Using AWS’s advanced security services to develop GxP-qualified system for global management of security in patient-facing IoT solution
A global market leader in digital life science devices has developed a solution for automatically recording self-dosing of medication via personal injection pens. The devices can send data via Bluetooth to a large number of different partner-developed Apps that are installed on the patient’s phone. Each device contains unique encryption keys, and access to these is controlled individually for each partner, so that they can securely access the patient’s data in their Apps.
In order to ensure both extreme uptime requirements and compliance with highly restrictive governance and compliance regimes, a solution was needed that could guarantee both security and availability at a level that can support a global product launch.
KeyCore developed a solution that runs simultaneously in several AWS regions at the same time and is based on dedicated security hardware (so-called “Hardware Security Modules” – HSM) for cryptographically verifiable internal security. The solution is both GxP-qualified and complies with a number of open standards for security systems.
The customer wanted to migrate an existing platform from another cloud provider to AWS. The solution had to generate and manage access to individual encryption keys used to secure data exchange between medical equipment and patient-oriented Apps.
The existing solution did not sufficiently meet the requirements for security and uptime, so a new solution was required.
KeyCore designed a new solution that combined best-practices in cryptography with best-practices in cloud architecture. In this way, we were able to deliver a system that both forms a cornerstone in the customer’s patient-oriented IoT product deployments and at the same time, via its high level of security, helps with regulatory approval of the entire ecosystem around the devices.
The solution has been developed to support the customer’s requirements for:
High uptime (99.99% – with the possibility of expansion up to more than “9 nines” by adding more regions)
High traceability of all actions
Low operational requirements
The solution from KeyCore is a 4-layer architecture, which is designed to utilize 3 availability zones (data centers) per region. The solution works even if only a single availability zone is available in a region. The solution is designed for easy expansion with multiple regions as business needs require. All regions are active simultaneously and all queries are automatically sent to the closest region. Data is automatically synchronized between all regions with a delay of less than one second.
All sensitive operations regarding encryption keys take place in the innermost layer of the solution using dedicated encryption hardware (HSM). Access control for partners is managed via a fully automated certificate hierarchy, and the solution includes global monitoring of both activities and any connection problems from partners.
Among the many standards that are adhered to beyond GxP qualification are NIST 800-130 and FIPS-140-3 – both are very detailed and contain a large number of concrete requirements for security and traceability.
A large number of these requirements can be met because the solution is based on AWS’s unique possibilities for automation, built-in security functions and the high level of certification for all services. The combination of certified services and strong cryptography makes it possible to ensure GxP qualification of the solution with significantly less effort than it would have required to provide the same security outside of AWS.
Among the AWS Services used are
- AWS KMS
- AWS Fargate
- AWS WAF
- AWS S3
- AWS VPC
- AWS Lambda
- AWS API Gateway