GATEKEEPER is a European project that aims to build a decentralized digital ecosystem to facilitate collaboration and deliver mutual benefits to stakeholders in Europe. It focuses on developing a digital platform that enhances AI services for early prevention and intervention in various European pilots. The platform generates real-life evidence through pilot sites, encourages adoption through open calls, and ensures sustainability through foundation activities. The project’s ultimate goal is to empower aging citizens to maintain optimal functional ability and contribute to the United Nations Sustainable Development Goal of promoting well-being for all ages.
The GATEKEEPER platform enables the creation of secure and interoperable applications in the health and wellness domains. Certified data connectors allow medical and consumer devices to provide reliable real-world data to a federated data platform and its associated services and applications. The platform offers AI services for early prevention and intervention, as well as AI utilities for data pre-processing, processing, and transformation, which streamline AI pipelines. The project validates these AI-based solutions, data models, and device connector services through a large-scale pilot involving over 40,000 participants across 11 worldwide pilots addressing nine medical use cases.
The GATEKEEPER platform has the capability to automatically adjust computational resources and server instances based on workload demands. This is made possible by leveraging an open-source container platform, which follows an infrastructure-as-code approach. Moreover, the platform is infrastructure agnostic, meaning it can be deployed in various hardware compliant environments, including private, public, or hybrid clouds, thanks to its use of open-source technologies and licensing.
The following figure 1 represents the software layers of the Container Platform.
Figure 1 – GATEKEEPER Architecture
The bottom layer of the platform represents the infrastructure, which will be installed on HPE-provided physical hardware and data center. It consists of virtual nodes running on OKD, the Community Distribution of Kubernetes. The infrastructure nodes can include bare metal machines, cloud instances, or both, enabling hybrid deployments. The chosen operating system is CentOS/Fedora CoreOS due to their open-source nature. Within the HPE platform, Docker is used as the core containerization technology, while Kubernetes handles the orchestration. Resource management tools sit on top of the containerization layer and are responsible for administering the physical resources of nodes (CPU, RAM, storage) and providing a unified view of the underlying infrastructure as a homogeneous resource pool to higher layers.
The multi-tenancy level segregates the resource pool into tenants. In GATEKEEPER, tenants can be created for each partner, pilot, or any other entity. The system administrator can assign Resource Quotas to tenants to limit their resource consumption in terms of CPU cores, storage, and memory based on the total resource availability.
On top of this, the platform offers additional high-level functionalities. It enables connecting to existing data lakes without moving the data and provides cluster management functions, allowing users to create, stop, expand, contract, or create auto-sizing rules for clusters according to their needs.
The Enterprise Data Services layer includes security services applied at the container level, such as authentication, authorization, encryption, TDE (Transparent Data Encryption), TLS (Transport Layer Security), and SSL (Secure Sockets Layer).
For each tenant, the Applications catalog provides a range of reference Kubernetes applications that users can utilize as they are or customize to meet specific requirements.
The GATEKEEPER platform, built on top of the Container Platform, can be accessed through a feature-rich web user interface environment, which includes a Developer portal and a Marketplace. The Developer Portal serves as a fundamental element that enables community building and ecosystem networking around the GATEKEEPER open-source project. Developers can access GATEKEEPER components through the Developer Portal and combine them with third-party services to create new services and applications that can be made available in the platform via the marketplace.
Figure 2 – GATEKEEPER Platform
Figure 2 represents a logical view of the whole GATEKEEPER Platform. The system diagram uses arrows to indicate data flows and colors to highlight the roles of different components. All components are registered as Things, following the principles of the Web of Things.
- Pink components represent Core Platform Things, responsible for providing core functionalities such as access to Things and data, user management, data integration, and Big Data analytics capabilities.
- Green components represent AI/ML Things that leverage the core services to offer early detection, prediction, and proactive healthcare services.
- Yellow components represent External Things that can interact with the platform and cater to specific needs of pilots or application requirements, extending the platform’s capabilities.
- Blue components represent Data sources, encompassing various types of sources generating health data managed by the platform. They connect directly or indirectly to the GATEKEEPER platform through connectors.
- Gray arrows illustrate the main data flows managed by the platform. All components and services interacting with the platform need to be registered and possess an authorization token to access the provided functionalities. The Web of Things Thing Management System (TMS) acts as the central gateway, orchestrating interactions within the platform. The GATEKEEPER Trust Authority (GTA) certifies Things, secures connections between components, and manages authentication, authorization, and auditing.
Through the GATEKEEPER Web Environment, developers can register new things or access existing ones via the Developer Portal. Business users and administrators can use the Marketplace to browse available things or manage the platform.
Data sources enter the platform through connectors, which vary depending on the devices and protocols they interact with. The connectors include Gateway BLE/FHIR for Bluetooth devices compliant with BLE Continua Standard Health Profiles, Web Data Connectors for online data files or Web-based APIs, Intelligent Medical Device Connectors for fully connected devices, Multi-Robot Connectors for robot sensor data, and the Personal Health GATEKEEPER App, an extension of Samsung Health App enabling interaction with the Samsung Health ecosystem.
All connectors send health data in the original producer format to the Data Federation Integration Engine. This component translates the data into the common GATEKEEPER data format (GATEKEEPER FHIR IG) and stores it in the Data Federation FHIR Server, ensuring semantic interoperability. The data is also forwarded to the Big Data Infrastructure, which offers analysis services and combines data from the Data Federation and potential external sources.
The Big Data Infrastructure stores data used by the AI Reasoning Framework. This framework employs diagnostic and prognostic algorithms for various diseases, early detection of changes in patient conditions, risk factor evaluations, and personalized monitoring, prevention, and intervention.