Abstract
It is often said that the 'S' in IoT stands for security. In a similar vein, the 'P' in the name might be said to stand for privacy-first design. There is a large and challenging gap between functional adequacy and best practice.
In this talk, we describe the process of developing the 'home gateway' for the SPHERE 100-homes project, a Linux-based research data aggregator installed into participant homes around Bristol in order to act as an endpoint for healthcare data collection on human participants.
We begin by briefly describing the regulatory landscape that applies to human-centred research data. We tested and used open-source packages and services designed to fill as many gaps in our service design as possible. We also had to find solutions for the further, specific challenges raised by the particular requirements of the project, such as data encryption at rest, robust behaviour in the face of unexpected input or events, and auditable data workflows. Finally, we look at the everyday challenges of safely and securely maintaining a sustainable platform in the face of the risks posed by real-world vulnerabilities - patching, system updates and responding to new flaws discovered in standards, hardware and firmware.
In this talk, we describe the process of developing the 'home gateway' for the SPHERE 100-homes project, a Linux-based research data aggregator installed into participant homes around Bristol in order to act as an endpoint for healthcare data collection on human participants.
We begin by briefly describing the regulatory landscape that applies to human-centred research data. We tested and used open-source packages and services designed to fill as many gaps in our service design as possible. We also had to find solutions for the further, specific challenges raised by the particular requirements of the project, such as data encryption at rest, robust behaviour in the face of unexpected input or events, and auditable data workflows. Finally, we look at the everyday challenges of safely and securely maintaining a sustainable platform in the face of the risks posed by real-world vulnerabilities - patching, system updates and responding to new flaws discovered in standards, hardware and firmware.
Original language | English |
---|---|
Publication status | Published - 2019 |
Event | Fourth Conference of Research Software Engineers - University of Birmingham, Birmingham, United Kingdom Duration: 16 Sept 2019 → 19 Sept 2019 https://rse.ac.uk/conf2019/ |
Conference
Conference | Fourth Conference of Research Software Engineers |
---|---|
Abbreviated title | RSEConUK 2019 |
Country/Territory | United Kingdom |
City | Birmingham |
Period | 16/09/19 → 19/09/19 |
Internet address |