Healthcare providers world-wide are developing electronic solutions to improve patient care and reduce costs. This is a complex and challenging endeavour: such systems need to integrate many distributed and heterogeneous applications and coordinate widely distributed operations as events occur, such as the referral of a patient from a GP to a specialist clinic. All of this has to be done without compromising patient safety and privacy. Not surprisingly, healthcare IT efforts in many countries suffer from cost explosion and project overruns.

In healthcare systems, middleware software acts as the "plumbing" that interconnects the various applications. A major problem is that commercial, off-the-shelf middleware used for this task is inflexible and unable to adapt to the special requirements of the medical domain. For example, a healthcare system must audit all access to a patient's records as they flow through the network and yet the audit data must not itself compromise confidentiality. This kind of confidential audit is not supported by current middleware, yet the best place to reliably provide these guarantees is at the middleware level. Similarly, a haematology department would need to detect patterns of events: abnormal blood results sent to the electronic patient notes. Again, middleware support for this does not exist, yet would be vital for an efficient solution.

A major challenge in supporting such novel middleware functionality is that there is no single set of services that covers all application requirements. Instead, middleware functionality must evolve as new applications are added to a healthcare infrastructure.

Overview

The focus of the project is to address this challenge with research into an extendable, event-based middleware architecture, SmartFlow, which can securely integrate heterogeneous systems and provide a framework for dynamically managing middleware extensions.

Large and heterogeneous applications link independent hospital departments with varying middleware requirements, including features unique to clinical environments. Since medical applications must respond quickly to numerous simultaneous events, applications coordinate all activity by sending and receiving messages using an event-driven approach.

By pushing this functionality into an intelligent middleware layer, all applications in a medical system can use these services, thus simplifying application design and deployment and improving performance. As new departments with new applications (and requirements) join the system, units can be added dynamically to SmartFlow nodes in a secure and consistent manner. To describe a middleware and its configurations, we devise a formalism that can capture high-level middleware features, their decomposition into lower-level SmartFlow units, and the dependencies and exclusion relationships between them.

Research in the SmartFlow project has focused in three separate, but closely related areas.

DEFCon: a Secure Event Based Middleware Model

Following the original SmartFlow promise for a secure event-driven kernel, DEFCon is our model for building secure, event-based applications in Java. DEFCon introduces the Decentralised Even Flow Control (DEFC) model to track and limit the dissemination of information during event processing.

PHP Aspis: a Tool to Prevent Web Injection Attacks

Research on PHP Aspis aims to provide practical methods for securing the web elements of applications. Inspired by the same information tracking methods used in DEFCon, PHP Aspis transparently hardens existing PHP applications and prevents code injection attacks such as Cross Site Scripting or SQL Injection.

SafeWeb: a Middleware for Securing Ruby-based Web Applications

SafeWeb combines the lessons from DEFCon and PHP Aspis to built a secure and easy to maintain middleware that facilitates application development at the NHS' Eastern Cancer Registry and Information Center (ECRIC).