D4.2 KONFIDO Architecture (Version 2)

This document provides a final description of the KONFIDO architecture and how the combination of complementary security-enhancing technologies has been designed by technical partners to harden sensitive eHealth distributed services designed by technical partners. This document is a revision of deliverable D4.1, where the initial version of KONFIDO architecture was reported. In the original document, we provided first details for the different viewpoints of the Reference Model of Open Distributed Processing (RM-ODP) standard, supporting the architecture definition. In this updated deliverable, we include further content for each viewpoint. Besides providing most-recent updates regarding components and the way they interact between each other in the architecture, we focus on the type of services covered. Particularly, we define how the entire KONFIDO architecture that overlays the OpenNCP framework can impact distributed eHealth services in the European Union. This will be realized by drawing KONFIDO boundaries, identifying KONFIDO users and beneficiaries, and clarifying the environment where KONFIDO is embedded.

The rest of this document is organized as follow. Chapter 1 introduces the document by describing the widely-accepted approach pursued to define the KONFIDO architecture, i.e., the RM-ODP. Then, Chapter 2, provides an overview of KONFIDO objectives and its final users and beneficiaries. Chapter 3 presents the distributed eHealth services of the OpenNCP framework covered, paying a particular attention to the information flow. Chapter 4 describes the components belonging to the KONFIDO architecture and how these provide enhanced security to OpenNCP. Chapter 5 surveys the interactions between the KONFIDO components required to secure the covered type of services. Chapter 6 describes the technologies needed by KONFIDO to evaluate the security enhanced OpenNCP. Finally, Chapter 7 concludes the document.