Security & Trust (S&T) is one of the SAP research programs. The S&T researchers are mainly located in Sophia Antipolis (France) and Karlsruhe (Germany). The S&T research field focuses on the delivery of innovative security solutions. The S&T approach emphasises on the users and their individual protection needs, including confidence in the system’s security and awareness of its security status.
Healthcare applications have in general strict privacy regulations and confidentiality requirements. They deal with a variety of sensitive data, e.g., medical and personal data of patients. Especially these electronically available medical and personal data have to be protected from unauthorized access. But on the other hand, in emergency situations, access to the medical history of a person can be vital for the surviving of victims. In critical situation the protection of privacy has to be loosened and unconditional access to the medical data must be possible.
These contradictory security goals make healthcare scenarios very challenging for research in the area of security & trust. This is the main reason that many of the European funded projects related to security chose healthcare scenarios to validate their results.
The goal of the MOSQUITO project was the development of an easy-to-use security framework for collaborative business applications in mobile and ubiquitous computing environments. The developed prototype showed an application of mobile collaboration in emergency situations. It included innovative technologies like the pervasive workflow (a secured distributed workflow management), context-aware access control (access control adapting to changes in the environment, like the health status or location) and the CryptoTerminal® (a mobile application for authentication and digital signing).
The WASP project aims to provide theory, methods, hardware and software to construct highly optimized applications on a network of generic and flexible nodes. The emphasis in the project lays in the services, which link the application securely to the sensor network.
In the WASP project, two business scenarios for vertically-integrated wireless sensor networks applications will be developed and deeply analyzed. The covered application areas are healthcare, automotive and agriculture. As healthcare scenario the monitoring of health status and daily activities using Wireless Sensor Networks (WSN) is envisioned. I will provide more details about WASP in my next blog.
The SERENITY project aims to support system designers and/or developers (persons that in general might not have a deep security know-how) to make their systems secure by capturing security expertise and making it available for automated processing. One of the SERENITY key ingredients is the enhanced notion of Security and Dependability (S&D) Patterns.
An entire activity within SERENITY will focus at developing a set of motivating reference scenarios to evaluate, tune, and assess all methods, techniques, and tools emerging from SERENITY. SAP Research will lead this crucial activity. One of these scenarios focuses on a smart sensor network infrastructure for healthcare monitoring of patients after hospitalization.
Like the three examples show, healthcare offers challenging security issues for our research program. I will point out some of these issues more in details in the next blogs. While explaining our research work, I would like to know what healthcare experts think about our maybe sometimes naïve scenarios and the security problems we face.