Tool that provides an automated analysis of data structures in order to identify sensitive elements that may be vulnerable to specific threats.
KR02 aims to analyse the flaws and weaknesses of data structures used for the storage and exchange of especially clinical data, so as to identify sensitive elements that may be exposed to threats.Find out more »
Security requirements identification tool.
KR03 allows models of end-to-end applications to be created, and security threats and compliance issues affecting that application to be automatically identified through machine-based reasoning techniques. The exploitation of this KR is tightly coupled with KR01 and KR02.Find out more »
SHiELD open architecture and open secure interoperability API.
KR04 is composed of an open specification, enabling other implementers to replicate the SHiELD approach. This open architecture will be accompanied by an open secure interoperability API, which shall be a set of specifications for deriving requirements which will include the security features and will provide data as services to be adapted to citizens´ and healthcare providers’ expectations. Security requirements will take into consideration areas such as consent, data protection, device security and system security. The open specification will allow any member state to adopt the approach and to offer their citizens and healthcare providers the possibility for accessing their health data from other countries.Find out more »
SHiELD (Sec)DevOps tool.
This KR05 includes on one hand, at development time, a set of architectural patterns for implementing data protection security mechanisms and on the other hand, it will provide at run time security monitoring tools that will alert the operator of the system that a threat is likely to occur, alongside with the patterns that can be applied to solve that threat. The SecDevOps approach enables to deploy features into production quickly and to detect and correct problems when they occur, without disrupting other services, thanks to its continuous integration, continuous testing and continuous deployment philosophy and accompanying tools. Furthermore, this KR will integrate KR01, KR02, KR03, KR06 and KR07.Find out more »
Data protection mechanisms.
KR06 consists of a suite of security mechanisms that address data protection threats and regulatory compliance issues in end-to-end heterogeneous systems.Find out more »
KR07 monitors the data access attempts to ensure that only valid requests are accepted and only the data that is really needed is provided (e.g. providing statistically aggregated data or anonymized data where that is sufficient). This tool also logs requests to data and the level of access granted for tracking and reporting purposes.Find out more »