protecting medical data
play

Protecting medical data with passwordless authentication Carl - PowerPoint PPT Presentation

Sep 06, 2023 •209 likes •448 views

Protecting medical data with passwordless authentication Carl Svensson, KRY/LIVI @ PasswordsCon 2018 1 / 16 Background Biography MSc in Computer Science, KTH Head of Security, KRY/LIVI CTF: HackingForSoju E-mail (private):

  1. Protecting medical data with passwordless authentication Carl Svensson, KRY/LIVI @ PasswordsCon 2018 1 / 16

  2. Background Biography MSc in Computer Science, KTH Head of Security, KRY/LIVI CTF: HackingForSoju E-mail (private): calle.svensson@zeta-two.com E-mail (work): carl@kry.se Twitter: @zetatwo 2 / 16

  3. Background Agenda 1. KRY/LIVI, Background 2. Authentication so far 3. Expanding to other countries 4. Design process 5. Our solution 6. Results: 6 months in 3 / 16

  4. Background Disclaimers, this talk: About constraints About business About process Not about technology 4 / 16

  5. Background KRY/LIVI, Healthcare online Online healthcare provider Healthcare data Possibly the most sensitive "Patient first", UX/UI important 500 000+ users 3% of primary care in Sweden 5 / 16

  6. Background Authentication in Sweden BankID, digital identity Issued and validated by banks Private but used in public Well-established 6 / 16

  7. Background Authentication in Norway Pretty much the same as Sweden 7 / 16

  8. Background Expanding to Europe Problem In UK, no personal ID number In France, typically no ID at doctor "Passwords suck" - Our CEO "We are launching in 3 months" - Also our CEO 8 / 16

  9. Background Problem statement Problem Challenges Authenticate without passwords No digital ID available User friendly User friendly User friendly Secure Consolation Users are valuable 9 / 16

  10. Background Understand the data model Problem A person is not a phone People have kids Process Device (1-*) User (*-*) Patient 10 / 16

  11. Background Understanding the scenarios Problem New device Access to old Process No access to old Old device Reinstall Strong authentication Onfido Empty account? Allow weak authentciation Revokation? 11 / 16

  12. Background Public key challenge-reponse with Problem tiered identity Process Registration Create a device If no user, create Solution If user is patient: Onfido First medical interaction Create patient Link user to patient On create patient Onfido verification Multiple devices per patient Register new user Link users 12 / 16

  13. Background Results: Pros Problem No password! (mostly) Seamless Process (pretty) User friendly (fairly) Secure Solution 13 / 16

  14. Background Results: Cons Problem Breaks conventional mental model Overloads words Process Revokation not fast enough Solution 14 / 16

  15. Background Evaluation: How did it go? Problem Users are registering Users are staying Process No known incidents Iterative process Solution 15 / 16

  16. Thank you for listening! Questions? 16 / 16

  17. 16 / 16

  18. 16 / 16

  19. 16 / 16

  20. 16 / 16

  21. 16 / 16

  22. 16 / 16

Recommend

Data confidentiality Protecting privacy in medical research Henk Jan van der Wijk Leiden

Data confidentiality Protecting privacy in medical research Henk Jan van der Wijk Leiden

Data confidentiality Protecting privacy in medical research Henk Jan van der Wijk Leiden University Medical Center (LUMC) Tuesday 1st April 2014 from 11.30 12.00 #EBMT2014 www.ebmt.org Data confidentiality requested topics Explanation

512 views • 20 slides
Medical Devices and Data: PROTECTING PATIENTS AND THEIR PHI Marcus Christian Christopher Mikson,

Medical Devices and Data: PROTECTING PATIENTS AND THEIR PHI Marcus Christian Christopher Mikson,

Medical Devices and Data: PROTECTING PATIENTS AND THEIR PHI Marcus Christian Christopher Mikson, MD Partner Partner mchristian@mayerbrown.com cmikson@mayerbrown.com Laura Hammargren Emily Strunk Partner Associate

826 views • 70 slides
CryptDB Protecting Confidentiality with Encrypted Query Processing Katarzyna Baranowska

CryptDB Protecting Confidentiality with Encrypted Query Processing Katarzyna Baranowska

CryptDB Protecting Confidentiality with Encrypted Query Processing Katarzyna Baranowska University of Warsaw January 21, 2012 Threats Threat 1 Speed Evaluation Threat 2 More Evaluation Why secure data? Medical data Contact data Payment

1.27k views • 78 slides
The Rights of the Child and the Role of the Medical Profession in Protecting the Right to

The Rights of the Child and the Role of the Medical Profession in Protecting the Right to

The Rights of the Child and the Role of the Medical Profession in Protecting the Right to Health -- Prof. David Weissbrodt Topics and Advances in Pediatrics Max Seham Lecture Dr. Max Seham, born in Russia, 1888, and immigrated to

567 views • 30 slides
The 2012-13 Flu Epidemic: Protecting Ourselves and Our Patients Celia Shmukler, M.D., Medical

The 2012-13 Flu Epidemic: Protecting Ourselves and Our Patients Celia Shmukler, M.D., Medical

The 2012-13 Flu Epidemic: Protecting Ourselves and Our Patients Celia Shmukler, M.D., Medical Director The Winter 2012-13 Flu Epidemic: Worst Flu Season in Years Widespread nationally, in 47 out of 50 states Governor Cuomo declared a

320 views • 11 slides
Sharing and Protecting Data to Improve Student Outcomes Community Schools Community of Practice

Sharing and Protecting Data to Improve Student Outcomes Community Schools Community of Practice

Sharing and Protecting Data to Improve Student Outcomes Community Schools Community of Practice Nov. 16, 2017 Agenda Why sharing and protecting student data matters Sharing data deep dive Protecting data deep dive Tips

313 views • 30 slides
Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6

Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6

Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6 million 63% Identity fraud is a serious issue. people experienced of confirmed data Fraudsters have identity theft in 2014 breaches involved stolen

605 views • 29 slides
Protecting Sensitive Data Implementation of a Sensitive Data Manager Recommendation Briefed

Protecting Sensitive Data Implementation of a Sensitive Data Manager Recommendation Briefed

Protecting Sensitive Data Implementation of a Sensitive Data Manager Recommendation Briefed Presidents Executive Council on 13 Jan: recommended to proceed with deploying a Sensitive Data Manager tool on all UND owned computers to

321 views • 6 slides
P Protecting Confidential Data on i C fid i l D Personal Computers with S p torage g

P Protecting Confidential Data on i C fid i l D Personal Computers with S p torage g

P Protecting Confidential Data on i C fid i l D Personal Computers with S p torage g Capsules Kevin Borders, Eric Vander Weele, Billy Lau, and Atul Prakash Problem: Malicious S oftware Computing becomes pervasive, so is malware

524 views • 29 slides
Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data Protecting Personal Data Privacy & Security Project HIPAA: What it is Health Insurance Portability and Accountability Act of 1996 Also known as

445 views • 26 slides
What are we protecting? Student Data (SSN, Grades, DOBs, Credit card) Employee Data

What are we protecting? Student Data (SSN, Grades, DOBs, Credit card) Employee Data

Freeze your credit will stop someone from opening a new line of credit in your name FREE! You can unfreeze your credit at any time Get an annual copy of your credit report and review it ALSO FREE! What are we protecting? Student

885 views • 31 slides
Data Sharing Enabling innovation Protecting people Geof Heydon October 2018 1 Data

Data Sharing Enabling innovation Protecting people Geof Heydon October 2018 1 Data

Data Sharing Enabling innovation Protecting people Geof Heydon October 2018 1 Data Driving Smarter Community Success AGENDA Smarter Community Data sharing NSW Government Data Task Force and ACS Data Sharing technical committee

641 views • 25 slides
Protecting Australias red meat industry with interactive data visualisation Grant Carlson

Protecting Australias red meat industry with interactive data visualisation Grant Carlson

Protecting Australias red meat industry with interactive data visualisation Grant Carlson Development Manager Binh (James) Tham Lead Solution Architect Integrity Systems Company YOW! Data 2018 About us About us Livestock Production

444 views • 25 slides
Protecting Your Data Presented by: Shawn Davis Adjunct Professor - Illinois Institute of

Protecting Your Data Presented by: Shawn Davis Adjunct Professor - Illinois Institute of

Sen. Cristina Castros Cybersecurity Forum Protecting Your Data Presented by: Shawn Davis Adjunct Professor - Illinois Institute of Technology Dir. of Digital Forensics Edelson PC Data Collection & Tracking Staying Safe Online

594 views • 41 slides
Pr Protecting Ourselves, Pr Protecting Ot Other hers Pa Part 1: Wha What to Wear at Work k

Pr Protecting Ourselves, Pr Protecting Ot Other hers Pa Part 1: Wha What to Wear at Work k

6/2/20 HealthMatters in our Homes Pr Protecting Ourselves, Pr Protecting Ot Other hers Pa Part 1: Wha What to Wear at Work k and nd Wh Why 1 During this presentation, we will: Summarize what COVID-19 is, how it spreads, and who

463 views • 19 slides
#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy across hybrid IT Farshad Ghazi - Moderator Mat Spitz Lacy Gruen #MicroFocusCyberSummit Reiner Kappenberger Cloud-based Data Privacy and Protection:

455 views • 10 slides
Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond

Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond

Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond Daler Radjabov, Esq. NYCLA CLE Institute Todays topics CoronaVirus related scams How to secure your online identity How to protect your

514 views • 22 slides
SafeVanish: An Improved Data Self-Destruction for Protecting Data Privacy Lingfang Zeng, Zhan

SafeVanish: An Improved Data Self-Destruction for Protecting Data Privacy Lingfang Zeng, Zhan

CloudCom, Dec 3, 2010 SafeVanish: An Improved Data Self-Destruction for Protecting Data Privacy Lingfang Zeng, Zhan Shi, Shengjie Xu, Dan Feng School of Computer Science and Technology, Huazhong University of Science and Technology

269 views • 13 slides
Japanese Effort to Utilize Medical Big Data: The Enactment of the Next-Generation Medical

Japanese Effort to Utilize Medical Big Data: The Enactment of the Next-Generation Medical

World Association for Medical Law 2019 Annual Congress Japanese Effort to Utilize Medical Big Data: The Enactment of the Next-Generation Medical Infrastructure Act, 2017 Eiji Maruyama Kobe University, Kobe, Japan

498 views • 25 slides
Protecting Our Protecting Our Introduction Family Family Globally HIV/AIDS has left its

Protecting Our Protecting Our Introduction Family Family Globally HIV/AIDS has left its

Protecting Our Protecting Our Introduction Family Family Globally HIV/AIDS has left its mark on every continent, with its highest prevalence being in sub Saharan Africa 10% of the worlds population An Assessment of In 2008,

353 views • 6 slides
Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So Hospitals will be paid less unless: Good scores on Incentive payments Meeting 17 clinical processes Funded by 1% cut in base (aspirin,

418 views • 8 slides
Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So Hospitals will be paid less unless: Good scores on Incentive payments Meeting 17 clinical processes Funded by 1% cut in base (aspirin,

614 views • 7 slides
Protecting Data in Untrusted Locations An exercise in Real World threat modeling. Jan

Protecting Data in Untrusted Locations An exercise in Real World threat modeling. Jan

Protecting Data in Untrusted Locations An exercise in Real World threat modeling. Jan Schaumann 99CE 1DC7 770A C5A8 09A6 @jschauma 0DCD 66CE 4FE9 6F6B D3D7 Me. Errday. Obligatory James Mickens This World of Ours reference.

714 views • 40 slides
webinar series in the medical field Experimental data: Impact on patentability in medical

webinar series in the medical field Experimental data: Impact on patentability in medical

Examination Matters webinar series in the medical field Experimental data: Impact on patentability in medical applications Elsie Cielen Examiner, Second Medical Applications 5 December 2018 Britta Kley Lawyer Presenting today The

711 views • 68 slides

More recommend