ASCLEPIOS Architecture Updates

ASCLEPIOS Architecture Updates

The design of the initial ASCLEPIOS architecture (Feature Image – left) during the early stages of the project was a first step that helped identify the requirements of the platform and compose the basic scenarios, while it was also used for the design and implementation of the individual ASCLEPIOS tools.

However, with the actual integration and setup of the overall framework in the scope of the dedicated ASCLEPIOS pilots, some key changes were introduced, in order to enhance the usability, security and real-life adoption of the platform. These changes are reflected in the technical ASCLEPIOS architecture (Feature Image – right) that also constitutes the final architecture of the ASCLEPIOS platform.

What’s new?

The majority of the architecture updates was a result of fine-tuning needed in the integration between the ASCLEPIOS components. One of the most prominent examples, was the introduction of the CPABE Server that is used to seamlessly handle attribute-based encryption / decryption and the secure communications between the SSE Client and the KeyTray. As the complexity of the project increased, some other additions to the architecture became necessary, like the use of the Keycloak Identity Provider and its connection with the Trusted Revocation Authority and the CPABE Server, in order to not only act as an access control mechanism but also as an attribute provider for attributes essential to the Attribute Based Encryption (ABE) and Attribute Based Access Control (ABAC).

All in all, the final version of the ASCLEPIOS architecture provides all the components necessary to ensure security, ease of access and availability of medical data that reside and are exchanged within the ASCLEPIOS ecosystem. If you want to find out more about the ASCLEPIOS platform as a whole or discover the individual ASCLEPIOS tools/services you can go to the dedicated section of our website!