As a matter of fact, eHealth is an area of rapid innovation, but designing the secure services for emergent eHealth solutions requires a large amount of effort and the collaboration of stakeholders with different views on security and privacy requirements.
The main motto behind NESSoS is "prevention is better than cure'', indeed we can reduce the number of vulnerabilities in Future Internet services by having security and privacy “by design”, that is right from the early phase of engineering lifecycle.
Current examples of the work being done within NESSoS in the area of eHealth include the development of tools for all phases of the development lifecycle, from the identification of privacy threats and requirement analysis, over the automatic generation of secure-by-design eHealth services from declarative models, to the run-time assurance of security compliance, even when changes in the process or in the requirements occur.
Security competes with flexibility and with availability in many particular situations. Thus NESSoS offers dynamic supervision and enforcement of trade-off policies, allowing for instance controlled access to resources in spite of known security threats, acceptable under some conditions in order to avoid life-threatening situations, use of work-flow models to describe the dynamics of a Patient-Monitoring Work-Flows, verification of work-flows with declarative authorisation policies that include revocation and delegation, and the automatic generation of orchestration of sub-systems, satisfying among others separation of duties requirements and secure recording of events.
Also, NESSoS is interested to data-related aspects, like the smart content generation via sensors that continuously monitor the physical activity or the nutritional intake, and the aggregation and use of data, for instance to recommend personalised insulin dosages.
Methods and tools from NESSoS are already being experimented in the context of several industrial solutions, such as yourEHRM from Atos and Soarian and Syngo from Siemens.
For more details, see http://www.nessos-project.eu/ and http://www.nessos-project.eu/media/deliverables/y2/NESSoS-D4.2-PartII-Roadmap.pdf.
You can also still contribute to the NESSoS roadmap by filling the on-line survey accessible from the web site.