SecHealth

4th Workshop on Cybersecurity in Healthcare 4.0
  • Date
    Aug 01, 2024
  • Location
    SR05
  • Duration
    14:45 — 16:15
Workshops Lettering

Workshop Chairs

Workshop Chairs Logo Workshop Chairs Logo Workshop Chairs Logo Workshop Chairs Logo
  • → Svetlana Boudko
  • → Bian Yang
  • → Habtamu Abie
  • → Sokratis Katsikas

Accepted Paper

Proxy Re-Encryption for Enhanced Data Security in Healthcare: A Practical Implementation
Pablo Cosio (i2CAT Foundation, Spain)
Full Paper
In the rapidly evolving digital healthcare landscape, the imperative for robust, flexible, and scalable data protection solutions has never been more critical. The advent of sophisticated cyber threats, coupled with the increasing complexity of healthcare IT infrastructures, underscores the necessity for advanced security mechanisms that can adapt to a wide range of challenges without compromising the accessibility or integrity of sensitive healthcare data. Within this context, our work introduces the SECANT Privacy Toolkit, a pioneering approach that harnesses the power of Proxy Re-Encryption (PRE) to redefine healthcare data security. We present an implementation prototype that not only serves as a baseline for the quantitative evaluation of healthcare data protection but also exemplifies the SECANT Toolkit's capability to enhance interoperability across disparate healthcare systems, strengthen authentication mechanisms, and ensure scalability amidst the growing data demands of modern healthcare networks. This prototype underscores our commitment to addressing the multifaceted security needs of the healthcare sector by providing a solution that is both comprehensive and adaptable to the dynamic landscape of digital health information security.By integrating cutting-edge cryptographic technologies, including Attribute-Based Encryption (ABE) and Searchable Encryption (SE), with the flexibility and control offered by PRE, the SECANT Privacy Toolkit stands at the forefront of secure and efficient healthcare data management. This integration facilitates not only the secure exchange of data across decentralized networks but also empowers healthcare providers with tools for fine-grained access control and privacy-preserving data searches, thereby addressing key challenges such as data interoperability, cybersecurity threats, and regulatory compliance.Our exploration reveals the toolkit's potential to revolutionize the way healthcare data is protected, shared, and accessed, providing a scalable, efficient, and user-friendly platform for healthcare providers, patients, and stakeholders. The SECANT Privacy Toolkit not only aligns with current healthcare data security requirements but also anticipates future challenges, ensuring that it remains a vital asset in the ongoing effort to safeguard sensitive healthcare information. This work contributes significantly toward enhancing the security and privacy of healthcare data, offering a robust framework for interoperability, authentication, and scalability that responds to the evolving needs of the healthcare industry. Through the deployment of our prototype and the subsequent evaluation, we aim to demonstrate the practicality, effectiveness, and transformative potential of the SECANT Privacy Toolkit in advancing healthcare data protection.
Workshop SecHealth
The State of Boot Integrity on Linux - a Brief Review
Robert Haas (Institute of IT Security Research, St.Pölten University of Applied Sciences, Austria), Martin Pirker (Institute of IT Security Research, St.Pölten University of Applied Sciences, Austria)
Full Paper
With the upcoming generational change from Windows 10 to Windows 11, the Trusted Platform Module as a security supporting component will be a requirement for every common PC. While the TPM has seen use with some applications already, its near future ubiquitous presence in all PCs motivates an updated review of TPM supporting software. This paper focuses on the software ecosystem that supports secure boot, a chain of measurements for integrity assessments, and challenges in remote attestation. An brief reflection on the state of the various projects gives a rough overview, but is not an exhaustive and in-depth survey. Still, this short paper contributes to the ongoing adoption and reflection of TPM v2’s features and opportunities.
Workshop IWSECC
Telemetry data sharing based on Attribute-Based Encryption schemes for cloud-based Drone Management system
Alexandr Silonosov (Blekinge Institute of Technology, Sweden), Lawrence Henesey (Blekinge Institute of Technology, Sweden)
Full Paper
The research presented in the paper evaluates practices of Attribute-Based Encryption, leading to a proposed end-to-end encryption strategy for a cloud-based drone management system. Though extensively used for efficiently gathering and sharing video surveilance data, these systems also collect telemetry information with sensitive data.

This paper presents a study addressing the current state of knowledge, methodologies, and challenges associated with supporting cryptographic agility for End-to-End Encryption (E2EE) for telemetry data confidentiality.

To enhance cryptographic agility performance, a new metric has been introduced for cryptographic library analysis that improves the methodology by considering Attribute-Based Encryption (ABE) with a conventional key-encapsulation mechanism in OpenSSL. A comprehensive series of experiments are undertaken to simulate cryptographic agility within the proposed system, showcasing the practical applicability of the proposed approach in measuring cryptographic agility performance.
Workshop IWSECC

Detail SecHealth 02/05

Topics of interest include, but are not limited to 03/05

  • Cybersecurity vulnerabilities in Healthcare 4.0 services and infrastructures
  • AI/machine learning for cybersecurity
  • Uncertainty quantification and risk management in Healthcare 4.0
  • New security design and analysis methods
  • Simulation and analysis of cybersecurity and privacy threats and attacks
  • Conversational AI In Healthcare: Privacy, Security And Trust
  • Confidential computing for healthcare data
  • AI and robotics enabled distributed healthcare infrastructures and services
  • Model and nudge security and privacy practices of healthcare staffs and patients
  • Proactive security monitoring mechanism for Healthcare 4.0
  • Distributed and heterogeneous security architectures for Healthcare 4.0
  • Methods for addressing the unreliability of local devices
  • Security, trust and privacy metrics
  • Federated learning and adversarial machine learning methods for Healthcare 4.0
  • Specific security and privacy demonstrators for Healthcare 4.0 scenarios

Workshop Chairs 04/05

Workshop Chairs

Workshop Chairs Logo
Svetlana Boudko
Norwegian Computing Center, Norway
Workshop Chairs Logo
Bian Yang
Norwegian University of Science and Technology, Norway
Workshop Chairs Logo
Habtamu Abie
Norwegian Computing Center, Norway
Workshop Chairs Logo
Sokratis Katsikas
Norwegian University of Science and Technology, Norway

Program Committee

Manos Athanatos | Foundation for Research and Technology Hellas, Crete – Greece
Zahra Batool | École de technologie supérieure, Canada
Sigurd Eskeland | Norwegian Computing Center, Norway
Lothar Fritsch | Oslo Metropolitan University, Norway
Vasileios Gkioulos | Norwegian University of Science and Technology, Norway
Wolfgang Leister | Norwegian Computing Center, Norway
Evangelos Markakis | The Hellenic Mediterranean University, Greece
Ethiopia Nigussie | University of Turku, Finland
Isabel Praça | GECAD/ISEP, Portugal
Tuomo Sipola | Jamk University of Applied Sciences, Finland
Giorgos Vasiliadis | Foundation for Research and Technology Hellas, Greece
Narasimha Raghavan Veeraragavan | The Cancer Registry of Norway, Norway

Submission 05/05

Important Dates

Extended Submission Deadline May 17, 2024
Author Notification May 29, 2024
Proceedings Version Jun 18, 2024
Conference Jul 30 — Aug 02, 2024
Join ARES 2025!

Join us at ARES 2025 in Ghent, Belgium