An Overview of the CUREX Platform

Díaz-Honrubia, Antonio Jesús; González, Alejandro Rodríguez; Zamorano, Juan Mora; Jimenez, Jesus Rey; González-Granadillo, Gustavo; Díaz, Rodrigo; Konidi, Mariza; Papachristou, Panos; Nifakos, Sokratis; Gounaris, Anastasios

doi:10.1109/cbms.2019.00042

Cited by 6 publications

(9 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The work presented in this article has been develop as part of a European Union (EU) project Secure and Private Health Data Exchange (CUREX) [17][18][19], which is developing a software platform aimed at delivering trust-enhancing, secure, and private-by-design systems and applications for the healthcare domain. In general, CUREX delivers specific cybersecurity and privacy risk solutions based on the following set of measurable objectives: (i) to deliver tools for assessing cybersecurity and privacy risks associated with health data exchange, (ii) to deliver a decision support tool for devising optimal cybersecurity and privacy safeguards, (iii) to deliver a Blockchain-based platform for enhancing trust in health data exchange, (iv) to enhance cyber hygiene in healthcare organizations, (v) to demonstrate the value of the CUREX platform through proof-of-concept use cases, and (vi) to conduct techno-economic, market and legal analysis and propose business and application models.…”

Section: Proposed Use Case Overviewmentioning

confidence: 99%

“…The CUREX solution analyzes information coming from the monitoring infrastructure to compute cybersecurity and privacy risk scores associated to the data exchange in a health domain. CUREX has five discrete areas: (i) asset and vulnerability discovery, whose goal is to discover the system's assets and any information related to their associated vulnerabilities; (ii) threat intelligence, aiming at detecting real time abnormal behaviors on users, and devices, as well as anomalies in the data in order to identify new and unknown threats; (iii) risk management, aiming at producing risk scores and optimal safeguards towards a cyber-strategy of the healthcare organization; (iv) trust enhancing, which will make use of a decentralized platform based on blockchain technology to store and share private and sensitive data, as described in [17,18]. Particularly, the interactions between the different tools of CUREX are depicted in Figure 4.…”

Section: Curex Platform Solutionmentioning

confidence: 99%

“…ADT scans the infrastructure and identifies the entities and resources that have direct connection with the HIS [18]. A list of assets (including IP addresses, open ports, services and/or operating systems running in each asset) is generated by the ADT and shared accordingly with other CUREX tools.…”

Section: Curex Platform Solutionmentioning

confidence: 99%

See 2 more Smart Citations

Cybersecurity and Privacy Risk Assessment of Point-of-Care Systems in Healthcare—A Use Case Approach

et al. 2021

Self Cite

View full text Add to dashboard Cite

Point-of-care systems are generally used in healthcare to respond rapidly and prevent critical health conditions. Hence, POC systems often handle personal health information; and consequently, their cybersecurity and privacy requirements are of crucial importance. While, assessing these requirements is a significant task. In this work, we propose a use case approach to assess specifications of cybersecurity and privacy requirements of POC systems in a structured and self-contained form. Such an approach is appropriate since use cases are one of the most common means adopted by developers to derive requirements. As a result, we detail a use case approach in the framework of a real-based healthcare IT infrastructure that includes a health information system, integration engines, application servers, web services, medical devices, smartphone apps and medical modalities (all data simulated) together with the interaction with participants. Since our use case also sustains the analysis of cybersecurity and privacy risks in different threat scenarios, it also supports decision making and the analysis of compliance considerations.

show abstract

Section: Proposed Use Case Overviewmentioning

confidence: 99%

Section: Curex Platform Solutionmentioning

confidence: 99%

See 1 more Smart Citation

Cybersecurity and Privacy Risk Assessment of Point-of-Care Systems in Healthcare—A Use Case Approach

et al. 2021

Self Cite

View full text Add to dashboard Cite

show abstract

“…Our research is motivated by the current vulnerability of health sector's infrastructures to threats related to privacy and cybersecurity. It is conducted in the context of the EU H2020 CUREX project, the main goal of which is to produce a novel, flexible and scalable situational awareness-oriented platform that can address comprehensively the protection of the confidentiality and integrity of health data focusing on health data exchange cases [11]. The IDS solutions mentioned above are inadequate to address privacy-related threats combined with more commonly encountered cybersecurity risks.…”

Section: Motivation and Contributionsmentioning

confidence: 99%

A Methodology for Runtime Detection and Extraction of Threat Patterns

et al. 2020

Self Cite

View full text Add to dashboard Cite

As the confidentiality and integrity of modern health infrastructures is threatened by intrusions and real-time attacks related to privacy and cyber-security, there is a need for proposing novel methodologies to predict future incidents and identify new threat patterns. The main scope of this article is to propose an advanced extension to current Intrusion Detection System (IDS) solutions, which (i) harvests the knowledge out of health data sources or network monitoring to construct models for new threat patterns and (ii) encompasses methods for detecting threat patterns utilizing also advanced unsupervised machine learning data analytic methodologies. Although the work is motivated by the health sector, it is developed in a manner that is directly applicable to other domains.

show abstract

“…Art. 4 (15) of the EU GDPR, defines data concerning health as: "personal data related to the physical or mental health of a natural person, including the provision of healthcare services, which reveal information about his or her health status. "…”

Section: Introductionmentioning

confidence: 99%

GDPR Compliance for Blockchain Applications in Healthcare

Hasselgren¹,

Wan²,

Horn³

et al. 2020

Computer Science &Amp; Information Technology (CS &Amp; IT)

View full text Add to dashboard Cite

The transparent and decentralized characteristics associated with blockchain can be both appealing and problematic when applied to a healthcare use-case. As health data is highly sensitive, it is therefore, highly regulated to ensure the privacy of patients. At the same time, access to health data and interoperability are in high demand. Regulatory frameworks such as GDPR and HIPAA are, amongst other objectives, meant to contribute to mitigating the risk of privacy violations of health data. Blockchain features can likely improve interoperability and access control to health data, and at the same time, preserve or even increase, the privacy of patients. Blockchain applications should address compliance with the current regulatory framework to increase real-world feasibility. This exploratory work indicates that published proof-of-concepts in the healthcare domain comply with GDPR, to an extent. Blockchain developers need to make design choices to be compliant with GDPR since currently, none available blockchain platform can show compliance out of the box.

show abstract

An Overview of the CUREX Platform

Cited by 6 publications

References 3 publications

Cybersecurity and Privacy Risk Assessment of Point-of-Care Systems in Healthcare—A Use Case Approach

Cybersecurity and Privacy Risk Assessment of Point-of-Care Systems in Healthcare—A Use Case Approach

A Methodology for Runtime Detection and Extraction of Threat Patterns

GDPR Compliance for Blockchain Applications in Healthcare

Contact Info

Product

Resources

About