countries. The different National Infrastructures in each country pose interesting challenges for KONFIDO.

During the pilot, the KONFIDO team will measure the security improvement of OpenNCP (i.e. the European framework for cross-border eHealth data exchanges) with the application of KONFIDO.