Exploiting New CPU Extensions for Secure Exchange of eHealth Data at the EU Level

摘要

Cross-border healthcare requires that secure mechanisms for patient data exchange among distinct eHealth infrastructures be implemented. OpenNCP is a major initiative for achieving interoperability of eHealth data among European Member States. It is an Open Source implementation of a broker-based solution that enables the exchange of clinical data among countries having different languages and regulations. It provides some level of protection - using common security technologies (e.g., TLS) - but it has not been designed with the specific goal of achieving high levels of security, and therefore it is vulnerable to more subtle attacks, such as those by privileged users and/or software. In this paper we discuss how the new extension of COTS processors - namely Software Guard eXtension (SGX) - can be exploited to implement effective mechanisms against this specific category of attacks, which is particularly challenging. We present a general approach to harden systems, and discuss in detail how we implemented it in the context of OpenNCP. Also importantly, we evaluate the performance degradation induced by SGX.