The document proposes a solution for privacy-preserving backup and recovery of emergency healthcare data. It discusses existing solutions that have disadvantages when an electronic health card is lost, defective, or expired. The document then introduces Krawczyk's secret sharing scheme, which combines secret sharing and information dispersal to distribute data fragments among participants. The proposed solution uses Krawczyk's scheme to back up emergency data online or offline via devices like USB sticks. Recovery can then access the distributed fragments online or offline for authorized medical professionals.
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Privacy Preserving Back-up and Recovery of Emergency Data
1. Privacy Preserving Back-up and
Recovery of Emergency Data
Seminar on System Security for Master
SS2010
Zdravko Danailov
2. Privacy Preserving Back-up and Recovery of Emergency Data 2
Zdravko Danailov
Outline
Introduction
The Telematics infrastructure
Electronic Health Card
Health Professional Card
Hardware Security Module
Emergency data
Existing/ proposed solution for Back-up/Recovery of
emergency data
Existing/proposed solution
Disadvantages
Renewing of the eHC (lost, defect or expired)
Recovery of emergency data on the eHC
Krawczyk’s Secret Sharing Scheme
Our proposal solution
Conclusion
3. Privacy Preserving Back-up and Recovery of Emergency Data 3
Zdravko Danailov
Basics: The Telematics infrastructure
Overview of the entire architecture
Primary systems architecture
4. Privacy Preserving Back-up and Recovery of Emergency Data 4
Zdravko Danailov
Basics: Electronic Health Card (eHC)
eHC
Solution design by the Fraunhofer Institute
Chip card (HSM)
Content (emergency data, ePrescription)
5. Privacy Preserving Back-up and Recovery of Emergency Data 5
Zdravko Danailov
Basics: Health Professional Card (HPC)
HPC
Solution design by “Elektronischer Arztausweis”-work
group
individually programmed access authorization card for
health professionals (e.g. doctors, pharmacists)
Doctor-to-doctor Method (D2D)
Creation of medicament documentation via the web-
based software star.net®
6. Privacy Preserving Back-up and Recovery of Emergency Data 6
Zdravko Danailov
Basics: Hardware Security Module (HSM)
HSM
Use as card (eHC, HPC) or eHC chip card terminal
Connection via USB-port or serial interface
7. Privacy Preserving Back-up and Recovery of Emergency Data 7
Zdravko Danailov
Basics: Emergency data
Emergency data Emergency data
relevant diagnoses, declaration for
medication or organs’ spending
allergy/ intolerance
8. Privacy Preserving Back-up and Recovery of Emergency Data 8
Zdravko Danailov
Outline
Introduction
The Telematics infrastructure
Electronic Health Card
Health Professional Card
Hardware Security Module
Emergency data
Existing/ proposed solution for Back-up/Recovery
of emergency data
Existing/proposed solution
Disadvantages
Renewing of the eHC (lost, defect or expired)
Recovery of emergency data on the eHC
Krawczyk’s Secret Sharing Scheme
Our proposal solution
Conclusion
9. Privacy Preserving Back-up and Recovery of Emergency Data 9
Zdravko Danailov
Existing/ proposed solution: Overview
Overview
Person involved: patient, doctor, paramedic
HSM: chip cards – eHC, HPC; chip card terminal;
Processing emergency data: Back-up, Recovery, Update
10. Privacy Preserving Back-up and Recovery of Emergency Data 10
Zdravko Danailov
Existing/ proposed solution by gematik
Authentication
Processing of emergency
data
Creating Back-up (on A4
paper or in local database)
Recovery of emergency data
on eHC
11. Privacy Preserving Back-up and Recovery of Emergency Data 11
Zdravko Danailov
Disadvantages of the solution: Renewing of the eHC(lost, defect or expired)
Renewing of the eHC (lost, defect or expired)
Obtaining the emergency data from A4 paper
Creation of A4 paper with emergency data – optional
A4 paper – lost, stolen or deleted
Exposing of private data
Obtaining the emergency data from primary system’s database
Temporary Back-up may be: 1.deleted 2.not accessible
12. Privacy Preserving Back-up and Recovery of Emergency Data 12
Zdravko Danailov
Disadvantages of the solution: Recovery of emergency data on the eHC
Recovery of emergency data on the eHC
Obtaining the emergency data from A4 paper
Creation of A4 paper with emergency data – optional
A4 paper – lost, stolen or deleted
Exposing of private data
Obtaining the emergency data from primary system’s database
Temporary Back-up may be: 1.deleted 2.not accessible
13. Privacy Preserving Back-up and Recovery of Emergency Data 13
Zdravko Danailov
Outline
Introduction
The Telematics infrastructure
Electronic Health Card
Health Professional Card
Hardware Security Module
Emergency data
Existing/ proposed solution for Back-up/Recovery of
emergency data
Existing/proposed solution
Disadvantages
Renewing of the eHC (lost, defect or expired)
Recovery of emergency data on the eHC
Krawczyk’s Secret Sharing Scheme
Our proposal solution
Conclusion
14. Privacy Preserving Back-up and Recovery of Emergency Data 14
Zdravko Danailov
Secret Sharing Scheme (SS)
Secret Sharing Scheme (n,m)
Invented by both Adi Shamir and George Blackley independently of each
other in 1979
Method for distribution of a secret S among a group of n-
participants
Reconstruction is possible only when a sufficient number
of shares are combined together
15. Privacy Preserving Back-up and Recovery of Emergency Data 15
Zdravko Danailov
Shamir’s Secret Sharing Scheme
Shamir’s Secret Sharing Scheme (n,t)
Based on polynomial interpolation
Distribution
polynomial of degree t-1, secret S = k0, coefficients kt-1,…,k1 picked at
random
n points on the curve; n participants
Reconstruction
at least t out of the n players reveal their points
sufficient information
secret S
information-theoretically secure
storage efficient
Size of shares = size of secret |S|
16. Privacy Preserving Back-up and Recovery of Emergency Data 16
Zdravko Danailov
Information Dispersal Scheme (IDS)
Information Dispersal Scheme (n,m)
Based on error correcting codes (e.g. Reed-Solomon Code)
Method for distribution of information F among a group of
n-participants
Reconstruction is possible when sufficient number of
fragments (≥m) are combined together
Secrecy is not important
size of fragments =
17. Privacy Preserving Back-up and Recovery of Emergency Data 17
Zdravko Danailov
Krawczyk’s Secret Sharing Scheme
Krawczyk’s Secret Sharing Scheme (n,m)
Combination of SS and IDS
computationally secure
less storage and bandwidth in comparison to Shamir’s SS
size of shares = |si| <|S|
18. Privacy Preserving Back-up and Recovery of Emergency Data 18
Zdravko Danailov
Outline
Introduction
The Telematics infrastructure
Electronic Health Card
Health Professional Card
Hardware Security Module
Emergency data
Existing/ proposed solution for Back-up/Recovery of
emergency data
Existing/proposed solution
Disadvantages
Renewing of the eHC (lost, defect or expired)
Recovery of emergency data on the eHC
Krawczyk’s Secret Sharing Scheme
Our proposal solution
Conclusion
19. Privacy Preserving Back-up and Recovery of Emergency Data 19
Zdravko Danailov
Our proposal solution: Overview
Overview
Person involved: patient, doctor, paramedic
HSM: chip cards – eHC, HPC; chip card terminal;
Properties
tolerate no non-availability
preserve privacy
no encryption but secret sharing
20. Privacy Preserving Back-up and Recovery of Emergency Data 20
Zdravko Danailov
Our proposal solution: Back-up
Back-up of emergency data
Authentication (via e.g. ID-patient/ ID-doctor, ID-eHC/ID-HPC,
Fingerprints, different types of digital signatures, PIN, etc.)
Complete the form for emergency data and/ or form for organs’ donation
Confirmation of the data, e.g. via fingerprint by the patient and doctor
Back-up
using Krawczyk’s SS – executed online via e.g. VPN
using a portable device (e.g. USB-Stick) – executed offline
21. Privacy Preserving Back-up and Recovery of Emergency Data 21
Zdravko Danailov
Our proposal solution: Recovery
Recovery of emergency data
Authentication (via e.g. ID-patient/ ID-doctor, ID-eHC/ID-HPC,
Fingerprints, different types of digital signatures, PIN) on HSM
Recovery of emergency data is possible
using Krawczyk’s SS – executed online via e.g. VPN, from every “true”/
authorized doctor or medical person
using a portable device (e.g. USB-Stick) – executed offline
22. Privacy Preserving Back-up and Recovery of Emergency Data 22
Zdravko Danailov
Outline
Introduction
The Telematics infrastructure
Electronic Health Card
Health Professional Card
Hardware Security Module
Emergency data
Existing/ proposed solution for Back-up/Recovery of
emergency data
Existing/proposed solution
Disadvantages
Renewing of the eHC (lost, defect or expired)
Recovery of emergency data on the eHC
Krawczyk’s Secret Sharing Scheme
Our proposal solution
Conclusion
23. Privacy Preserving Back-up and Recovery of Emergency Data 23
Zdravko Danailov
Conclusion
Our proposal solution
minimizes the exposition of privite data
tolerates no non-availability
offers better alternatives for back-up and recovery of
emergency data
uses no encryption but secret sharing
computationally secure
information-theoretically unsecure