Abstract
The approach presented in this paper provides effective protection of critical business processes by applying advanced SIEM technology in a rigorous fashion, based on the results of accurate risk assessment. The proposed SIEM tool advances the State of The Art of the technology along two axes, specifically: privacy and integrity. The advancements are achieved via combined use of two of the most promising technologies for trusted computing, namely: Trusted Execution Environment (TTE) and Homomorphic Encryption (HE). The approach is validated with respect to a real use case of a Smart Hospital (i.e., one where IT is massively used), with challenging security requirements. The use case is contributed by one of the major public hospitals in Italy. Experiments demonstrate that, by relying on continuous monitoring of security relevant events and advanced correlation techniques, the SIEM solution proposed in this work effectively protects the critical workflows of the hospital business processes from cyber-attacks with high impact (specifically: serious harm to or even death of the patient).
Highlights
With the extensive use of the Internet nowadays, companies are becoming more and more at risk from cyber-attacks
This paper proposes an effective risk assessment approach and an associated Security Information and Event Management (SIEM) tool for addressing some of the top priority security challenges experienced by “Smart Hospitals”, as defined by ENISA in [5]: “A smart hospital is a hospital that relies on optimised and automated processes built on an ICT environment of interconnected assets, based on Internet of things (IoT), to improve existing patient care procedures and introduce new capabilities”
The analysis is done with respect to the two aforementioned scenarios, whose characteristics are representative of a wide class of attacks
Summary
With the extensive use of the Internet nowadays, companies are becoming more and more at risk from cyber-attacks. Smart Hospitals are vulnerable, as they lack in cyber security due to time, resource, and knowledge constraints, while focusing more on funding and sustaining their core business. Risk assessment technologies are not able to cope rapidly with emerging cyber threats, leaving a time window where the security of the Smart Hospitals can only rely on the correct behaviour of employees, that nowadays represents the main targets to deliver (e.g., through social engineering techniques) attacks both at IT level (i.e., malware) as well as at human level (e.g., CEO frauds) that may severely compromise businesses activities. Real-time security monitoring includes a handful of technologies, with Security Information and Event Management (SIEM) being one of the key building blocks. SIEM solutions [2,3,4] typically correlate, analyse, and report information from a variety of data sources, such as network devices, identity management devices, access management devices, SN Computer Science Vol.:(0123456789)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
