Biblio

The Internet of Things (IoT) paradigm, with its highly distributed and interconnected architecture, is gaining ground in Industry 4.0 and in critical infrastructures like the eHealth sector, the Smart Grid, Intelligent Power Plants and Smart Mobility. In these critical sectors, the preservation of metrological characteristics and their traceability is a strong legal requirement, just like cyber-security, since it offers the ground for liability. Any vulnerability in the system in which the metrological network is embedded can endanger human lives, the environment or entire economies. This paper presents a framework comprised of a methodology and some tools for the governance of the metrological chain. The proposed methodology combines the RAMI 4.0 model, which is a Reference Architecture used in the field of Industrial Internet of Things (IIoT), with the the Reference Model for Information Assurance & Security (RMIAS), a framework employed to guarantee information assurance and security, merging them with the well established paradigms to preserve calibration and referability of metrological instruments. Thus, metrological traceability and cyber-security are taken into account straight from design time, providing a conceptual space to achieve security by design and to support the maintenance of the metrological chain over the entire system lifecycle. The framework lends itself to be completely automatized with Model Checking to support automatic detection of non conformity and anomalies at run time.

Fast Health Interoperability Services (FHIR) is the most recent in the line of standards for healthcare resources. FHIR represents different types of medical artifacts as resources and also provides recommendations for their authorized disclosure using web-based protocols including O-Auth and OpenId Connect and also defines security labels. In most cases, Role Based Access Control (RBAC) is used to secure access to FHIR resources. We provide an alternative approach based on Attribute Based Access Control (ABAC) that allows attributes of subjects and objects to take part in authorization decision. Our system allows various stakeholders to define policies governing the release of healthcare data. It also authenticates the end user requesting access. Our system acts as a middle-layer between the end-user and the FHIR server. Our system provides efficient release of individual and batch resources both during normal operations and also during emergencies. We also provide an implementation that demonstrates the feasibility of our approach.