CN109194523B - Privacy protection multi-party diagnosis model fusion method and system and cloud server - Google Patents

Privacy protection multi-party diagnosis model fusion method and system and cloud server Download PDF

Info

Publication number
CN109194523B
CN109194523B CN201811163660.6A CN201811163660A CN109194523B CN 109194523 B CN109194523 B CN 109194523B CN 201811163660 A CN201811163660 A CN 201811163660A CN 109194523 B CN109194523 B CN 109194523B
Authority
CN
China
Prior art keywords
model
medical center
cloud computing
terminal
computing server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811163660.6A
Other languages
Chinese (zh)
Other versions
CN109194523A (en
Inventor
朱辉
王枫为
寇笑语
李晖
朱丹
华佳烽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201811163660.6A priority Critical patent/CN109194523B/en
Publication of CN109194523A publication Critical patent/CN109194523A/en
Application granted granted Critical
Publication of CN109194523B publication Critical patent/CN109194523B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Medical Treatment And Welfare Office Work (AREA)
  • Measuring And Recording Apparatus For Diagnosis (AREA)

Abstract

The invention belongs to the technical field of information security, and discloses a privacy-protecting multi-party diagnosis model fusion method and system and a cloud server; the medical center system comprises a trusted authority, a cloud server and a medical center terminal. The trusted authority completes system initialization and provides system parameters and key distribution for the medical center terminal and the cloud computing server; the cloud computing server stores encrypted data resources, and fuses the local diagnosis models to generate a global diagnosis model; the medical center terminal generates a local diagnosis model, encrypts and sends the local diagnosis model to the cloud computing server, and simultaneously undertakes a fusion computing task issued by the cloud computing server; the medical center terminal and the cloud computing server perform bidirectional authentication in service. The invention realizes privacy protection of local diagnosis models and case data resources of the medical center, improves system efficiency, and can be used for providing convenient and private online medical service for users in actual life.

Description

Privacy protection multi-party diagnosis model fusion method and system and cloud server
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a privacy-protecting multi-party diagnosis model fusion method and system and a cloud server.
Background
Currently, the current state of the art commonly used in the industry is such that: with the development of data mining technology and the popularization of intelligent wearable equipment, online medical diagnosis appears in daily life of people. Compared with the traditional medical treatment mode, the on-line medical diagnosis breaks through the regional limitation, shortens the medical treatment time of the user, and provides a new medical treatment mode for the user. However, in the conventional online medical diagnosis system, the medical center server provides services to the user by collecting and analyzing case data of the user to form a local diagnosis model, and since the case data owned by a single medical center terminal is limited, the generated diagnosis model is not accurate enough, and misdiagnosis is easily caused. In order to provide high-quality medical diagnosis services, multiple medical centers want to merge respective local diagnosis models into a more accurate global diagnosis model, however, the local diagnosis models are generated by each medical center with a lot of resources, and have high sensitivity and confidentiality, and the merging of models requires each medical center to share its own local diagnosis model, which causes sensitive data leakage. In order to find a solution to the above problem, solutions have been proposed, in which: the prior art, namely a system and a method for inquiring medical diagnosis service with bidirectional privacy protection, discloses a method for realizing the medical diagnosis inquiry service with the privacy protection, wherein the system is divided into a medical diagnosis server and a medical user terminal, and inquiry information of a user is encrypted by a lightweight random hiding technology, so that the bidirectional privacy protection of the user inquiry information and a medical diagnosis server database is realized. However, the method has certain defects, for example, the medical diagnosis service database has insufficient data, and misjudgment is easy to generate; the method is based on a lightweight random disturbance technology, the encryption degree is low, and the privacy protection effect is easy to lose. In the second prior art, "an electronic privacy information protection system for smart medical treatment" includes three components, namely a relay station, a cloud server and a user side, wherein the relay station is used for providing electronic medical data of a user, the cloud server is responsible for receiving the electronic medical data and verifying whether the user has access to the data, and the privacy protection effect is achieved by means of a general protection strategy and a personal privacy strategy regulation in the cloud server. The method ensures the identity security of the user accessing the data, but the data is not encrypted, so that the data is leaked once being stolen in the transmission process.
In summary, the problems of the prior art are as follows: the existing online medical diagnosis service method has the defects of single diagnosis model and no encryption in the data transmission process; in application, the diagnosis accuracy is low, data is leaked, and the privacy of a user cannot be protected.
The difficulty and significance for solving the technical problems are as follows: the traditional technologies such as secure multi-party computing and the like cannot well balance privacy protection and data processing efficiency, and the anonymization technology brings larger communication overhead. The technology can not meet the characteristics of large data volume, real-time diagnosis and timely feedback in the fusion of the diagnosis model. Therefore, a novel and efficient encryption method for privacy protection needs to be designed for diagnosis model fusion, and the method can realize privacy protection on the premise that the use of online diagnosis services by users is not influenced and the medical center does not reveal self case data, and eliminate the worry that the medical center reveals sensitive data.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a privacy protection multi-party diagnosis model fusion method and system and a cloud server.
The invention is realized in such a way that a privacy-protecting multiparty diagnosis model fusion method comprises the following steps:
initializing system parameters, randomly selecting security parameters required in a data processing process by a trusted authority, and generating a key required in encryption and authentication processes;
step two, screening and generating a local diagnosis model, encrypting the local diagnosis model by using the distributed distribution key, and then sending the encrypted local diagnosis model;
step three, fusing local diagnosis models, selecting one medical center terminal as a computing terminal after receiving the local diagnosis models, issuing computing tasks, and sending the distribution key held by the medical center terminal to other terminals; decrypting the transmitted encrypted diagnosis model by using the received distribution key, calculating a fusion result, and returning a final calculation result; generating an encrypted global diagnostic model;
and step four, the terminal obtains the global diagnosis model, sends the encrypted global diagnosis model to all medical center terminals, and decrypts by using the received distribution key to obtain the global diagnosis model.
Further, the privacy-preserving multi-party diagnosis model fusion method specifically comprises the following steps:
step one, initializing system parameters:
(1) the trusted authority selects a secure parameter α and two large prime numbers p and q, where | p | ═ q | ═ α;
(2) calculating to obtain a public key PK ═ N ═ pq and a private key SK ═ λ ═ lcm (p-1, q-1); the trusted authority selects a generator g;
(3) calculating delta according to the N and the lambda in the step (2), then setting a threshold value u which is less than the number N of the medical center terminals, and defining a formula
Figure BDA0001820571330000031
(4) The trusted authority divides the private key SK into n +1 distribution keys SK q (α) according to q (x)i) I is 0, 1, 2 … n and is sent to n medical center terminals and cloud computing servers;
(5) the trusted authority generates some bilinear parameters
Figure BDA0001820571330000032
(6) The trusted authority then follows
Figure BDA0001820571330000033
Selects a random number as its authentication private key ASKTAAnd calculates its authentication public key
Figure BDA0001820571330000034
(7) Finally, the trusted authority selects a secure symmetric encryption algorithm E () namely AES and an encryption hash function
Figure BDA0001820571330000035
And publishing the system parameters
Figure BDA00018205713300000312
(8) Each medical centre terminal obtains its own distribution key from a trusted authority. Meanwhile, the medical center terminal generates an authentication private key thereof according to the step (6)
Figure BDA0001820571330000036
And authenticating the public key
Figure BDA00018205713300000311
(9) Finally, the medical center terminal issues an authentication public key
Figure BDA0001820571330000037
And negotiate session keys with other medical center terminals
Figure BDA0001820571330000038
(10) The cloud computing server refers to (8) and (9) to generate ASKCS,APKCSAnd
Figure BDA0001820571330000039
step two, encrypting the local diagnosis model:
(1) the medical centre terminal generates a diagnosis model for the parameters of each case:
Figure BDA00018205713300000310
wherein { Pi1…PisForm the model upper limit PSKY (S)i),{Pi(s+1)…PitLower limit of composition model NSKY (S)i);
(2) Then each item of data pijkRespectively encrypted to form:
Figure BDA0001820571330000041
sending to a cloud computing server, wherein { EPi1…EPisForm the upper limit of the model EPSKY (S)i),{EPi(s+1)…EPitLower limit of composition model ENSKY (S)i);
Step three, fusing the diagnosis models:
1) the cloud computing server receives all EMi,i=1,......,n;
2) Cloud computing server applies model EMiMiddle EPSKY (S)i) All vectors EP ofijRespectively with other models
Figure BDA0001820571330000044
Is/are as follows
Figure BDA0001820571330000045
All vectors
Figure BDA0001820571330000046
By comparison, ENSKY (S)i) All vectors EP ofijRespectively with other models
Figure BDA0001820571330000047
Is/are as follows
Figure BDA0001820571330000048
All vectors
Figure BDA0001820571330000049
Comparing;
3) for all models EMiAll the steps are carried out once 2), and finally, a result overall diagnosis model is obtained:
Figure BDA0001820571330000042
the result is still an encrypted state;
4) the cloud computing server sends the encrypted global diagnosis model EGM to all medical center terminals;
step four, reading a fusion result:
1) the medical center terminal decrypts the diagnosis model EGM to obtain the final directly used general diagnosis model
Figure BDA0001820571330000043
Further, the encrypting the diagnostic model specifically includes:
(1) each medical center terminal has a local diagnosis model generated by the case data of the center, and the model is composed of a matrix:
Figure BDA0001820571330000051
is shown in which { Pi1…PisForm the model upper limit PSKY (S)i),{Pi(s+1)…PitForm the lower limit NSKY (S) of the modeli);
(2) The medical center terminal selects some random integers rijkAnd performing an encryption operation of encrypting each element in the diagnostic model by using a public key N;
Figure BDA0001820571330000052
(3) after encryption is completed, the medical center terminal can obtain an encrypted local diagnosis model:
Figure BDA0001820571330000053
wherein { EPi1…EPisForm the upper limit of the model EPSKY (S)i),{EPi(s+1)…EPitLower limit of composition model ENSKY (S)i);
(4) Then the medical center terminal generates a signature
Figure BDA0001820571330000054
Where TS is a time stamp and SI is a sessionThe ID is used to defend against potential replay attacks;
(5) and finally, the medical center terminal packages the encrypted local diagnosis model:
Figure BDA0001820571330000055
and sending the data to a cloud computing server.
Further, the comparing the local diagnostic model specifically includes:
(1) cloud computing server slave { EPSKY (S)1)…EPSKY(Sn) Choose two vectors EP inijAnd
Figure BDA0001820571330000057
wherein i is not equal to i',
Figure BDA0001820571330000056
two random integers are selected, rc,rc′Satisfy | rc′|=α/2;
(2) For all k-1, …, m, the cloud computing server performs the following calculations:
Figure BDA0001820571330000061
(3) then the cloud computing server obtains a fused vector AEPij=(acpij1,…,acpijm) The cloud computing server then obtains the private key sk of the cloud computing serverCComputing vector AEPijAnd obtain
Figure BDA0001820571330000062
Wherein
Figure BDA0001820571330000063
(4) Then the cloud computing server randomly selects one medical center terminal from all medical center terminals as a computing terminal and uses the computing terminal as a server
Figure BDA0001820571330000064
Is sent to a computing terminal, wherein
Figure BDA0001820571330000065
At the same time will
Figure BDA0001820571330000066
Is sent to all medical center terminals, wherein
Figure BDA0001820571330000067
(5) Received by other medical center terminal
Figure BDA0001820571330000068
After that, use
Figure BDA0001820571330000069
Decrypting to obtain AEPij||CS||TS||SI||SigCSAnd verifying its validity;
(6) using self-stored private keys
Figure BDA00018205713300000610
Computing
Figure BDA00018205713300000611
Wherein
Figure BDA00018205713300000612
Then the medical center terminal except the computing terminal calculates itself
Figure BDA00018205713300000613
Is sent to a computing terminal, wherein
Figure BDA00018205713300000614
(7) Receiving cloud server by computing terminal
Figure BDA00018205713300000615
And other n-1Of medical centre terminals
Figure BDA00018205713300000616
Then, the computing terminal firstly carries out decryption and verification on validity;
(8) from
Figure BDA00018205713300000617
Selecting v (v ≧ u) elements, establishing a mapping relation to ADS, and performing AEPijDecryption is performed by performing the following operations:
Figure BDA00018205713300000618
(9) calculating terminal Final pass t'ijkTo determine EPijAnd
Figure BDA00018205713300000619
the relationship of (1): if all of t'ijkIf | is greater than N/2, the computing terminal can conclude
Figure BDA0001820571330000073
Dominating EPijI.e. EPijCan be left off; if all of t'ijkIf < N/2, the computing terminal can conclude EPijDominating
Figure BDA0001820571330000074
Namely, it is
Figure BDA0001820571330000075
Can be left off; otherwise, the computing terminal concludes that the EP is presentijAnd
Figure BDA0001820571330000076
there is no relationship, both vectors remain;
(10) finally, the computing terminal generates the signature
Figure BDA0001820571330000071
Wherein VR isijIs EPijAnd
Figure BDA0001820571330000077
will then be
Figure BDA0001820571330000072
And returning the data to the cloud computing server.
Another object of the present invention is to provide a privacy-protected multiparty diagnostic model fusion system running the privacy-protected multiparty diagnostic model fusion method, the privacy-protected multiparty diagnostic model fusion system comprising:
the trusted authority is used for providing a trusted key for the cloud computing server and the medical center terminal, and the key is used for encrypting and decrypting the local diagnosis model and verifying data transmission;
the medical center terminal is used for storing and generating a local diagnosis model and sending the model to the cloud computing server after encrypting the model; and receiving the model fusion computing task issued by the cloud computing server, locally decrypting the model data, computing, and then sending the computing result to the cloud computing server.
The cloud computing server is used for storing the encrypted local diagnosis models sent by the medical center terminals, distributing and fusing computing tasks and receiving computing results; completing the fusion of the diagnosis model.
The trusted authority further comprises:
the key generation module comprises an authentication key generation submodule, a session key generation submodule, a main private key generation submodule and a main private key decomposition submodule:
the authentication key generation submodule is used for generating an authentication key pair which is used for ensuring that a data receiver confirms that the data content is correct;
a session key generation submodule for generating a session key pair for making a data receiving side confirm that data originates from an intended transmitting side;
and the main private key generation sub-module and the main private key decomposition sub-module are used for generating a main private key, decomposing the main private key into distribution private keys and sending the distribution private keys to the medical center terminal and the cloud computing server. The private key is assigned to encrypt the model.
The medical center terminal further includes:
the model fusion module comprises a local model generation submodule, a data decryption submodule and a fusion calculation submodule; the cloud computing server is used for generating a patient data model, decrypting data sent by the cloud computing server, fusing computing tasks and finally sending a computing result back to the cloud computing server;
the medical center security support module comprises an encryption sending submodule, a key storage submodule and a decryption authentication submodule, and is used for encrypting the local diagnosis model and sending the encrypted local diagnosis model to the cloud computing server, confirming the source and the correctness of data when the data are received, storing keys sent by other terminals and sharing the own distributed private key when the other terminals or the cloud computing server need to distribute the private key.
The cloud computing server further comprises:
the model assistance fusion module comprises a diagnosis model receiving sub-module, a fusion task issuing sub-module and a global model generating sub-module; the system comprises a medical center terminal, a local diagnosis module, a model fusion module, a local diagnosis module and a local diagnosis module, wherein the local diagnosis module is used for receiving an encrypted local diagnosis model sent by the medical center terminal, issuing a calculation task of model fusion, receiving calculation results of all parties and fusing the results into a global diagnosis model;
the cloud server security support module comprises a secret key storage submodule, an encryption sending submodule and a decryption authentication submodule; the system is used for storing keys sent by other terminals, encrypting and sending data, confirming the source and the correctness of the data when the data is received, and sharing the own distributed private key when other terminals need to distribute the private key.
The invention also aims to provide a cloud server for operating the privacy-protecting multi-party diagnosis model fusion method.
Another object of the present invention is to provide an online medical diagnosis system running the privacy-preserving multiparty diagnosis model fusion method.
In summary, the advantages and positive effects of the invention are: the invention realizes the privacy protection of data resources; the data is encrypted before being transmitted, and the encryption state is kept in the data processing process, so that the privacy and the safety of the data are greatly improved, and the data leakage of a medical center terminal is prevented; the fault-tolerant mechanism of the fusion of the diagnostic models is realized, and under the support of a decryption threshold value technology, even if a small number of medical center terminals cannot work due to force-inefficacy factors, the fusion results of the diagnostic models can still be correctly calculated. Meanwhile, the threshold value can be set according to different environmental elasticity. The cloud computing server has strong computing capacity, can rapidly complete a large amount of data processing, and greatly improves the efficiency of model fusion. Experiments show that in the scheme, the total time of the cloud computing server for performing the one-time fusion computing is not more than 1ms, and compared with the scheme based on the random disturbance and the paillier encryption, the efficiency is improved by about 10 times. The cost of the cloud computing server and the medical center terminal, which are communicated once, does not exceed 100KB, and the cost is saved by about 20 times compared with the scheme of random disturbance and paillier encryption. Meanwhile, the diagnosis accuracy of the fused global diagnosis model is 97%, and compared with a scheme based on a local diagnosis model, the diagnosis accuracy is improved by 30%.
Drawings
Fig. 1 is a flowchart of a privacy-preserving multi-party diagnosis model fusion method according to an embodiment of the present invention.
FIG. 2 is a schematic structural diagram of a privacy-preserving multi-party diagnosis model fusion system provided by an embodiment of the present invention;
fig. 3 is a flowchart of system initialization according to an embodiment of the present invention.
Fig. 4 is a flowchart of a medical center terminal according to an embodiment of the present invention.
FIG. 5 is a flow chart of diagnostic model fusion provided by an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Aiming at the existing online medical diagnosis service method, the diagnosis model is single, and no encryption exists in the data transmission process; the problems of low diagnosis accuracy, data leakage and incapability of protecting the privacy of a user can be caused in application; the invention provides a multi-party diagnosis model fusion method for privacy protection; on the premise of ensuring the privacy of the local diagnosis model of the hospital, the local diagnosis models of all medical centers are fused to generate a more accurate global diagnosis model.
The following detailed description of the principles of the invention is provided in connection with the accompanying drawings.
As shown in fig. 1, the privacy-protected multi-party diagnosis model fusion method provided by the embodiment of the present invention includes the following steps:
s101: initializing system parameters, randomly selecting security parameters required in the data processing process by a trusted authority, and generating keys required in the encryption and authentication processes;
s102: encrypting the local diagnosis model, screening and generating the local diagnosis model by the medical center terminal, encrypting the local diagnosis model by using a distribution key distributed by a trusted authority, and then sending the encrypted local diagnosis model to the cloud computing server;
s103: the cloud computing server fuses the local diagnosis model, the cloud computing server selects one medical center terminal as a computing terminal after receiving the local diagnosis model and issues computing tasks, and meanwhile all the medical center terminals and the cloud computing server send the distribution keys held by the medical center terminals and the cloud computing server to the rest of terminals. And the computing terminal decrypts the encrypted diagnosis model sent by the cloud computing server by using the received distribution key, calculates a fusion result and returns the final calculation result to the cloud computing server. The cloud computing server integrates all computing results to generate an encrypted global diagnosis model;
s104: the medical center terminal obtains the global diagnosis model, the cloud computing server sends the encrypted global diagnosis model to all the medical center terminals, and the medical center terminals decrypt the encrypted global diagnosis model by using the received distribution keys to finally obtain the global diagnosis model.
The application of the principles of the present invention will now be described in further detail with reference to the accompanying drawings.
As shown in fig. 2, the privacy-protected multi-party diagnosis model fusion system provided by the embodiment of the present invention includes three components, namely, a trusted authority, a medical center terminal, and a cloud computing server. Wherein:
the trusted authority completes system initialization, sets some parameters and distributes keys according to the number of the terminals and the servers.
The medical center terminal generates a local patient data model, encrypts the data model and sends the encrypted data model to the cloud computing server, receives computing tasks from the cloud computing server, shares keys with other terminals and returns computing results to the cloud computing server;
the cloud computing server receives the diagnosis model sent by the medical center terminal, selects two vectors of the two models each time for comparison, issues a computing task, receives a computing result, and finally fuses a global diagnosis model.
The trusted authority comprises: and a key generation module.
The key generation module is used for generating an initial key of the whole system. Firstly, setting a security parameter alpha and two large prime numbers p and q, and then calculating a public key N and a main private key lambda;
the module cuts and distributes the main private key to 1 cloud computing server of n medical center terminals. That is, it needs to calculate the parameter δ, and then generate n +1 cut private keys q (x) by using the formula q (x)i) And sending the data to a medical center terminal and a cloud computing server.
A medical center terminal, comprising: the model fusion module and the medical center safety support module.
The medical center safety support module is used for encrypting the diagnosis model and sending the diagnosis model to the cloud computing server, and decrypting, authenticating, storing and sharing the received data and the key. Wherein the key store is used to store private keys distributed by a trusted authority
Figure BDA0001820571330000111
And the authentication public key and the session key of other terminals, and share the own private distribution key when other medical center terminals need to decrypt. The module can also encrypt a local diagnosis model through a paillier encryption system and encrypt the encrypted diagnosis model, namely the matrix EMiAnd sending the data to a cloud computing server.
The model fusion module is used for integrating case data to generate a local diagnosis model, namely a matrix LMi() Wherein the upper half zone is the upper limit point of the diagnostic model and the lower half zone is the lower limit point of the diagnostic model. Each row of row vectors represents a case data, each column represents a diagnostic parameter; and the system is also used for receiving the fusion computing task issued by the cloud computing server, namely the comparison of the vectors. Firstly, v (v is more than or equal to u) private keys shared by other medical center terminals and the cloud computing server are needed to decrypt the received encrypted data. Then, the vector sizes can be compared to obtain the relationship between the vectors. And finally, only sending the calculation result, namely the vector relation, back to the cloud computing server.
The cloud computing server comprises a cloud server security support module and a model assistance fusion module.
The security module is used for storing a private key sk sent by a trusted authorityCAnd the authentication public key and the session key of other terminals are also used for carrying out a series of decryption calculations on the encrypted diagnosis model and sharing the calculation results to the required medical center terminal.
The model assisting fusion module is used for fusing the diagnosis models of all the medical centers into a global diagnosis model. The module can receive local diagnosis models of all medical centers, select two models each time to issue comparison calculation tasks, then receive calculation results, abandon vectors dominated by other vectors, and form upper and lower limits of the models again, and finally fuse the models into a whole diagnosis model.
The privacy-preserving multi-party diagnosis model fusion method provided by the embodiment of the invention comprises the following steps:
step 1, initializing system parameters.
1.1) the trusted authority selects a security parameter α and two large prime numbers p, q, where | p | ═ q | ═ α;
1.2) the trusted authority calculates the public key N ═ pq using the parameters, the private key λ ═ 1cm (p-1, q-1) and then the trusted authority selects a generator g, for example g ═ a2NWherein a is one
Figure BDA0001820571330000121
Random number (g ═ 1+ N is defined in the present invention for the sake of simplicity of calculation);
1.3) to resolve the private key, the trusted authority first calculates a parameter δ, where δ ≡ 0 mod λ and δ ≡ 1mod N2. Then setting a threshold value u less than the maximum number of terminals and defining a formula
Figure BDA0001820571330000122
Wherein a is1,a2,…,au-1Is that
Figure BDA0001820571330000123
Medium u-1 random numbers;
1.4) mixing
Figure BDA0001820571330000124
In which n +1 different non-zero elements alpha0,α1,…,αnAnd substituting to obtain n +1 different results, namely, the mechanism divides the private key into n +1 parts. And the data is distributed to all n medical center terminals and cloud computing servers;
1.5) in addition to this, the trusted authority generates some bilinear parameters
Figure BDA0001820571330000125
1.6) the trusted authority then
Figure BDA0001820571330000126
Selects a random number as its authentication private key ASKTAAnd calculates its authentication public key
Figure BDA0001820571330000127
1.7) finally the trusted authority selects a secure symmetric encryption algorithm E (), AES, a cryptographic hash function
Figure BDA0001820571330000128
And publish these system parameters
Figure BDA0001820571330000129
1.8) each medical centre terminal obtains its own distribution key and system parameters from a trusted authority. Meanwhile, the medical center terminal generates an authentication private key of the medical center terminal according to the step 1.6)
Figure BDA00018205713300001210
And authenticating the public key
Figure BDA00018205713300001211
1.9) finally, the medical center terminal issues the authentication public key
Figure BDA00018205713300001212
And negotiate with other medical center terminals to generate session keys
Figure BDA00018205713300001213
1.10) cloud computing server reference 1.8), 1.9) step generating ASKCS,APKCSAnd
Figure BDA00018205713300001214
and 2, encrypting and sending the local diagnosis model.
2.1) each medical centre terminal has a local diagnostic model generated from the data of the case in the centre, which model is formed by a matrix:
Figure BDA0001820571330000131
is shown in which { Pi1…PisForm the model upper limit PSKY (S)i),{Pi(s+1)…PitForm the lower limit NSKY (S) of the modeli);
2.2) the medical centre terminal selects some random integers rijkAnd performing an encryption operation of encrypting each element in the diagnostic model by using a public key N;
Figure BDA0001820571330000132
2.3) after the encryption is finished, the medical center terminal can obtain an encrypted local diagnosis model:
Figure BDA0001820571330000133
wherein { EPi1…EPisForm the upper limit of the model EPSKY (S)i),{EPi(s+1)…EPitForm a model lower limit ENSKY (S)i);
2.4) then the terminal of the medical centre generates a signature
Figure BDA0001820571330000134
Where TS is a time stamp and SI is a session ID to defend against potential replay attacks;
2.5) finally, the medical center terminal sends the encrypted local diagnosis model package:
Figure BDA0001820571330000135
and sending the data to a cloud computing server.
And 3, fusing the diagnosis models.
3.1) after the cloud computing server receives the diagnosis model packages sent by all the medical terminals, aiming at each diagnosis model package
Figure BDA0001820571330000136
The cloud computing server is used firstlySession key
Figure BDA0001820571330000137
Decryption acquisition
Figure BDA0001820571330000138
3.2) the cloud computing service then checks TS, SI, and
Figure BDA0001820571330000139
whether it is valid, e.g. whether it is verified
Figure BDA00018205713300001310
If yes, proceeding to next step, otherwise discarding the packet;
3.3) then the cloud computing server fuses the received local diagnosis models. The fusion model discards some useless vector points in the matrix by comparison, and the comparison steps are as follows:
3.3.1) cloud computing Server from { EPSKY (S)1)…EPSKY(Sn) Choose two vectors EP inijAnd
Figure BDA00018205713300001418
wherein i is not equal to i',
Figure BDA0001820571330000141
two random integers are then selected, rc,rc′Satisfy | rc′|=α/2;
3.3.2) for all k ═ 1, …, m, cloud computing servers, the following calculations were performed:
Figure BDA0001820571330000142
3.3.3) the cloud computing Server obtains a fused vector AEPij=(acpij1,…,acpijm) The cloud computing server then obtains the private key sk of the cloud computing serverCTo calculate the vector AEPijAnd obtain
Figure BDA0001820571330000143
Wherein
Figure BDA0001820571330000144
3.3.4) then the cloud computing server randomly selects one medical center terminal from all the medical center terminals as a computing terminal and uses the computing terminal as a terminal
Figure BDA0001820571330000145
Is sent to a computing terminal, wherein
Figure BDA0001820571330000146
At the same time will
Figure BDA0001820571330000147
Is sent to all medical center terminals, wherein
Figure BDA0001820571330000148
3.3.5) receipt by the other medical center terminals
Figure BDA0001820571330000149
Then, first use
Figure BDA00018205713300001410
Decrypting to obtain AEPij||CS||TS||SI||SigCSAnd verifying its validity;
3.3.6) then with its own stored private key
Figure BDA00018205713300001411
Computing
Figure BDA00018205713300001412
Wherein
Figure BDA00018205713300001413
Then the medical center terminal except the computing terminal calculates itself
Figure BDA00018205713300001414
Is sent to a computing terminal, wherein
Figure BDA00018205713300001415
3.3.7) the computing terminal receives the cloud server
Figure BDA00018205713300001416
And other n-1 medical centre terminals
Figure BDA00018205713300001417
Then, the computing terminal firstly decrypts and verifies the validity of the decryption and the verification;
3.3.8) then from
Figure BDA0001820571330000151
Selecting v (v ≧ u) elements, establishing a mapping relation to ADS, and performing AEPijDecryption is performed by performing the following operations:
Figure BDA0001820571330000152
3.3.9) calculating terminal Final pass t'ijkTo determine EpijAnd
Figure BDA0001820571330000157
the relationship of (1): if all of t'ijkIf | is greater than N/2, the computing terminal can conclude
Figure BDA0001820571330000158
Dominating EPijI.e. EPijCan be left off; if all of t'ijkIf | is greater than N/2, the computing terminal can conclude that EPijDominating
Figure BDA0001820571330000159
Namely, it is
Figure BDA00018205713300001510
Can be left off; otherwise, the computing terminal concludes that the EP is presentijAnd
Figure BDA00018205713300001511
there is no relationship, both vectors remain;
3.3.10) final computation terminal generates signature
Figure BDA0001820571330000153
Wherein VR isijIs EPijAnd
Figure BDA00018205713300001512
will then be
Figure BDA0001820571330000154
Returning to the cloud computing server;
3.4) the cloud computing server receives the computing result
Figure BDA0001820571330000155
And then first decrypt and verify its validity. EP's can then be obtainedijAnd
Figure BDA00018205713300001513
a dominance relationship of (c);
3.5) finally, determining EPSKY (S) by using the above stepsi) The cloud computing server obtains a series of EPSKY (S) vectors that are not processed by any EPSKYi) And i is 1, 2, …, a point epky(s) where n is dominant from above. The corresponding further series is not subject to any ENSKY (S)i) A point enky(s) where i is 1, 2, …, and n is dominant from below may be obtained by the same operation;
3.6) EPKY (S) and ENKY (S) form the encrypted fusion result EGM (the encrypted synthesized diagnosis model), and EPKY (S) { EG (EG) { EG) }1,…,EGs′And enky(s) { EG(s′+1),…,EGt′}, the diagnostic model fusion result can be expressed as:
Figure BDA0001820571330000156
3.7) the elements in the EGM are still encrypted by the public key N at this time. Then, the cloud computing server computes elements of the part
Figure BDA0001820571330000161
Make up EGM(CS)And generates a signature
Figure BDA0001820571330000162
Then sending the encrypted global diagnostic model package
Figure BDA00018205713300001611
To all medical center terminals.
And 4, reading the fusion result.
4.1) the medical center terminal receives the encrypted global diagnosis model packet
Figure BDA00018205713300001612
Then, each medical center terminal firstly decrypts and verifies the validity of the medical center terminal;
4.2) then each medical centre terminal uses its own private key for distribution
Figure BDA0001820571330000163
Computing
Figure BDA0001820571330000164
To obtain
Figure BDA0001820571330000165
Then self-owned through a secure channel
Figure BDA0001820571330000166
Sharing the information to other medical center terminals;
4.3) as long as there are v (v is more than or equal to u) partial decrypted ciphertexts
Figure BDA0001820571330000167
When shared, the global diagnostic model can be recovered by the following steps:
4.3.1) medical center terminal constructs a global diagnosis model decryption group
Figure BDA0001820571330000168
4.3.2) the medical centre terminal performs the following calculation to obtain each element g in the EGMij
Figure BDA0001820571330000169
4.4) finally by decrypting each element in the EGM with the above steps, all the medical center terminals can get pky(s) ═ G1,…,Gs′And nky(s) ═ G(s′+1),…,Gt′And constructing a global diagnosis model:
Figure BDA00018205713300001610
the above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (7)

1. A privacy-protected multi-party diagnosis model fusion method is characterized by comprising the following steps:
initializing system parameters, randomly selecting security parameters required in a data processing process by a trusted authority, and generating a key required in encryption and authentication processes;
step two, screening and generating a local diagnosis model, encrypting the local diagnosis model by using the distributed distribution key, and then sending the encrypted local diagnosis model;
step three, fusing local diagnosis models, selecting one medical center terminal as a computing terminal after receiving the local diagnosis models, issuing computing tasks, and sending the distribution key held by the medical center terminal to other terminals; decrypting the transmitted encrypted diagnosis model by using the received distribution key, calculating a fusion result, and returning a final calculation result; generating an encrypted global diagnostic model;
the terminal obtains a global diagnosis model, sends the encrypted global diagnosis model to all medical center terminals, and decrypts by using the received distribution key to obtain the global diagnosis model;
the privacy-protecting multi-party diagnosis model fusion method specifically comprises the following steps:
step one, initializing system parameters:
(1) the trusted authority selects a secure parameter α and two large prime numbers p and q, where | p | ═ q | ═ α;
(2) calculating to obtain a public key PK ═ N ═ pq and a private key SK ═ λ ═ lcm (p-1, q-1); the trusted authority selects a generator g;
(3) calculating delta according to the N and the lambda in the step (2), then setting a threshold value u which is less than the number N of the medical center terminals, and defining a formula
Figure FDA0003113701970000011
To resolve the private key, the trusted authority first computes a parameter δ, where δ ≡ 0 mod λ and δ ≡ 1mod N2Then setting a threshold u less than the maximum number of terminals and defining a formula
Figure FDA0003113701970000012
Wherein a is1,a2,…,au-1Is that
Figure FDA0003113701970000013
Medium u-1 random numbers;
(4) the trusted authority divides the private key SK into n +1 distribution keys SK q (α) according to q (x)i) I is 0, 1, 2 … n and is sent to n medical center terminals anda cloud computing server;
(5) the trusted authority generates some bilinear parameters
Figure FDA0003113701970000014
(6) The trusted authority then follows
Figure FDA0003113701970000021
Selects a random number as its authentication private key ASKTAAnd calculates its authentication public key
Figure FDA0003113701970000022
(7) Finally, the trusted authority selects a secure symmetric encryption algorithm E()AES, a cryptographic hash function
Figure FDA0003113701970000023
And publishing the system parameters
Figure FDA0003113701970000024
(8) Each medical center terminal obtains a distribution key of the medical center terminal from a trusted authority; meanwhile, the medical center terminal generates an authentication private key thereof according to the step (6)
Figure FDA0003113701970000025
And authenticating the public key
Figure FDA0003113701970000026
(9) Finally, the medical center terminal issues an authentication public key
Figure FDA0003113701970000027
And negotiate session keys with other medical center terminals
Figure FDA0003113701970000028
(10) The cloud computing server refers to (8) and (9) to generate ASKCS,APKCSAnd
Figure FDA0003113701970000029
step two, encrypting the local diagnosis model:
(1) the medical centre terminal generates a diagnosis model for the parameters of each case:
Figure FDA00031137019700000210
wherein { Pi1 … PisForm the model upper limit PSKY (S)i),{Pi(s+1) … PitLower limit of composition model NSKY (S)i);
(2) Then each item of data pijkRespectively encrypted to form:
Figure FDA00031137019700000211
sending to a cloud computing server, wherein { EPi1 … EPisForm the upper limit of the model EPSKY (S)i),{EPi(s+1) … EPitLower limit of composition model ENSKY (S)i);
Step three, fusing the diagnosis models:
1) the cloud computing server receives all EMi,i=1,......,n;
2) Cloud computing server applies model EMiMiddle EPSKY (S)i) All vectors EP ofijRespectively with other models EMi′EPSKY (S) ofi′) All vector EPi′j′By comparison, ENSKY (S)i) All vectors EP ofijRespectively with other models EMi′ENSKY (S) ofi′) All vector EPi′j′Comparing;
3) for all models EMiAll go intoAnd (5) performing the step 2), and finally obtaining a result overall diagnosis model:
Figure FDA0003113701970000031
the result is still an encrypted state;
4) the cloud computing server sends the encrypted global diagnosis model EGM to all medical center terminals;
step four, reading a fusion result:
1) the medical center terminal decrypts the diagnosis model EGM to obtain the final directly used general diagnosis model
Figure FDA0003113701970000032
2. The privacy-preserving multi-party diagnostic model fusion method as claimed in claim 1, wherein the encrypting the diagnostic model specifically comprises:
(1) each medical center terminal has a local diagnosis model generated by the case data of the center, and the model is composed of a matrix:
Figure FDA0003113701970000033
is shown in which { Pi1 … PisForm the model upper limit PSKY (S)i),{Pi(s+1) … PitForm the lower limit NSKY (S) of the modeli);
(2) The medical center terminal selects some random integers rijkAnd performing an encryption operation of encrypting each element in the diagnostic model by using a public key N;
Figure FDA0003113701970000034
(3) after encryption is completed, the medical center terminal can obtain an encrypted local diagnosis model:
Figure FDA0003113701970000041
wherein { EPi1 … EPisForm the upper limit of the model EPSKV (S)i),{EPi(s+1) … EPitLower limit of composition model ENSKY (S)i);
(4) Then the medical center terminal generates a signature
Figure FDA0003113701970000042
Where TS is a time stamp and SI is a session ID to defend against potential replay attacks;
(5) and finally, the medical center terminal packages the encrypted local diagnosis model:
Figure FDA0003113701970000043
and sending the data to a cloud computing server.
3. The privacy-preserving multi-party diagnostic model fusion method as claimed in claim 1, wherein the comparing of the local diagnostic models specifically includes:
(1) cloud computing server slave { EPSKY (S)1)…EPSKY(Sn) Choose two vectors EP inijAnd EPi′j′Wherein i is not equal to i',
Figure FDA0003113701970000044
two random integers are selected, rc,rc′Satisfy | rc′|=α/2;
(2) For all k-1, …, m, the cloud computing server performs the following calculations:
Figure FDA0003113701970000045
(3) then the cloud computing server obtains a fused vector AEPij=(acpij1,…,acpijm) The cloud computing server then obtains the private key sk of the cloud computing serverCComputing vector AEPijAnd obtain
Figure FDA0003113701970000046
Wherein
Figure FDA0003113701970000047
(4) Then the cloud computing server randomly selects one medical center terminal from all medical center terminals as a computing terminal and uses the computing terminal as a server
Figure FDA0003113701970000048
Is sent to a computing terminal, wherein
Figure FDA0003113701970000049
At the same time will
Figure FDA00031137019700000410
Is sent to all medical center terminals, wherein
Figure FDA0003113701970000051
(5) Received by other medical center terminal
Figure FDA0003113701970000052
After that, use
Figure FDA0003113701970000053
Decrypting to obtain AEPij||CS||TS||SI||SigCSAnd verifying its validity;
(6) using self-stored private keys
Figure FDA0003113701970000054
Computing
Figure FDA0003113701970000055
Wherein
Figure FDA0003113701970000056
Then the medical center terminal except the computing terminal calculates itself
Figure FDA0003113701970000057
Is sent to a computing terminal, wherein
Figure FDA0003113701970000058
(7) Receiving cloud server by computing terminal
Figure FDA0003113701970000059
And other n-1 medical centre terminals
Figure FDA00031137019700000510
Then, the computing terminal firstly carries out decryption and verification on validity;
(8) from
Figure FDA00031137019700000511
Selecting v (v ≧ u) elements, establishing a mapping relation to ADS, and performing AEPijDecryption is performed by performing the following operations:
Figure FDA00031137019700000512
(9) calculating terminal Final pass t'ijkTo determine EPijAnd EPi′j′The relationship of (1): if all of t'ijkIf | is greater than N/2, the computing terminal can conclude that EPi′j′Dominating EPijI.e. EPijCan be left off; if all of t'ijkIf < N/2, the computing terminal can conclude EPijDominating EPi′j′I.e. EPi′j′Can be left off; otherwise, the computing terminal concludes that the EP is presentijAnd EPi′j′There is no relationship, both vectors remain;
(10) finally, the computing terminal generates the signature
Figure FDA00031137019700000513
Wherein VR isijIs EPijAnd EPi′j′Will then be
Figure FDA00031137019700000514
And returning the data to the cloud computing server.
4. A privacy-preserving multiparty diagnostic model fusion system for operating the privacy-preserving multiparty diagnostic model fusion method of claim 1, wherein the privacy-preserving multiparty diagnostic model fusion system comprises:
the trusted authority is used for providing a trusted key for the cloud computing server and the medical center terminal, and the key is used for encrypting and decrypting the local diagnosis model and verifying data transmission;
the medical center terminal is used for storing and generating a local diagnosis model and sending the model to the cloud computing server after encrypting the model; receiving a model fusion computing task issued by a cloud computing server, locally decrypting model data, computing, and then sending a computing result to the cloud computing server;
the cloud computing server is used for storing the encrypted local diagnosis models sent by the medical center terminals, distributing and fusing computing tasks and receiving computing results; completing the fusion of the diagnosis model.
5. The privacy-preserving multi-party diagnostic model fusion system of claim 4, wherein the trusted authority further comprises:
the key generation module comprises an authentication key generation submodule, a session key generation submodule, a main private key generation submodule and a main private key decomposition submodule:
the authentication key generation submodule is used for generating an authentication key pair which is used for ensuring that a data receiver confirms that the data content is correct;
a session key generation submodule for generating a session key pair for making a data receiving side confirm that data originates from an intended transmitting side;
the main private key generation sub-module and the main private key decomposition sub-module are used for generating a main private key, decomposing the main private key into distribution private keys and sending the distribution private keys to the medical center terminal and the cloud computing server; the private key is assigned to encrypt the model.
6. The privacy-preserving multi-party diagnostic model fusion system of claim 4, wherein the medical center terminal further comprises:
the model fusion module comprises a local model generation submodule, a data decryption submodule and a fusion calculation submodule; the cloud computing server is used for generating a patient data model, decrypting data sent by the cloud computing server, fusing computing tasks and finally sending a computing result back to the cloud computing server;
the medical center security support module comprises an encryption sending submodule, a key storage submodule and a decryption authentication submodule, and is used for encrypting the local diagnosis model and sending the encrypted local diagnosis model to the cloud computing server, confirming the source and the correctness of data when the data are received, storing keys sent by other terminals and sharing the own distributed private key when the other terminals or the cloud computing server need to distribute the private key.
7. The privacy-preserving multi-party diagnostic model fusion system of claim 4, wherein the cloud computing server further comprises:
the model assistance fusion module comprises a diagnosis model receiving sub-module, a fusion task issuing sub-module and a global model generating sub-module; the system comprises a medical center terminal, a local diagnosis module, a model fusion module, a local diagnosis module and a local diagnosis module, wherein the local diagnosis module is used for receiving an encrypted local diagnosis model sent by the medical center terminal, issuing a calculation task of model fusion, receiving calculation results of all parties and fusing the results into a global diagnosis model;
the cloud server security support module comprises a secret key storage submodule, an encryption sending submodule and a decryption authentication submodule; the system is used for storing keys sent by other terminals, encrypting and sending data, confirming the source and the correctness of the data when the data is received, and sharing the own distributed private key when other terminals need to distribute the private key.
CN201811163660.6A 2018-10-01 2018-10-01 Privacy protection multi-party diagnosis model fusion method and system and cloud server Active CN109194523B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811163660.6A CN109194523B (en) 2018-10-01 2018-10-01 Privacy protection multi-party diagnosis model fusion method and system and cloud server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811163660.6A CN109194523B (en) 2018-10-01 2018-10-01 Privacy protection multi-party diagnosis model fusion method and system and cloud server

Publications (2)

Publication Number Publication Date
CN109194523A CN109194523A (en) 2019-01-11
CN109194523B true CN109194523B (en) 2021-07-30

Family

ID=64946993

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811163660.6A Active CN109194523B (en) 2018-10-01 2018-10-01 Privacy protection multi-party diagnosis model fusion method and system and cloud server

Country Status (1)

Country Link
CN (1) CN109194523B (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110728291B (en) * 2019-07-12 2022-02-22 之江实验室 Feature importance ranking system based on random forest algorithm in multi-center mode
CN110362586B (en) * 2019-07-12 2021-08-03 之江实验室 Multi-center biomedical data cooperative processing system and method without patient data sharing
CN110611567B (en) * 2019-09-20 2022-01-18 福州大学 Privacy protection medical diagnosis and treatment system based on non-deterministic finite automaton
CN110796267A (en) * 2019-11-12 2020-02-14 支付宝(杭州)信息技术有限公司 Machine learning method and machine learning device for data sharing
CN111159727B (en) * 2019-12-11 2022-12-09 西安交通大学医学院第一附属医院 Multi-party cooperation oriented Bayes classifier safety generation system and method
CN111832040A (en) * 2020-05-27 2020-10-27 福建亿能达信息技术股份有限公司 Risk coefficient evaluation system, device and medium based on public and private key encryption
CN112133423A (en) * 2020-08-28 2020-12-25 北京世纪互联宽带数据中心有限公司 Medical data processing method and device based on edge calculation and network equipment
CN112347473B (en) * 2020-11-06 2022-07-26 济南大学 Machine learning security aggregation prediction method and system supporting bidirectional privacy protection
CN113254989B (en) * 2021-04-27 2022-02-15 支付宝(杭州)信息技术有限公司 Fusion method and device of target data and server
CN113517065B (en) * 2021-05-31 2022-05-24 湖北工业大学 Cloud-assisted decision tree model diagnosis system and method for protecting medical data privacy
CN113794685B (en) * 2021-08-16 2023-09-29 德威可信(北京)科技有限公司 Data transmission method and device based on credibility assessment
CN117411652A (en) * 2022-07-08 2024-01-16 抖音视界有限公司 Data processing method, electronic device and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104915608A (en) * 2015-05-08 2015-09-16 南京邮电大学 Privacy protection type data classification method for information physical fusion system
CN105577368A (en) * 2016-01-14 2016-05-11 西安电子科技大学 Two-way privacy protective system and method for inquiring medical diagnostic service
CN105897742A (en) * 2016-05-26 2016-08-24 北京航空航天大学 Anonymous identity-based access control method applicable to electronic healthy network
CN107635018A (en) * 2017-10-30 2018-01-26 福州大学 Support the cross-domain medical cloud storage system of urgent access control and safe duplicate removal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104915608A (en) * 2015-05-08 2015-09-16 南京邮电大学 Privacy protection type data classification method for information physical fusion system
CN105577368A (en) * 2016-01-14 2016-05-11 西安电子科技大学 Two-way privacy protective system and method for inquiring medical diagnostic service
CN105897742A (en) * 2016-05-26 2016-08-24 北京航空航天大学 Anonymous identity-based access control method applicable to electronic healthy network
CN107635018A (en) * 2017-10-30 2018-01-26 福州大学 Support the cross-domain medical cloud storage system of urgent access control and safe duplicate removal

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
WBAN网络中条件隐私保护的远程用户认证方案;曹进 等;《通信学报》;20160425;第1-9页 *

Also Published As

Publication number Publication date
CN109194523A (en) 2019-01-11

Similar Documents

Publication Publication Date Title
CN109194523B (en) Privacy protection multi-party diagnosis model fusion method and system and cloud server
CN110084068B (en) Block chain system and data processing method for block chain system
US10903991B1 (en) Systems and methods for generating signatures
US6915434B1 (en) Electronic data storage apparatus with key management function and electronic data storage method
EP2721765B1 (en) Key generation using multiple sets of secret shares
US9065637B2 (en) System and method for securing private keys issued from distributed private key generator (D-PKG) nodes
KR100406754B1 (en) Forward-secure commercial key escrow system and escrowing method thereof
US8683209B2 (en) Method and apparatus for pseudonym generation and authentication
CN110830245B (en) Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate
CN110881177B (en) Anti-quantum computing distributed Internet of vehicles method and system based on identity secret sharing
US20040165728A1 (en) Limiting service provision to group members
CN112187798B (en) Bidirectional access control method and system applied to cloud-side data sharing
CN110913390B (en) Anti-quantum computing Internet of vehicles method and system based on identity secret sharing
CN107248980B (en) Mobile application recommendation system and method with privacy protection function under cloud service
CN111159766A (en) Network car booking service method and system with privacy protection function and storage medium
CN116707854A (en) Robust cloud storage access control method based on attribute encryption
CN110880969A (en) Method and system for generating QKD network authentication key based on alliance chain and implicit certificate
CN116709303B (en) Satellite edge calculation method and device for remote monitoring
CN117118759B (en) Method for reliable use of user control server terminal key
CN116723511B (en) Position management method and system for realizing privacy protection in Internet of vehicles and Internet of vehicles
CN111740986B (en) System and method for realizing data sharing control based on identification cipher technology
CN112671729B (en) Internet of vehicles oriented anonymous key leakage resistant authentication method, system and medium
CN115278657A (en) V2I communication system and method with privacy protection function in Internet of vehicles
CN113886781A (en) Multi-authentication encryption method, system, electronic device and medium based on block chain
CN118018320A (en) Data sharing method, system and device free of key delegation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant