Risk Assessment Driven Use of Advanced SIEM Technology for Cyber Protection of Critical e-Health Processes

The approach presented in this paper provides effective protection of critical business processes by applying advanced SIEM technology in a rigorous fashion, based on the results of accurate risk assessment. The proposed SIEM tool advances the State of The Art of the technology along two axes, speci...

Full description

Saved in:
Bibliographic Details
Published in:SN computer science 2022, Vol.3 (1), p.16, Article 16
Main Authors: Coppolino, Luigi, Sgaglione, Luigi, D’Antonio, Salvatore, Magliulo, Mario, Romano, Luigi, Pacelli, Roberto
Format: Article
Language:English
Subjects:
Advances on Signal Image Technology and Internet based Systems
Computer Imaging
Computer Science
Computer Systems Organization and Communication Networks
Cybersecurity
Data Structures and Information Theory
Health care industry
Hospitals
Information Systems and Communication Service
Infrastructure
Internet of Things
Medical device industry
Medical equipment
Original Research
Pattern Recognition and Graphics
Risk assessment
Software Engineering/Programming and Operating Systems
Vision
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The approach presented in this paper provides effective protection of critical business processes by applying advanced SIEM technology in a rigorous fashion, based on the results of accurate risk assessment. The proposed SIEM tool advances the State of The Art of the technology along two axes, specifically: privacy and integrity. The advancements are achieved via combined use of two of the most promising technologies for trusted computing, namely: Trusted Execution Environment (TTE) and Homomorphic Encryption (HE). The approach is validated with respect to a real use case of a Smart Hospital (i.e., one where IT is massively used), with challenging security requirements. The use case is contributed by one of the major public hospitals in Italy. Experiments demonstrate that, by relying on continuous monitoring of security relevant events and advanced correlation techniques, the SIEM solution proposed in this work effectively protects the critical workflows of the hospital business processes from cyber-attacks with high impact (specifically: serious harm to or even death of the patient).
ISSN:2662-995X
2661-8907
DOI:10.1007/s42979-021-00858-4