personal data security in telemedicine m. grayvoronskyy, a. novikov ntuu “kpi”, kiev, ukraine
TRANSCRIPT
![Page 1: Personal data security in telemedicine M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine](https://reader030.vdocument.in/reader030/viewer/2022032802/56649e155503460f94aff5c8/html5/thumbnails/1.jpg)
Personal data security in telemedicine
M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine
![Page 2: Personal data security in telemedicine M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine](https://reader030.vdocument.in/reader030/viewer/2022032802/56649e155503460f94aff5c8/html5/thumbnails/2.jpg)
Characteristics of the information
Confidentialityonly authorized persons may become familiar with the
information
Integrityonly authorized persons may in any way modify the information
Accessibilityany authorized object may obtain data within the certain (short)
time interval
![Page 3: Personal data security in telemedicine M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine](https://reader030.vdocument.in/reader030/viewer/2022032802/56649e155503460f94aff5c8/html5/thumbnails/3.jpg)
Teleworkers
Remote SitesCentral Sites
ATM / FR / ISDN
WANRouter
Network Reference Model
PBX
Hub
IPTGateway
Hub
PSTN
Router
WAN
Violator (internal)
L3 SwitchL2
Switch
PBX
Violator (External)
Internet
WAN Router/IPT Gateway
![Page 4: Personal data security in telemedicine M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine](https://reader030.vdocument.in/reader030/viewer/2022032802/56649e155503460f94aff5c8/html5/thumbnails/4.jpg)
Confidentiality
The violation of confidentiality (privacy): disclosure of information Typical ways for disclosure of information: – “sniffing”: listening of the data transmitted via a
telecommunication channel– “spoofing”: an authorized object of
telecommunication exchange is substituted by an unauthorized object
![Page 5: Personal data security in telemedicine M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine](https://reader030.vdocument.in/reader030/viewer/2022032802/56649e155503460f94aff5c8/html5/thumbnails/5.jpg)
TeleworkersSpoofing
Sniffing
WANRouter
Violation of confidentiality
HubHub
WANL3 Switch
L2Switch
Internet
WAN Router/IPT Gateway
Router
![Page 6: Personal data security in telemedicine M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine](https://reader030.vdocument.in/reader030/viewer/2022032802/56649e155503460f94aff5c8/html5/thumbnails/6.jpg)
Integrity
The violation of integrity: – partial or complete loss of the information– falsification of data
Hub
WAN Router/IPT Gateway
Router
![Page 7: Personal data security in telemedicine M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine](https://reader030.vdocument.in/reader030/viewer/2022032802/56649e155503460f94aff5c8/html5/thumbnails/7.jpg)
Accessibility
The violation of accessibility: denial of service (DoS) attacks
Hub
WAN Router/IPT Gateway
Router
![Page 8: Personal data security in telemedicine M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine](https://reader030.vdocument.in/reader030/viewer/2022032802/56649e155503460f94aff5c8/html5/thumbnails/8.jpg)
Methods of information protection
Authentication of objectsData ciphering (encryption)Signing of dataRedundancy and backup in storage of dataRedundant data channels
![Page 9: Personal data security in telemedicine M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine](https://reader030.vdocument.in/reader030/viewer/2022032802/56649e155503460f94aff5c8/html5/thumbnails/9.jpg)
Virtual Private Networks
Public Internet(Untrusted network)
PrivatePublic
Private
Public
FR or Leased Line(Intranet, trusted private network)
Public WAN VPN(Dynamic routing over
encrypted tunnels)
Public WAN(Clear-text, static routing)
Private WAN(Clear-text or Encrypted
Routing - Static, RIP, OSPF)
Branch Office Tunnel
IP Phones
Video conference
![Page 10: Personal data security in telemedicine M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine](https://reader030.vdocument.in/reader030/viewer/2022032802/56649e155503460f94aff5c8/html5/thumbnails/10.jpg)
Transport and Tunnel Mode
New IPHeader
Sec ProtocolHeader
Data
IP Header Data
Tunnel Mode
Original IPHeader
Sec ProtocolHeader
Transport Mode
Original IPHeader
Data
Encryption
Encryption
Outer IP Header
Inner IP Header
![Page 11: Personal data security in telemedicine M. Grayvoronskyy, A. Novikov NTUU “KPI”, Kiev, Ukraine](https://reader030.vdocument.in/reader030/viewer/2022032802/56649e155503460f94aff5c8/html5/thumbnails/11.jpg)
A good example: Nortel Networks Contivity
Mo
du
lar
Ser
vice
Op
tio
ns
Dec
reas
ed C
ost
Software License KeysSoftware License Keys
Firewall Firewall ServicesServices
VPN VPN ServicesServices
Adv Adv RoutingRouting
Base ServicesBase Services
Contivity can function as – VPN device– Router – Firewall– Or any combination