Go to IEEE EMBS BHI 2025 Conference homepageLeveraging Trusted Execution Environments For Data Security in Healthcare Workflows
Confirmation: I have read and agree with the IEEE BHI 2025 conference submission's policy on behalf of myself and my co-authors.
Keywords: privacy preserving workflows, data privacy security in healthcare, confidential computing
TL;DR: We show the how trusted execution environments offered by hardware vendors can be leveraged to create software defined data tunnels for capture to use data security in workflows employed in healthcare and biomedical research
Abstract: Modern biomedical AI pipelines require robust data protection across heterogeneous environments, including edge devices, hospital servers, and cloud resources, each with distinct performance, trust, and regulatory considerations. While recent advancements in hardware-backed confidential computing (e.g., Intel SGX, AMD SEV, ARM TrustZone) offer promising solutions for data security, their differing threat models prevent seamless, end-to-end "capture-to-use" protection.
To address this, we propose a novel, hardware-agnostic security monitor that extends the attestation and memory-encryption capabilities of these disparate Trusted Execution Environments (TEEs). This is complemented by a software-defined secure tunnel that enforces data-centric policy, provenance, and compliance. Our proof-of-concept prototype, integrating a TrustZone-enabled Raspberry Pi with an AMD SEV virtual machine in a cloud environment, demonstrates a deployable, data-centric enclave architecture that achieves end-to-end confidentiality, integrity, and compliance without compromising clinical throughput in biomedical AI workflows.
Track: 1. Biomedical Sensor Informatics
Registration Id: FXNGKFK3TT3
Submission Number: 162
Loading