Click on the components’ icons to find out more!

What is the current situation?

With the recent adoption of cloud computing and the need to host sensitive information systems in virtualized resources, many users seem to be reluctant to store their personal data in the cloud or adopt sensitive systems hosted in the cloud. This unwillingness is even more evident when the systems in question refer to the healthcare domain. And the main challenge for cybersecurity, irrespectively of context and risk level, remains relevant to the healthcare domain: How do we prevent unauthorized access to data?

With the existing protocols, Cloud Service Providers (CSPs) are responsible for both encrypting and storing the data, which makes them a high-value target for hackers, and also, if the fact that the key is known to the cloud service provider raises a data privacy issue.

What ASCLEPIOS offers

ASCLEPIOS addresses these challenges and provides a cloud-based eHealth framework that protects users’ data, enhances privacy, and maximizes and fortifies users’ trust in cloud-based healthcare services.

The core idea of ASCLEPIOS evolves around main axes:

  1. Allow cloud-based health services to preserve users’ privacy without sacrificing functionality.
  2. Offer a novel solution through which healthcare practitioners and medical researchers can calculate medical data statistics in a privacy-preserving manner.
  3. Give users the ability to verify medical devices’ integrity before using them and receive certain guarantees about their cloud service provider’s trustworthiness.

How it works

While researchers have developed many theoretical models that could enhance healthcare services’ security level, only a rudimentary set of techniques are currently in use. ASCLEPIOS addresses these limitations by utilizing several modern cryptographic approaches to build a cloud-based eHealth framework that protects users’ privacy and prevents both internal and external attacks. ASCLEPIOS provides a policy-based access control mechanism (Attribute-based Access Control – ABAC) used to protect both healthcare applications and the data and allow the support and easy execution of complex scenarios for accessing medical data. It also provides out of the box Searchable Symmetric Encryption (SSE) that is an ideal scheme for securely sharing medical data. In addition, an innovative key sharing mechanism that uses Attribute-based Encryption (ABE) encryption allows the sharing of SSE keys based on policies and the attributes of users, thus making easier the usage of SSE in real-life situations. Furthermore, statistical analysis over the encrypted data can be performed by utilizing the Functional Encryption (FE) is provided through the ASCLEPIOS platform.

ASCLEPIOS has been designed and developed to support web applications and provide user federation capabilities that allow integration with existing EHR platforms and other healthcare applications.

Finally, ASCLEPIOS includes analytics tools (CEAA and APAM) that provide the organization’s administrators and Data Protection Officers (DPO) valuable insights about the platform’s usage and access to data.

Click on the components’ icons in the image above to find out more!

Icons that appear in the ASCLEPIOS Platform diagram made by FlatIconsDinosoftLabs and Freepik from