Abstract: One or more example embodiments of the present invention relates to a method for transmission of medical datasets, including providing a medical dataset from an internal data memory, the medical dataset including data elements, each data element of the data elements having a data type, providing a security profile, the security profile including rules for a degree of a data anonymization of data elements of a respective data type, creating an anonymized medical dataset based on the provided medical dataset and the provided security profile, the data elements of the medical dataset are each anonymized based on the respective data type and the security profile, the anonymized medical dataset includes the anonymized data elements and transmitting the anonymized medical dataset to an external data memory.

Abstract: A computer-implemented method for assessing a person re-identification risk in an application domain is provided. In the application domain, for each of a plurality of persons a corresponding personal record is stored in a database. Each record comprises a set of attributes. Each attribute comprises a corresponding attribute name and a corresponding attribute value.

Abstract: A computer-implemented method is for dynamic data minimization of a data set for transfer of the minimized data set from a central instance to outside of the central instance, the data set including a second set of individual attributes. The method includes provisioning a whitelist including a first set of attributes being a subset of a second set of attributes. The minimized data set includes the first set of attributes. The method further includes determining an attribute list including a third set of attributes, the third set of attributes including at least the complement of the first set of attributes in relation to the second set of attributes. The method also includes provisioning the attribute list by the central instance for use outside of the central instance.

Abstract: A computer-implemented method for providing anonymized patient datasets, comprises: analyzing statistical population data to ascertain obfuscation parameters; and anonymizing patient datasets including quasi-identifiers as attributes by obfuscating the quasi-identifiers of the patient datasets based on the obfuscation parameters to generate the anonymized patient datasets. A system includes at least one processor and a memory, and is configured to provide the anonymized patient datasets.

Abstract: A method for transfer of a dataset includes provisioning or generating a user-side Diffie Hellman key pair, including a secret user key and a public user key; transferring the public user key to the server; provisioning or generating a server-side Diffie Hellman key pair, including secret server and public server keys; provisioning a dataset on the server; generating a server-side Diffie Hellman key using the secret server key and the public user key, and encrypting the dataset to generate an encrypted dataset, via a resulting server-side Diffie Hellman key generated on the server side; transferring the encrypted dataset to the cloud service; retrieving the public server key and the encrypted dataset from the cloud service; and generating a user-side Diffie Hellman key using the secret user key and the public server key retrieved, and decrypting the encrypted dataset on the user device using the user-side Diffie Hellman key.

Abstract: A medical data management system is for managing medical data. In an embodiment, the system includes a medical data gateway, including a processor connectable to a plurality of input devices, the medical data gateway being connected to a local network. Further, the processor is configured to carry out: collecting medical data, associated to a non-pseudonymized patient identifier and a data source identifier, from an input device; pseudonymizing at least the non-pseudonymized patient identifier of the medical data; exporting the pseudonymized medical data to a remote storage, the remote storage being part of a remote network external to the local network; allowing access to the non-pseudonymized patient identifier to a local application, running in the local network, and/or refusing access to the non-pseudonymized patient identifier to a remote application, running outside of the local network. A corresponding medical data management method is for managing medical data.

Abstract: A gateway and a method are provided for securely storing (and/or securely retrieving) medical data the method for storing comprising at least steps of: obtaining, in a secure environment, medical data which include patient property data as well as patient identifier data wherein the patient identifier data indicate at least one patient to which the patient property data correspond; generating, in the secure environment de identified medical data by replacing the patient identifier data in the medical data with non-patient-identifying coded identifiers; generating, in the secure environment, a re-identifying database indicating correspondences between the non-patient-identifying coded identifiers and the patient identifier data; generating n encrypted re-identifying database by applying, in the secure environment, at least one symmetric and/or asymmetric encryption method to the re-identifying database; storing the encrypted re-identifying database and the de-identified medical data on a cloud storage outsi

Abstract: A computer-implemented method is for dynamic data minimization of a data set for transfer of the minimized data set from a central instance to outside of the central instance, the data set including a second set of individual attributes. The method includes provisioning a whitelist including a first set of attributes being a subset of a second set of attributes. The minimized data set includes the first set of attributes. The method further includes determining an attribute list including a third set of attributes, the third set of attributes including at least the complement of the first set of attributes in relation to the second set of attributes. The method also includes provisioning the attribute list by the central instance for use outside of the central instance.

Abstract: Systems and methods for sharing medical data sets are provided. An embodiment of the method includes: receiving medical data sets from a medical system; receiving associated information from a database separated from the medical system, the associated information providing information associated to the medical data sets; uploading the medical data sets to a cloud platform; processing the associated information and the medical data sets to identify one or more entitled users, the entitled users being entitled to access a respective medical data set; retrieving additional user information of the entitled users; and granting the entitled users access to the respective medical data set in the cloud platform based upon the additional user information.

Abstract: A method for transfer of a dataset includes provisioning or generating a user-side Diffie Hellman key pair, including a secret user key and a public user key; transferring the public user key to the server; provisioning or generating a server-side Diffie Hellman key pair, including secret server and public server keys; provisioning a dataset on the server; generating a server-side Diffie Hellman key using the secret server key and the public user key, and encrypting the dataset to generate an encrypted dataset, via a resulting server-side Diffie Hellman key generated on the server side; transferring the encrypted dataset to the cloud service; retrieving the public server key and the encrypted dataset from the cloud service; and generating a user-side Diffie Hellman key using the secret user key and the public server key retrieved, and decrypting the encrypted dataset on the user device using the user-side Diffie Hellman key.

Abstract: A client device for the secured activation of functions of a client, a server device for providing a password for the client device, and corresponding methods. The client device has a storage unit for storing a plurality of service keys, each service key defining at least one function of the client and being allocated to a password, a receiving unit for receiving a password from a server, and a processing unit for comparing the plurality of service keys with the received password, for selecting the service key to which the received password is allocated, and for activating at least one function of the client which is contained in the selected service key.

Abstract: A client device for the secured activation of functions of a client is disclosed. The client device has a storage unit for storing a plurality of service keys, each service key defining at least one function of the client and being allocated to a password, a receiving unit for receiving a password from a server, and a processing unit for comparing the plurality of service keys with the received password, for selecting the service key to which the received password is allocated, and for activating at least one function of the client which is contained in the selected service key. Furthermore, a server device for providing a password for a client device and corresponding methods is proposed.

Abstract: In a method and an apparatus for assessing of security of components, in particular, of components involved in safety-critical infrastructures, the assessment of security of the safety-critical component has an assessing of risks of the respective component and deriving of security measures for the component. Further, an assessing of a level of implementation for each standardized security measure is performed defined by a standard and/or requirement document for the component as well as evaluating of a resilience of the component against attacks directed to the component by performing test attacks against the component which are arranged by use of test cases defined by use of risk assessing results, and by use of implementation level assessing results for each standardized security measure. Thus, improved assessing of the security of components is enabled which can be used, e.g., for insurance of the security of safety-critical components and infrastructures.