CN110473599B

CN110473599B - Information processing method and device, electronic device and storage medium

Info

Publication number: CN110473599B
Application number: CN201810438594.2A
Authority: CN
Inventors: 胡志强; 黄晓迪
Original assignee: Shanghai Sensetime Intelligent Technology Co Ltd
Current assignee: Shanghai Sensetime Intelligent Technology Co Ltd
Priority date: 2018-05-09
Filing date: 2018-05-09
Publication date: 2022-11-29
Anticipated expiration: 2038-05-09
Also published as: CN110473599A

Abstract

The embodiment of the invention discloses an information processing method and device, electronic equipment and a storage medium. The information processing method comprises the following steps: acquiring first information of a first private network, wherein the first private network is used for storing second information of a target user; accessing the first private network based on the first information; and receiving third information provided by the first private network, wherein the third information is information after the second information is processed safely.

Description

Information processing method and device, electronic device and storage medium

Technical Field

The present invention relates to the field of information technologies, and in particular, to an information processing method and apparatus, an electronic device, and a storage medium.

Background

Due to the problem of unbalanced distribution of medical resources, excellent medical resources are distributed in first-line and second-line cities, but the medical resources are seriously deficient relative to three-line and four-line cities or vast rural areas. With the development of network technology, remote medical diagnosis can be performed through a network, but in the process of remote medical treatment, a large amount of private data of patients are involved. If all the data are transmitted to the terminal equipment used by the doctor through the network, a large amount of private data of the patient may be leaked, and other security problems may be caused.

Disclosure of Invention

Embodiments of the present invention are intended to provide an information processing method and apparatus, a transmission device, a storage medium, and a program product.

The technical scheme of the invention is realized as follows:

in a first aspect, an embodiment of the present invention provides an information processing method, including:

acquiring first information of a first private network, wherein the first private network is used for storing second information of a target user;

accessing the first private network based on the first information;

and receiving third information provided by the first private network, wherein the third information is information after the second information is processed safely.

Optionally, the accessing the first private network based on the first information includes:

accessing a first isolated device of the first private network based on the first information; wherein the second information is stored in a first storage device of the first private network, and the first isolation device isolates the first storage device from a public network;

the receiving third information provided by the first private network includes:

receiving the third information provided by the first isolation device.

Optionally, the obtaining the first information of the first private network includes:

the second private network obtains first information of the first private network.

the second isolation device of the second private network accesses the first isolation device of the first private network based on the first information; wherein the second information is stored in a first storage device of the first private network, and the first isolation device isolates the first storage device from a public network;

the receiving of the third information provided by the first private network includes:

and the second isolation device receives third information provided by the first isolation device.

Optionally, the receiving the third information provided by the first isolation device includes:

and receiving the third information which is provided by the first isolation device and obtained by the security processing of the second information.

Optionally, the receiving third information provided by the first private network includes at least one of:

receiving the third information after at least partial deleting processing of the secret information in the second information;

receiving the third information after at least part of confidential information in the second information is desensitized;

receiving the third information after at least part of secret information in the second information is encrypted;

and receiving the third information after scrambling at least part of the secret information in the second information.

Optionally, the visualization process comprises: two-dimensional visualization processing and/or three-dimensional visualization processing.

Optionally, the third information is information after the second information security processing and the data size reduction processing;

and/or the presence of a gas in the atmosphere,

the third information is the information after the safety processing and the visual processing of the original image information.

Optionally, the obtaining first information of the first private network further includes:

receiving a diagnosis request sent by a first private network;

the first information is obtained based on the diagnostic request.

Optionally, the diagnosis request carries first code information of the target user;

the accessing the first private network based on the first information includes:

accessing the first private network based on the first information and the first code information.

Optionally, the receiving a diagnosis request sent by the first private network includes:

receiving the diagnosis request which is sent by broadcasting or multicasting and carries the information of the diagnosis requirement;

the acquiring first information of the first private network further comprises:

and when the medical service meeting the information of the medical examination requirement is determined to be provided, acquiring first information of the first private network.

Optionally, the obtaining the first information of the first private network further includes:

acquiring an access address and first authentication information of the first private network;

requesting access to the first private network using the access address;

performing access authentication of the first private network by using the first authentication information;

and receiving the third information provided by the first private network after the access authentication passes.

In a second aspect, an embodiment of the present invention provides an information processing method, including:

receiving an access request sent based on first information of a first private network;

and sending third information obtained by performing security processing on the second information of the target user based on the access request to the access terminal.

Optionally, the receiving an access request sent based on first information of a first private network includes:

receiving an access request sent by a second private network based on first information of a first private network;

the sending of the third information obtained by performing security processing on the second information of the target user based on the access request to the access terminal includes:

and sending third information obtained by performing security processing on the second information of the target user based on the access request to the second private network.

Optionally, the method further comprises:

performing access authentication by using the first authentication information carried by the access request;

and if the access authentication is passed, the third information is sent to the second private network based on the access request.

Optionally, the method further comprises:

performing security filtering on the access request;

and if the access request passes the security filtering, performing information processing on the target user based on the access request to obtain the third information.

Optionally, the receiving an access request sent by the terminal device includes:

the first isolation device receives an access request sent by the isolation device of the second private network;

the first isolation device querying a first storage device of the first private network for the second information based on the access request;

performing security processing on the second information to obtain third information;

and sending the third information to the second isolation device of the second private network by the first isolation device of the second private network.

Optionally, the performing security processing on the second information to obtain the third information includes:

the third information after at least part of confidential information in the second information is deleted; the third information after the process of desensitizing at least part of confidential information in the second information; the third information after at least part of secret information in the second information is encrypted; and scrambling the processed third information on at least part of the secret information of the second information.

Optionally, the sending, to the access terminal, third information obtained by performing security processing on second information of the target user based on the access request includes at least one of:

sending third information obtained after performing security processing and data volume reduction processing on the second information based on the access request to the access terminal;

and sending third information obtained after the second information of the target user is subjected to security processing and visualization processing based on the access request to the access terminal.

Optionally, the data amount reduction processing includes at least one of:

compressing the information meeting the similar conditions;

distinguishing valid data and invalid data in the second information, and removing the invalid data; the effective data is data comprising information quantity; the invalid data includes at least data without information amount.

Optionally, the visualization process includes:

determining visualization parameters according to visualization conditions;

and performing visualization processing on the second information based on the visualization parameters to obtain visualization information.

Optionally, the determining a visualization parameter according to the visualization condition includes at least one of:

determining the visualization parameters according to visualization clarity conditions;

and determining the visualization parameters according to visualization time conditions.

Optionally, the visualization parameters include at least one of: visualizing the sampling parameters; visualizing the model parameters; the time parameter is visualized.

Optionally, the method further comprises:

a first isolation device of a first private network receives a reporting request sent by a first storage device of the first private network; wherein the reporting request at least comprises: first code information corresponding to a target user;

and the first isolation equipment sends a diagnosis request based on the report request, wherein the diagnosis request at least comprises first code information of the target user.

Optionally, the reporting request further includes: the information of the time sequence of the treatment and/or the information of the requirement of the treatment.

In a third aspect, an embodiment of the present invention provides an information processing apparatus, including:

the first acquisition module is used for acquiring first information of a first private network, wherein the first private network is used for storing second information of a target user;

an access module to access the first private network based on the first information;

the first receiving module is configured to receive third information provided by the first private network, where the third information is information after security processing of the second information.

Optionally, the first obtaining module is specifically configured to access, based on the first information, a first isolated device of the first private network; wherein the second information is stored in a first storage device of the first private network, and the first isolation device isolates the first storage device from a public network;

the first receiving module is specifically configured to receive the third information provided by the first isolation device.

Optionally, the first obtaining module is specifically configured to obtain, by the second private network, the first information of the first private network.

Optionally, the access module is specifically configured to access, by the second isolation device of the second private network, the first isolation device of the first private network based on the first information;

the first receiving module is specifically configured to receive, by the second isolation device, third information provided by the first isolation device.

Optionally, the first receiving module is specifically configured to receive the third information that is provided by the first isolation device and obtained by performing security processing on the second information.

Optionally, the first receiving module is specifically configured to execute at least one of:

receiving the third information after at least partial deletion of the secret information in the second information;

receiving the third information after at least partial encryption processing of the secret information in the second information;

and/or the presence of a gas in the gas,

Optionally, the first obtaining module specifically receives a diagnosis request sent by a first private network; the first information is obtained based on the diagnostic request.

the access module is specifically configured to access the first private network based on the first information and the first code information.

Optionally, the first obtaining module is specifically configured to receive the diagnosis request which is sent by a first private network broadcast or multicast and carries the information of the diagnosis requirement; and when the medical service meeting the information of the diagnosis requirement is determined to be provided, acquiring the first information of the first private network.

Optionally, the first obtaining module is specifically configured to obtain an access address and first authentication information of the first private network;

the access module is specifically configured to request access to the first private network by using the access address; performing access authentication of the first private network by using the first authentication information;

the first receiving module is specifically configured to receive the third information provided by the first private network after the access authentication passes.

In a fourth aspect, an embodiment of the present invention provides an information processing apparatus, including:

the second receiving module is used for receiving an access request sent by first information based on the first private network;

and the second sending module is used for sending third information obtained by performing security processing on the second information of the target user to the access terminal based on the access request.

Optionally, the second receiving module is specifically configured to receive an access request sent by the second private network based on the first information of the first private network;

the second sending module is specifically configured to send, to the second private network, third information obtained by performing security processing on the second information of the target user based on the access request.

Optionally, the apparatus further comprises:

the first authentication module is used for performing access authentication by using the first authentication information carried by the access request;

and the second sending module is used for sending the third information to the second private network based on the access request if the access authentication passes.

Optionally, the apparatus further comprises:

the filtering module is used for carrying out security filtering on the access request;

the second sending module is specifically configured to, if the access request passes the security filtering, perform information processing on the target user based on the access request to obtain the third information.

Optionally, the second receiving module is specifically configured to receive, by the first isolated device, an access request sent by the isolated device of the second private network;

the second sending module includes:

a query submodule, configured to query, by the first isolation device, the first storage device of the first private network for the second information based on the access request;

the processing submodule is used for carrying out safety processing on the second information to obtain third information;

and the sending submodule is used for sending the third information to the second private network by the first isolation device and sending the third information to the second isolation device of the second private network.

Optionally, the processing sub-module is specifically configured to delete the processed third information from at least part of the secret information in the second information; desensitizing at least part of the confidential information in the second information to obtain third information; encrypting at least part of secret information in the second information to obtain the third information; and scrambling the second information to obtain the third information.

Optionally, the second sending module is specifically configured to send, to the access terminal, third information obtained by performing security processing and data size reduction processing on the second information based on the access request; and sending third information obtained after the second information of the target user is subjected to security processing and visualization processing based on the access request to the access terminal.

Optionally, the data amount reduction process includes at least one of:

compressing the information meeting the similar conditions;

and distinguishing valid data and invalid data in the second information, and removing the invalid data.

Optionally, the visualization process includes:

determining visualization parameters according to visualization conditions; and carrying out visualization processing on the second information based on the visualization parameters to obtain visualization information.

Optionally, the determining, according to the visualization condition, a visualization parameter includes at least one of:

Optionally, the visualization parameter comprises at least one of: visualizing the sampling parameters; visualizing the model parameters; the time parameter is visualized.

Optionally, the apparatus further comprises:

a reporting module, configured to receive, by a first isolation device of a first private network, a reporting request sent by a first storage device of the first private network; wherein the reporting request at least comprises: first code information corresponding to a target user;

and the storage request module is used for sending a diagnosis request by the first isolation device based on the report request, wherein the diagnosis request at least comprises the first code information of the target user.

Optionally, the reporting request further includes: visit timing information and/or visit need information. The third information is the information after the second information security processing and the three-dimensional visualization processing, and the third information is the information after the second information security processing and the three-dimensional visualization processing

In a fifth aspect, the present invention provides an electronic device, comprising:

a transceiver for transceiving information;

a memory for storing information;

and the processor is respectively connected with the transceiver and the memory, and is used for controlling the information transmission and reception of the transceiver and the information storage of the memory by executing the computer program stored in the memory, and realizing the information processing method provided by one or more technical schemes.

In a sixth aspect, an embodiment of the present invention provides a computer storage medium, where the computer storage medium stores executable instructions;

after being executed, the computer-executable instructions can implement the information processing method provided by one or more of the technical solutions.

In a seventh aspect, an embodiment of the present invention provides a program product, where the program product includes computer executable instructions; the computer executable instructions, when executed, can implement the information processing method provided by one or more of the technical solutions.

In the technical solution provided in the embodiment of the present invention, on the first hand, if the second private network needs to access information of a certain target object, the first private network does not directly send the original second information of the target user to the second private network, and sends the third information obtained by securely processing the second information, so that a security risk caused by directly exposing the second information due to directly transmitting the original second information in a public network is avoided, and information security is improved. In a second aspect, the second private network can access the first private network based on the first information only when the first information of the first private network storing the target object is acquired, so that the security problem caused by the random exposure of the first information of the first private network storing the target user information due to the fact that the first information of the first private network is disclosed in the whole network for a long time is avoided. In a third aspect, the information in the embodiment of the present invention is stored in a plurality of private networks, and is distributed storage of the information, so that on one hand, distributed resources are fully utilized, and storage cost invested by centralized storage is reduced, compared with centralized storage; on the other hand, the safety problem caused by centralized leakage of the information stored in a centralized manner can be reduced, and the information safety airbag performance is improved. In the fourth aspect, since the third information obtained through processing is interacted between the first private network and the terminal device, a dedicated tunnel and the like between the first private network and the terminal device are not required to be established in order to ensure security, so that transmission is simplified, network resources consumed by transmission are reduced, and transmission cost is reduced;

drawings

Fig. 1A is a schematic flowchart of a first information processing method according to an embodiment of the present invention;

fig. 1B is a schematic flowchart of a second information processing method according to an embodiment of the present invention;

FIG. 2 is a schematic diagram of a telemedicine system according to an embodiment of the present invention;

fig. 3 is a schematic structural diagram of a first private network according to an embodiment of the present invention;

fig. 4 is a schematic structural diagram of a second private network according to an embodiment of the present invention;

fig. 5 is a schematic structural diagram of a third private network according to an embodiment of the present invention;

FIG. 6A is a flowchart illustrating a third information processing method according to an embodiment of the present invention;

FIG. 6B is a flowchart illustrating a fourth information processing method according to an embodiment of the present invention

Fig. 7 is a flowchart illustrating a fifth information processing method according to an embodiment of the present invention;

FIG. 8 is a diagram illustrating a first information processing apparatus according to an embodiment of the present invention;

FIG. 9 is a diagram illustrating a second information processing apparatus according to an embodiment of the present invention;

fig. 10 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.

Detailed Description

The technical solution of the present invention is further described in detail with reference to the drawings and specific embodiments.

As shown in fig. 1A, the present embodiment provides an information processing method including:

step S110: acquiring first information of a first private network, wherein the first private network is used for storing second information of a target user;

step S120: accessing the first private network based on the first information;

step S130: and receiving third information provided by the first private network, wherein the third information is information after the second information is processed safely.

In some implementations, the method is applied to an access terminal, which may be a private network or an access terminal directly connected to a public network. For example, a doctor uses a home device such as a mobile phone, a tablet computer or a personal computer to directly access the first information of the first private network through a public network. For example, the access terminal directly accesses the first private network through a public network by using an access address of various first private networks such as an Internet Protocol (IP) address and a domain name, for example, the first isolation device accessing the first private network may include: a front-end processor of the first private network, but is not limited to the front-end processor.

In other embodiments, the doctor may access the first private network as far as possible via the private network of the hospital, for example, as shown in fig. 1B, the step S110 may include a step S111; the step S111 may include: the second private network acquires first information of the first private network, wherein the first private network stores second information of a target user;

step S120: accessing the first private network based on the first information;

The information processing method provided by this embodiment may be a method applied to a terminal device, where the terminal device may be a device held by a doctor who participates in diagnosis, and the terminal device may be a fixed terminal or a mobile terminal.

The target private network may be any type of private network, which is a relatively isolated network that is typically isolated from a public network (e.g., the internet) by, for example, an isolation device or isolation interface.

In this embodiment, one private network may be an internal network of one hospital, or internal networks of a plurality of hospitals with similar geographic distances. Fig. 2 is a medical system provided in an embodiment of the present invention, including:

multiple private networks connected through a public network may be used to store information for users in a distributed manner.

In the embodiment of the present invention, the first private network may include one or more devices, and the first private network may include the following structures:

the first method comprises the following steps:

as shown in fig. 3, the private network may include at least:

and the isolation equipment is used for isolating the inside of the target private network from the public network. The public network may be a network such as an Internet Protocol (IP) network. The isolation device may include: the first type interface is connected with internal equipment of the first private network; the second type interface is connected with a public network; in this example, the isolation device will also be used for information processing of the second information; in this example, the isolation device may include a front-end processor;

a storage device, which may be a device storing the second information. Thus, all information entering the first private network needs to enter through the isolation device, and information of the storage device needs to be sent out and also needs to pass through the isolation device.

In some embodiments, the private network further includes a terminal device, and the terminal device may be connected inside the private network, connected to the isolation device and the storage device, respectively, and may be used to display information required by a doctor for performing telemedicine.

And the second method comprises the following steps:

as shown in fig. 4, the private network may include:

and the isolation equipment is used for isolating the inside of the target private network from the public network. The public network may be a network such as an Internet Protocol (IP) network. The isolation device may include: the first type interface is connected with internal equipment of the first private network; the second type interface is connected with a public network; here, the isolation device may also include: a front-end processor;

a storage device that stores the second information;

and the processing device is respectively connected with the storage device and the isolation device and is used for processing the second information and directly transmitting the processed second information to the isolation device, so that the isolation device can not contact the highly sensitive second information completely, and the illegal account is prevented from obtaining the second information from the cache of the isolation device.

Similarly, in some embodiments, the private network further includes a terminal device, and the terminal device may be connected inside the private network, and is respectively connected to the isolation device and the storage device, and may be configured to display information required by a doctor for performing a remote diagnosis and treatment, so that the doctor can perform a remote medical treatment.

And the third is that:

as shown in fig. 5, the first private network and other private networks may include:

the trust domain, wherein the second information is stored in the trust domain; after being processed in the trust domain, the second information is transmitted to a non-trust domain;

and the non-trust domain is connected to the public network and transmits the third information to the public network.

In this embodiment, the first private network may include one or more devices, and the trust domain and the non-trust domain may be deployed on different devices or on the same device.

Optionally, the trust domain is configured to store second information; the non-trusted domain is only used for storing, transmitting and receiving third information.

The information processing system provided in the present embodiment may include: and the private networks can store the second information in a distributed manner, so that the problems of high storage pressure and centralized leakage of centralized storage are solved.

In step S110, the second private network may locally query or query other electronic devices for first information for accessing the first private network, where the first information may be necessary information for the second private network to access the first private network, for example, the first information may include: various signs such as an Internet Protocol (IP) address, domain name information, a tunnel label, a virtual local area network label, etc. of the first private network.

The second information may include: one or more of identity information, physiological data, diagnosis information of a local hospital and the like of the target user; the physiological data may be information representing physical and/or psychological conditions of the target user acquired by various devices, for example, image information such as an electrocardiogram, an nmr chart, and the like, and may further include: text data such as detected blood pressure data. Optionally, the visualization process may include: the method can filter privacy sensitive information after semantic analysis is carried out on physiological data and diagnostic information, and can be visualized into a text expression form which cannot be copied, so that the problem of information leakage caused by illegal copying can be avoided.

In this embodiment, the third information received in step S130 is data after security processing, and the security problem caused by directly transmitting the second information in the public network is reduced.

Before security processing, the second information may include confidential information of the target user; the secret information may include: private information, sensitive information, but the third information obtained after the security processing may not include the secret information, or may include only: information after encrypting and/or scrambling the secret information; therefore, the problem that the confidential information of the target user is directly exposed to the public network is avoided, and the security of the confidential information such as the private information and/or sensitive information of the target user is improved.

The private information may be: the target user is reluctant to expose personal information, such as identity information, to others.

The sensitive information may be: various information relating to the privacy rights the target user is legally entitled to, for example, the sensitive information may further include: the information of the private information can be obtained by piecing together or simply converting the sensitive information.

In this embodiment, the second information may include: the original information of the target user may include: the image information captured by the target user at the time of the visit, for example, a Computed Tomography (CT) image, a magnetic resonance image, auscultation information, description information provided by a local doctor, and the like. In summary, the second information is distinguished by information types, and may include: image information, text information, and even audio information.

Optionally, the second private network comprises: a second isolation device and a second storage device; the second storage device is used for storing various information of the user; the second isolation device isolates the second storage device from a public network; the first private network includes: the system comprises a first isolation device and a first storage device; wherein the second information is stored in the first storage device; the first isolation device isolates the first storage device from a public network. Here, the second isolation device and the first isolation device may be the isolation devices shown in fig. 3 to 4, and the second storage device and the first storage device may be the storage devices in fig. 3 to 4. The isolation device may be a front-end processor of various types.

The step S120 may include: an access terminal such as a second isolation device or an access terminal of the second private network accesses the first isolation device of the first private network based on the first information;

the step S130 may include: the second isolation device receives the third information provided by the first isolation device or the access terminal receives the third information provided by the first isolation device

In this embodiment, the second private network or the access terminal substantially only accesses the first isolation device, but does not directly access the first storage device in the first private network, so that the second information including the confidential information is reduced from being directly exposed to the public network, the problem of information leakage is reduced, and the security of the second information is improved.

In some embodiments, the step S130 may include: and receiving the third information which is provided by the first isolation device and obtained by the security processing of the second information.

In the embodiment of the invention, the private network allows the isolation device of another private network to read the third information of the target user, but not any device in the public network can read the third information, so that the information security of the target user is improved again.

Optionally, the step S130 may include at least one of:

The desensitization treatment comprises: and deforming at least the confidential information in the second information according to a preset desensitization rule, so that the original second information cannot be obtained if the third information obtained after desensitization is not subjected to de-deformation processing based on the desensitization rule, thereby reducing the information security problem that the second information is directly exposed in a public network for transmission.

In some embodiments, the desensitization process may include a blur replacement process. The blur replacement process may include: and carrying out fuzzy replacement on confidential information related to diagnosis in the second information, so that the diagnosis is not influenced and direct leakage of accurate information is avoided. For example, an accurate birth date of the target user, an accurate description of the user's profession; this information can affect the diagnosis of the doctor to some extent. When the fuzzy replacement is carried out, the precise birth date can be replaced by the birth time period of the birth date; for example, target user a, who was born in 1978, month 10 and day 20, may be replaced with: the birth time period is 1975 to 1980, and thus fuzzy replacement is realized. The other is an alternative to occupations. For example, multiple professions may be categorized according to profession-to-case diagnostic relevance, with the exact profession description replaced with an ambiguous profession type description. Therefore, the risk of leakage of confidential information can be reduced through fuzzy replacement of the information, and the safety is improved.

In other embodiments, the desensitization process may further comprise: and (4) equivalent replacement processing. For example, medical history information of the target user (patient) may be included in the confidential information; in the embodiment, the disease which the patient has ever in the medical history information can be replaced by a pathological code which can be only recognized by the doctor through equivalent replacement; or directly replaced by a medical history code. Therefore, the third information after equivalent replacement is inquired in the public network, and a user who is not a medical system or an illegal user who cannot know the medical history information corresponding to the medical history code cannot obtain the original meaning of the information, so that the aim of improving the safety of the second information is fulfilled.

The encryption process may include: encrypting the second information by using an encryption key to obtain encrypted third information; for example, the third information is obtained by encrypting the second information with an asymmetric encryption key.

The secret information deletion process includes: deleting confidential information such as private information and/or sensitive information or information irrelevant to diagnosis; by means of the information deletion, on the one hand, the exposure of confidential information (i.e. the private information and/or sensitive information) is avoided, and on the other hand, unnecessary data transmission is reduced, and for many diagnoses involving a large amount of picture information, the transmission delay can be greatly reduced by reducing the data amount.

The scrambling process may include: the scrambling codes are used for information scrambling, and the scrambled information can also improve the safety of information transmission and avoid the direct exposure of the information in a public network.

In some embodiments, the third information received in step S130 may be information obtained by:

deleting unnecessary information from the second information; the non-essential information may be: information irrelevant to disease diagnosis, wherein necessary information obtained after unnecessary information is removed is necessary information which is inevitably used in the process of disease diagnosis; for example, at least confidential information not related to diagnosis is deleted by the deletion process;

desensitizing the second information subjected to the deletion processing; for example, at least the confidential information in the second information is desensitized, and all the remaining second information may also be desensitized;

and carrying out encryption processing and/or scrambling processing on the desensitized second information.

The deletion process removes unnecessary information, thereby reducing the amount of information transmitted, and removes part of confidential information that is not relevant to diagnosis of a disease, thereby achieving the first safety process.

And then, carrying out second safety treatment on the confidential information related to the disease condition diagnosis through desensitization treatment, thereby realizing second safety improvement.

And finally, realizing the third safety processing of the desensitized data in a scrambling or encrypting mode, and improving the safety of the transmission of the confidential information related to diagnosis in the public transmission network.

Optionally, the step S130 may include:

and performing security processing and visualization processing on the second information to obtain visualized information, for example, removing confidential information from the diagnostic information in the text form, performing visualization processing, and converting the diagnostic information into text information, so that text duplication in the transmission process is reduced, and the security of the information is improved again.

In other embodiments, the performing security processing and visualization processing on the second information to obtain visualized information may include:

here, the original image information is one of the second information; for example, the original image information may be dicom image information; after the visualization processing, jpg image information in a jpg format can be formed. Converting dicom image information into jpg image information can reduce the data amount on one hand and carry out data desensitization and isolation processing on the other hand.

In this embodiment, the visualized information obtained by visualizing the original image information may include at least one of the following:

performing format conversion processing on the original image information, for example, converting the original image information in a first format into visual information in a second format, where the first format is different from the second format, and the second format is suitable for displaying on a second private network; in some embodiments, the data amount of the visual information can be smaller than the data amount of the original image information by converting the first format into the second format without reducing the information amount required for diagnosis, so that the data amount sent from the first private network to the second private network can be reduced, and the special purpose of the bandwidth can be reduced;

performing visualization calculation processing and the like on image information corresponding to the plurality of original image information to generate stereo image information; the images can be conveniently watched on the second private network by rotating the image watching visual angles, so that doctors can observe the images with different visual angles without switching the images, after the stereo image information is built, redundant information among different original images can be reduced, and the data volume needing to be transmitted can also be reduced;

a video is constructed by a plurality of original image information, and the constructed video can reduce the data volume according to the image dependence between the front frame and the back frame.

In some embodiments, the original image information in the second information may be visualized, and two-dimensional image information is converted into three-dimensional image information and visualized.

In summary, in the embodiment of the present invention, the visualization process includes:

carrying out visualization processing on the non-image information, and converting the non-image information into image information;

and/or the presence of a gas in the atmosphere,

carrying out visualization processing on the image information, and converting the image information into image information with different formats;

and/or the presence of a gas in the atmosphere,

the low-dimensional image information is subjected to high-dimensional visualization processing and converted into high-dimensional image information, for example, a two-dimensional image is converted into a three-dimensional image.

The two-dimensional visualization processing is carried out,

optionally, the step S130 may include:

the third information is the information after the second information security processing and the data size reduction processing.

That is, the second information may be data subjected to security processing and data volume compression processing.

The security processing may include: one or more of the foregoing at least secure information pruning, at least secure information desensitization, encryption, and scrambling.

The data amount reduction processing in this embodiment may be processing again after the security processing, or may be data amount compression processing before the security processing.

The data volume compression process may include:

and compressing the information meeting the similar conditions. Because two or more than two pieces of information meeting similar conditions can greatly reduce the data volume by compression under the condition of losing effective information, thereby reducing the data volume needing to be transmitted and reducing the transmission delay. Particularly for medical treatment, a large amount of pathological image information may exist, where the pathological image information may be CT image information, magnetic resonance image information, and the like, and the redundancy of information may be reduced by using a picture compression technique, and the like, thereby reducing the data amount. In this embodiment, to implement the maximum compression, information classification may be performed first, and information satisfying similar conditions is classified into the same class; the same type of information is then subject to typed compression to reduce the amount of data transmission. For example, for a nuclear magnetic resonance image, different brain slice images of the same target object may be taken; most of the brain slice images at the close positions are the same, and a plurality of similar brain slice images can form an image set through classification under similar conditions, and the image set is compressed, so that the maximum compression amount is obtained, and the problem that the data volume compression effect is not obvious due to integral compression is avoided.

It should be noted that, here, performing compression processing on information satisfying similar conditions may include: the compression processing of the information after the security processing that satisfies the similar condition, for example, after converting dicom image information into jpg images, determines whether different jpg images satisfy the similar condition, and thereby compresses one or more jpg images that satisfy the similar condition to reduce the amount of transmission data.

There are various ways to determine whether similar conditions are met, and several alternatives are provided below:

selecting information with the similarity larger than a preset threshold value through information matching to determine that the information meets the similarity condition;

and judging that the similar conditions are met by screening the data models meeting the similar conditions.

The data model may include: neural network models, vector machine models, binary tree models, regression models, and the like. The data model can utilize a classification model with judgment capability after sample data training. Therefore, when the data models are applied, the data to be judged can be directly used as the input of the data models, and the data models can automatically judge that the information meets the similar conditions after being processed.

For example, a data model is used for classifying a large number of pathological images in the second information to obtain classification labels of the pathological images; and then, assigning the pathological images with the same classification label to the same image set, and respectively carrying out image compression on different image sets so as to reduce the data volume.

In some embodiments, the data volume compression process may further include:

distinguishing valid data and invalid data in the second information, and removing the invalid data; the valid data comprises data with information amount; the invalid data includes at least data of no information amount.

The effective data is data containing information quantity, the invalid data at least comprises data without information quantity, and typically, the effective data can be graphic data with pathological graphics in pathological images; the invalid data may include: blank areas in the pathology image.

In some embodiments, the valid data may be data including medical information amount in the medical information, and the invalid data may be data other than the valid data in the medical information. The diagnosis and treatment information quantity is information quantity providing diagnosis and treatment basis. The diagnosis and treatment information can be as follows: data collected by medical devices, medical data provided by local hospitals, and the like, may include: data other than the target object's personally identifiable information.

In some embodiments, both ways of compressing the processed and invalidated data may be combined,

firstly, distinguishing valid data and invalid data in the second information, and removing the invalid data; the effective data comprises the data with information quantity; the invalid data at least comprises data without information amount;

secondly, classifying the second information subjected to invalid data deletion and meeting similar conditions;

and finally, compressing the classified second information, thereby realizing the data size reduction processing of the second information.

The first step is as follows: based on an image segmentation technology, pre-segmenting the pathological image to obtain a tissue region in the pathological image, and further averagely dividing the tissue region into small images with fixed sizes, such as 256 × 256 pixels; the tissue region may be one of the above-mentioned valid data, and the non-tissue region in the pathological image may be regarded as the invalid data;

the second step: for the massive small images obtained by division, sequentially obtaining classification results, such as two classification results (benign or malignant) or probability maps (benign or malignant probability), through the data models trained by the user;

the third step: finally, the positions of the massive small images and the prediction results of the massive small images are mapped into an original image, so that the position of a focus area in the original pathological image can be obtained, and the detection and the segmentation of the focus area in the full-section pathological image are realized;

optionally, the fourth step: the segmented panels are classified based on similar conditions and then compressed based on the results of the classification.

In some embodiments, the method further comprises:

model parameter adjustment of a data model based on transfer learning, for example, a compressed neural network model has fewer network parameters, and in order to realize more accurate classification, network parameters need to be finely adjusted, so that massive small images divided from pathological images can be effectively classified. Here, a complete deep neural network model (i.e., the instructor network) is first trained based on the training data obtained from the first step. Alternatively, the instructor network model may be any generic, classification-problem-oriented network model. Subsequently, the knowledge and generalization ability possessed in the instructor network are migrated into a compressed neural network model based on the migration learning. Particularly, the classification probability generated by the complete deep neural network model is used as a soft target, and the compression network is further trained, so that the adjustment of network parameters is realized, and the precision of the compression network in classifying the pathological images is further improved.

The network parameters may include: the number of the input layer, the hidden layer and the output layer of the neural network, the number of nodes included in different layers, the weight corresponding to the nodes and other parameters.

In some embodiments, the third information is processed after the second information security processing and three-dimensional visualization processing.

Similarly, the security processing and the three-dimensional visualization processing of the original image information in this embodiment may not have a fixed execution sequence, and the security processing may be executed first and then the three-dimensional visualization processing may be executed, or the three-dimensional visualization processing may be executed first and then the security processing may be executed.

In some embodiments, the third information may also be: and after the three-dimensional visualization processing is finished, rendering the three-dimensional visualization image to obtain the three-dimensional visualization image with better display effects such as stronger definition and layering.

Optionally, the step S110 may include:

receiving a diagnosis request sent by a first private network;

the first information is obtained based on the diagnostic request.

For example, in some embodiments the diagnostic request carries the first information directly; therefore, the method can comprise the following steps: extracting the first information from the diagnosis request; in order to ensure information security, the first information carried in the diagnosis request can be encrypted information; for example, the first information is encrypted with a private key, and the second private network decrypts the diagnostic request with a public key after receiving the diagnostic request to obtain the first information.

In other embodiments, the diagnostic request carries reference information of the first private network; in step S110, the first information of the first private network is queried in the local database of the second private network according to the reference information.

In some other embodiments, the diagnostic request carries reference information of the first private network, and the second private network queries the first information in a specific database after extracting the reference information.

In summary, the first information in this embodiment may be determined based on the diagnosis request.

In still other embodiments, the first information of the first private network may also be obtained by other means. For example, the first private network may want a doctor in a hospital where the second private network is located to perform remote treatment, and the doctor in the first private network may individually inform the first information in the second private network by telephone or mail. The second private network may also be the first information received from the human-machine-interaction interface.

In some embodiments, the step S120 may include:

and accessing the first private network by utilizing the first code information corresponding to the target user. After receiving the access request, the first private network searches second information of the target user in the first private network based on the first code information carried in the access request of the second private network so as to send the third information to the first private network.

Here, the first code information is not personal information of the target user directly, for example, personal information such as an identification number or a passport number, but is a code information. For example, the first code information may be hash sequence information obtained by performing hash processing or the like based on the identification number and/or the passport number. Of course, the first code information may also be the first code information generated in other manners.

Optionally, the first code information includes at least one of: and the object code, the diagnosis code and the medical account of the target user.

The first code information may be a query basis for querying the first information, and the first code information may be information directly or indirectly referring to the target user.

The object code may be a code assigned based on the target user, a code not used by different users, and the code may be a code assigned by the remote medical system.

The diagnosis code can be a code generated based on the current visit, for example, a diagnosis code generated according to the hospital number of the local hospital for the visit and the serial number of the hospital for the visit;

the medical account number can also be: and allocating universal account numbers which can be used for hospitalizing in different hospitals for different users.

The code information replaces the real identity information of the target user for reference, so that the leakage risk of the identity information is at least reduced, and the information safety of the target user is improved.

The first code information is carried in the diagnosis request and received by the second private network, and can also be transmitted to the second private network by the equipment of the first private network through other modes, such as mail or separate transmission.

The receiving of the diagnosis request sent by the first private network includes: receiving the diagnosis request which is sent by broadcasting or multicasting and carries the information of the diagnosis requirement; the step S110 further includes: and when the medical service meeting the information of the visit demand is determined to be provided, acquiring first information of the first private network.

The diagnostic request is broadcast or multicast in this embodiment. If the diagnostic request is sent with a broadcast address, the diagnostic request can be received by a private network connected to the public network through an isolated device or a non-trusted domain. In other embodiments the diagnostic request is multicast, e.g. a first private network selects several second private networks meeting certain requirements to multicast the diagnostic request to these private networks. In short, the diagnosis request is sent by broadcasting or multicasting, a plurality of private networks can receive the diagnosis request, and the first private network after receiving the diagnosis request can request remote diagnosis and treatment, so that remote diagnosis and treatment meeting the requirements of target users can be provided as soon as possible.

The visit demand information can be information for the selected doctor targeted for the present, for example, the target user can clearly indicate one or more of expert consultation, professor consultation, hospital needing to be visited, hospital grade (third-level first, third-level second, and the like) and the like, and can also indicate the doctor's years of travel, the doctor's learning experience and number of papers published, the doctor's operation success rate and the like, which indicate the needs of the target user in visiting mind and the needs of disease treatment.

The second private network may record relevant information of different doctors, and thus, after receiving the diagnosis request, the second private network selects a hospital and/or a doctor meeting the requirements of the target user according to the diagnosis requirement information to perform remote medical treatment, thereby meeting the remote requirements of the target user, ensuring the remote medical effect and improving the requirements of the target user. Therefore, in this embodiment, the first private network is accessed only when the information of the medical examination requirement can be satisfied.

In some embodiments, the method further comprises:

receiving a diagnosis revocation request sent by a first private network broadcast or multicast; the diagnostic recall request may occur in at least one of the following situations:

detecting an instruction indicating a diagnostic recall by a target user;

having received a diagnostic response for the second private network that meets the visit requirements, the diagnostic response may be: a diagnostic reply to a second private network dedicated reply participating in the diagnosis; alternatively, the retrieval of the third information of the target user may be considered to require the revocation of the diagnosis request.

Optionally, the step S110 may include at least one of:

the access address here may include: a domain name address, an IP address, a virtual local area network tag, or a tunnel tag, which may access an address of the first private network, specifically, an address of an isolated device or a non-trusted domain that may access the first private network;

acquiring an access address and first authentication information of the first private network; in this embodiment, the first private network further provides the second private network with the first authentication information, which may be dynamically generated or preset authentication information for accessing the first private network.

The first authentication information may in some embodiments be information that the second private network determines itself according to authentication rules of the medical remote system.

Optionally, the obtaining the first authentication information may include:

the second private network generates the first authentication information based on predetermined information according to an authentication rule; for example, the second private network performs preset processing such as hash processing according to an Access address (for example, one or more of an IP address, a Media Access Control (MAC), a domain name address, a local area network tag, and the like) of the second isolation device, and an obtained first processing result may be the first authentication information. The second isolation device of the second private network carries the first authentication information to send an access request to the first private network; after receiving the access request, the first isolation device of the first private network extracts an access address of the second isolation device from the access request, and performs preset processing such as hash processing and the like on the first access address based on the authentication rule to obtain a second processing result; and comparing the first processing result with the second processing result, and if the two processing results are consistent, the access authentication of the second private network is considered to pass.

In other embodiments, the first private network may also extract the first authorization information from the field that carries the first authorization information in the access request, and reversely parse the first authorization information according to the reverse processing rule of the authentication rule, so as to restore the original information (for example, the access address) before being processed by the forward processing rule, and if the access address is consistent with the address carried in the access request, the original information may be considered to pass the authentication.

The authentication rule may be a rule pre-stored in each private network, or may be a rule negotiated and determined by the private networks.

In this embodiment, the first authentication information is generated based on the access address of the second private network and the authentication rule, and there is no need to introduce other more information, and there is no need to have other information interaction in the authentication process, so that the method has the characteristic of simple and convenient implementation.

The step S120 may include: requesting access to the first private network using the access address; performing access authentication of the first private network by using the first authentication information; the step S130 may include: and receiving the third information provided by the first private network after the access authentication is passed.

And the second private network sends an access request based on the access address and performs access authentication based on the first authentication information. The first private network will only allow the first private network to access the isolated device and/or the untrusted domain if the second private network is considered to be a secure access device after the access authentication passes.

Optionally, the first authentication information comprises at least one of:

the access information is dynamically set by the first private network and comprises an access account and an access password; the access information can be dynamically distributed and recorded in the first private network, the dynamically distributed access information is also provided with an effective time limit, if the effective time limit is exceeded, the access information is automatically invalidated and can not pass the access authentication of the first private network any more;

authorization information of the target user;

identity information of the doctor participating in the diagnosis;

device information of a second isolated device of a second private network.

A doctor with telemedicine capability may need to apply for qualification for participating in telemedicine in the second private network and record information such as a device and/or account number used by himself for telemedicine. The device information of the second private network may include: an IP address, an International Mobile Subscriber Identity (IMSI), a Mobile phone number, or a bound account number used by the second private network.

The doctor's identity information may include: the medical practice number of the doctor, the information of the hospital and department where the doctor is, the identity document information of the doctor and the like.

If the first private network indicates that the second private network indicates the indication of participating in the diagnosis in other ways, the first private network is informed of the device information of the second isolation device and/or the identity information of the doctor, and the like, and the first private network stores the device information and/or the identity information of the doctor, so that when the second private network accesses the first private network, the access authentication can be performed on the access request of the second private network. For example, the first isolated device or the untrusted domain of the first private network may store the first code information and the first authentication information, and when receiving an access request corresponding to the first code information, access authentication may be performed by using the first authentication information.

In other embodiments, the patient may also select a doctor for remote visits, and if the patient selects a doctor, the patient may provide authorization to the doctor, which may include: authorization information such as an authorization sequence generated based on the patient indication.

The authorization information may be stored in a first private network, and the patient may be communicated to the doctor from other ways via a communication device such as a cell phone, thereby enabling the doctor to obtain the authorization information of the target user.

In summary, in this embodiment, the first authorization information may be various forms of authentication information for accessing the first private network by the second private network participating in the diagnosis, and the security of the data stored in the first private network may be improved again through the access authentication.

Optionally, the step S130 may include:

and receiving the third information from the first private network by using the first code information and the clinic visiting time sequence information.

The visit timing information may include: the target user requests time information of remote diagnosis and treatment; the target user collects the collection time information of various information of remote medical treatment at the local hospital, etc., and the time information or the order information of the remote medical diagnosis requested by one user is indicated. For example, a user performs information collection of multiple remote diagnoses and treatment in hospital a, the order of information collection may be one of the visit time series information, the specific time of information collection, or one of the visit time series information.

In some embodiments, the first code information may be further combined with the visit timing information to accurately find the third information of the target user. For example, a first code message may be used for different visits of the same target user, but the target user may perform different visits in different hospitals, so in this embodiment, for accurate search, the visit timing information may be combined to accurately search the third message.

In some embodiments, the first code information may be a visit running serial number of a hospital in which the first private network is located; the generation of the running serial number is not related to the confidential information such as the identity information of the target user, so that the confidential information of the target user can be protected to the maximum extent.

As shown in fig. 6A, the present embodiment provides an information processing method including:

step S210: receiving an access request sent based on first information of a first private network;

step S220: and sending third information obtained by performing security processing on the second information of the target user based on the access request to the access terminal.

Optionally, as shown in fig. 6B, the information processing method described in this embodiment may specifically be:

In this embodiment, the access terminal may be an access terminal directly connected to a public network, or may be another private network (i.e., the second private network).

The information processing method provided in this embodiment may be a method applied to the first private network, and specifically, may be a method applied to an isolation device and/or an untrusted domain in the first private network.

And receiving an access request sent by an access terminal such as a second private network or an access terminal based on the first information of the first private network.

The second private network may send the second processed third information to the first private network after receiving the access request. The related descriptions of the second information and the third information herein can be found in the foregoing embodiments, and are not repeated here.

Optionally, the method further comprises: performing access authentication by using the first authentication information carried by the access request; the step S220 may include: and if the access authentication is passed, sending the third information to the second private network based on the access request.

In this embodiment, the access request of the second private network needs to be authenticated, and only if the authentication is passed, the access of the second private network is allowed and the first private network is allowed to provide the third information to the second private network, so as to ensure the information security of the target user.

Optionally, the method further comprises:

performing security filtering on the access request;

In this embodiment, before allowing the second private network to access the first private network, the first private network needs to perform security filtering; for example, security filtering is performed through a firewall. When the second private network accesses the first private network, an access request is sent, where the access request carries fourth information such as an IP address, a Uniform Resource address (URL), and a medical account number operated by the second private network of the second private network.

In some embodiments, by matching the white list with the secured account number, if the fourth information provided by the access request is in the white list, the access request is allowed, otherwise, the access request is filtered or whether the access request is allowed is determined by the next verification.

In other embodiments, the first isolation device or the untrusted domain of the first private network is not only provided with a white list, but also with a black list; and if the fourth information is in the blacklist which is forbidden to access, the access is firmly rejected, and even if the access address provided by the access request and the first authentication information are both correct, the access is not allowed, so that the security is ensured.

In some embodiments, if the fourth information is not in the white list or the black list, it is verified whether the access request of the second private network needs to be filtered through a further verification process. For example, an account used by a newly added doctor participating in remote medical care is not recorded in a black list or a white list existing in the first private network, the first private network needs to send the fourth information to other public platforms such as a database and the like to verify the validity of the fourth information, only after the validity of the fourth information passes the verification, the access is allowed, and after the fourth information passes the verification for a certain number of times, the fourth information is added to the white list.

The filtering through the black list and the white list is only one way of the security filtering.

In some embodiments, the method further comprises:

judging the number of target users involved in the access request one-time request access, if the number of the target users for one-time request access exceeds a preset amount, considering that the possibility of information stealing exists, and filtering the access request or needing subsequent verification to determine whether the access is allowed.

In summary, the security filtering in this embodiment may include:

combining the access frequency of the second private network and the number of target users involved in the access; and accessing one or more of the fifth information such as the department visited by the user, and performing the safety filtering to avoid information leakage and improve information safety.

Optionally, the step S210 may include: the first isolation device receives an access request sent by a second isolation device of the second private network; the step S220 may include: the first isolation device querying a first storage device of the first private network for the second information based on the access request; performing security processing on the second information to obtain third information; and the first isolation device sending the third information to the second private network sends the third information to a second isolation device of the second private network.

In this embodiment, the isolation device queries the storage device based on the access request, and performs security processing on the second information by using the isolation device or the processing device, so as to obtain the third information, and the isolation device sends the third information after the security processing to the second private network.

Optionally, the step S220 may include:

the third information after at least part of confidential information in the second information is deleted; the third information after the process of desensitizing at least part of confidential information in the second information; the third information after at least part of secret information in the second information is encrypted; and scrambling at least part of the secret information of the second information to the processed third information.

In some embodiments, the step S220 may include:

receiving the third information after at least partial deletion of the confidential information in the second information so as to delete at least unnecessary information in the confidential information and realize first security processing on the second information;

desensitizing the second information after deletion to obtain the third information so as to perform deformation processing on at least confidential information in necessary information, for example, performing fuzzy substitution or equivalent substitution to realize second security processing on the second information;

and carrying out encryption and/or scrambling processing on the desensitized second information to obtain third information, at least avoiding the second information from being directly exposed in a public network for transmission, and realizing the third safety processing of the second information.

In some embodiments, the step S220 may include: and sending third information obtained after the second information is subjected to security processing and data volume reduction processing based on the access request to the access terminal.

The data amount compression process in this embodiment can be referred to the foregoing embodiments, and is not repeated here. For example, the data amount reduction processing includes at least one of:

compressing the information meeting the similar conditions;

Through data volume compression processing, the data volume needing to be transmitted can be greatly reduced, the bandwidth is reduced, and the transmission efficiency is improved.

For example, the similarity condition may be determined by similarity matching, or the classification may be performed by a data model, which may be a neural network model or the like.

In some embodiments, valid data or invalid data in the second information is also distinguished, and the invalid data is removed through data distinguishing, so that the removal of unnecessary data is reduced again.

In some embodiments, the invalid data and the unnecessary data deleted in the secret information deletion process may be regarded as deletion processes, and in order to simplify the processes, the deletion of the unnecessary data in the secret information deletion process of the invalid data set may be performed by one or more identical deletion processes, instead of being performed in two.

In some embodiments, the step S220 may include: and sending third information obtained by performing security processing and visualization processing on the second information of the target user based on the access request to the access terminal.

In this embodiment, the original image information in the second information is subjected to three-dimensional visualization processing to obtain a three-dimensional stereo image, so as to meet the viewing requirement of the doctor on the three-dimensional image.

Optionally, the visualization process includes:

determining visualization parameters according to visualization conditions;

In this embodiment, the visualization parameters are determined according to visualization conditions, where different visualization conditions are equivalent to different visualization requirements, and different visualization effects need to be achieved, and then the visualization parameters that may be used at this time are different.

The determining the visualization parameters according to the visualization conditions comprises at least one of the following steps:

The visualization clarity condition can at least define the lowest clarity of a visualization image formed by the visualization processing;

the visualization time condition may at least define a maximum allowable time duration for the visualization process.

Therefore, in this embodiment, during visualization, parameters of the visualization need to be determined according to visualization conditions, where the parameters may include: one or more of a visualization sampling parameter, a visualization model parameter, and a visualization time parameter.

The visualization sampling parameters may include:

sampling frequency;

sampling points;

and (4) sampling mode.

For example, the visualization conditions that are highly demanding with respect to clarity may include at least one of:

for the situation that the original definition is lower than the definition required by the visualization condition, the sampling mode can adopt upsampling; increasing the number of data points by up-sampling;

for the situation that the original definition is higher than the definition required by the visualization condition, the sampling mode can be down-sampling; the down-sampling may also be referred to herein as down-sampling. If the sampling mode is downsampling, the number of data points is reduced by downsampling, but the definition formed after the downsampling sampling frequency cannot be lower than the definition required by visualization.

The sampling frequency can be determined directly from the required sharpness of the visualization conditions. The definition can be quantified by the image resolution.

The sampling point number value is the number of sampling points, and the sampling frequency can be the number of sampling points in a unit area.

The visualization model parameters may include:

model identification of different visual models; the different visualization models have different time required for visualization processing, different related calculated amount and different obtained visualization effects;

in this way, the matched visualization model can be selected according to the conditions required by the visualization conditions.

The visualization model parameters herein may include, in addition to the model identification: the intra-model parameter values within the model are visualized, e.g. the number of nodes in the neural network, the weights of the nodes, etc.

The visualization parameters may further include: visualizing a time parameter;

the visualization time parameter may include: the length of calculation time allowed for visualization; in this way, when visualization processing is performed, a visualization model or the like with a time length consumed by the visualization time parameter within an allowable calculation time length can be used.

In some embodiments, the method further comprises:

the visualization condition is determined, for example, according to the current network condition, the current amount of data to be transmitted, and an indication of a user. If the current network condition is poor, for example, the transmission bandwidth is small, the definition of the visual image can be properly reduced, for example, the amount of data to be transmitted is large, the definition of the visual image can be properly reduced, and for example, more accurate diagnosis and treatment is needed, and the definition of the visual image can be properly improved.

The indication of the user may include: a user indication received by the second private network and/or the first private network, which user indication may enter the visualization condition by means of a dialog box or the like. For example, doctors believe that accurate diagnosis can be currently achieved without particularly high-resolution images, and that the resolution required in the visualization conditions can be appropriately reduced in order to accelerate the transmission.

For example, on the premise of ensuring the visual image effect of the medical image as much as possible, appropriate visual parameters can be calculated in a self-adaptive manner according to the requirements on performance, and a corresponding visual task can be completed. For example: in the three-dimensional visualization calculation process of medical images, discrete sampling and calculation are required to be carried out on medical image data, wherein the image quality and the required calculation time are directly influenced by the level of data sampling frequency; when the limit of limited computing time needs to be met, the sampling rate can be reduced to sacrifice certain image quality to ensure the limit of the computing time, and the requirement of smooth interactive experience is met. For another example, under more extreme conditions, in order to ensure that the three-dimensional visualization calculation task is completed within a limited time, a relatively simplified illumination model may be used to optimize the calculation overhead, thereby reducing the visualization calculation time overhead.

The image compression is carried out on the result image obtained by the three-dimensional visualization, so as to save the bandwidth requirement of network transmission, and the compression algorithm strategy, the compression ratio and other related compression parameters can be adaptively changed according to the requirement on performance under the condition of not causing serious compression distortion, so as to achieve the double optimization of the size and the compression time of the compressed image. For example, when image compression is performed, a compression algorithm such as JPEG or JPEG2000 is more conventional. The common compression algorithm has a more key parameter setting of compression ratio, such as 60%, which means that the image is compressed to 40% of the file size of the original image, so that the network transmission time can be greatly reduced; however, the compressed image has a distortion problem, the higher the compression ratio is, the more serious the distortion is, and the longer the execution time of the compression algorithm itself is, and at this time, the overall performance of the system is not necessarily optimal. Therefore, according to how to select a proper compression algorithm according to an actual application scene, the proper compression ratio is crucial to realize the optimization of the overall performance. Dynamically changing the compression algorithm (different compression algorithms may be selected for certain extreme cases), dynamically changing the compression ratio, or selecting a pre-set compression kernel for certain specific types of images to achieve overall performance and effect optimization. In specific implementation, performance parameters of the compression algorithm can be stored in advance, for example, for 512 × 512 images, a JPEG2000 compression algorithm is adopted, different compression ratios are adopted, the size of the final resulting image, the time overhead of the compression algorithm, and the like are adopted, and the image distortion degree is what, so that the subsequent dynamic adjustment and selection according to specific situations are facilitated.

In view of the complex usage and network environment, the computational resolution capability of the second private network and the bandwidth performance of the network transmission can also have a crucial impact on the end user experience. The method can also record and calculate the conditions of the second private network analysis load and the transmission network in real time, such as the time overhead analyzed and displayed by the interrupt device, the actual transmission bandwidth, the network delay condition and other key information, and send the information back to the server end for processing the next module. For example: and recording the data volume and the sending time of the image message sent from the first private network every time, analyzing the message in the second private network to obtain the image content, displaying the image content in the second private network, and returning the message with the recorded corresponding time to the server side in the second private network after recording the time in each subdivision step. Based on these several time information, the time when the second private network parses the image message of a certain size and displays the image, the actual usage time of the network to transmit the image message (from which the actual network transmission bandwidth can be estimated), etc. can be calculated. Through a certain amount of continuous calculation and sampling, the actual network delay condition can be estimated in a near real-time manner.

After the network related data is calculated, according to the performance requirement of remote medical smooth interactive experience and the requirement of the quality of the medical image visualization image, the optimal three-dimensional visualization rendering parameter and the optimal image compression parameter are dynamically calculated and applied to the next medical image data visualization and image compression processing. For example, when the network condition suddenly becomes worse and the delay is serious, the transmission delay can be reduced as much as possible by reducing the sampling frequency while ensuring the definition of the diagnosis.

The image quality mainly consists of two aspects: the method comprises the steps of rendering parameters of three-dimensional visualization, and compression algorithms and compression ratio parameters of image compression. Therefore, when the network delay suddenly becomes serious, the module is self-adaptive to realize one or more measures of reducing the visual sampling frequency, reducing the illumination model parameters, improving the image compression ratio, replacing a faster compression kernel function and the like to reduce the time overhead of visual calculation and image compression, and on the other hand, when the image compression is smaller, the time overhead of network transmission and the time overhead of message analysis and image display can be indirectly reduced; when the network environment becomes better, the module can dynamically and gradually recover the original parameters and configuration, and better image quality and display effect are realized. Finally, intelligent adjustment can achieve the remote three-dimensional film reading and diagnosis experience which is always smooth and has optimized image quality under different second private network performances and network environment conditions.

Alternatively, step S220 may include: and the isolation equipment provides visual information after the information of the original image information is deleted.

The visualization process of the original image information herein may include: at least one of image format conversion, file type conversion, and data volume compression. The visualized information after the visualization processing can be viewed on various general second private networks, for example, the visualized information can be directly identified by terminal devices such as mobile phones or tablet computers included in the second private networks by using general image software, and is not identified by installing special software in the medical field. On the other hand, in the process of converting the visualization, it is necessary to ensure the maintenance of information required to participate in diagnosis and treatment and ensure the accuracy of the diagnosis.

Optionally, the method further comprises:

and the first isolation equipment sends a diagnosis request based on the report request, wherein the diagnosis request at least comprises the first code information of the target user.

In this embodiment, the isolation device receives a report request sent by a storage device, where the report request carries the first code information, so that a database receives a storage request corresponding to the report request, and stores the first code information and various information such as an access address of the isolation device, which is convenient for a subsequent database to provide first information for a second private network.

In some embodiments, the reporting request further comprises: visit timing information and/or visit need information. In this way, the diagnosis request also carries the clinic timing information and/or clinic requirement information to be sent to the public network or a specific second private network.

The visit timing information may be used together with the first code information to query the second private network for third information of the target user, for example, the second private network carries the visit timing information in the access request, so that the first private network knows which time the target user takes a picture, etc. of the second information and/or the third information for visiting the second private network needs to be returned to the second private network.

Relevant information of different hospitals and different doctors can be recorded in each private network, so that after the database receives the storage request, the hospitals and/or doctors meeting the requirements of the target user are selected according to the information of the doctor seeing requirements for remote medical treatment, the remote requirements of the target user are met, the remote medical effect is ensured, and the requirements of the target user are improved.

As shown in fig. 7, an information processing method provided in an embodiment of the present invention includes:

step S1: the storage device of the private network a stores original information of a target user and acquires first code information, where the original information may include: identity information, physiological data, diagnosis and treatment data of doctors in local hospitals and the like; the original information and the first code information may be components of the second information; for example, storing second information of the target user in a predetermined data structure;

step S2: carrying out safety processing on the original information to generate and store safety information;

and step S3: generating and sending a broadcast or multicast diagnosis request based on the first code information; the diagnostic request comprises at least first code information and/or first information;

and step S4: the private network B sends an access request to the private network A based on the diagnosis request, and the access request can carry the first code information;

step S5: and acquiring the information of the target user subjected to the security processing from the isolation equipment of the private network A.

As shown in fig. 8, the present embodiment provides an information processing apparatus including:

a first obtaining module 110, configured to obtain first information of a first private network by a second private network, where the first private network is a private network in which second information of a target user is stored;

an accessing module 120, configured to access the first private network based on the first information;

the first receiving module 130 is configured to receive third information provided by the first private network, where the third information is information after security processing of the second information.

The first obtaining module 110, the accessing module 120 and the first receiving module 130 may be program modules, and after being executed by a processor, the remote diagnosis and treatment can be realized.

Optionally, the accessing module 120 is specifically configured to access, by the second isolated device of the second private network, the first isolated device of the first private network based on the first information; (ii) a The first receiving module 130 is specifically configured to receive, by the second isolation device, third information provided by the first isolation device.

Optionally, the first receiving module 130 is specifically configured to receive the third information that is provided by the first isolation device and obtained by performing security processing on the second information.

Optionally, the first receiving module 130 is specifically configured to execute at least one of the following: receiving the third information after at least partial deletion of the secret information in the second information; receiving the third information obtained by desensitization processing of at least confidential information in the second information; receiving the third information after encryption processing of at least secret information in the second information; and receiving the third information after scrambling at least secret information in the second information.

Optionally, the third information is information after the second information security processing and the data size reduction processing; and/or the third information is the information after the second information security processing and the three-dimensional visualization processing.

In some embodiments, the first obtaining module 110 specifically receives a diagnosis request sent by a first private network; the first information is obtained based on the diagnostic request.

In other embodiments, the first obtaining module 110, where the diagnosis request carries first code information of the target user; the accessing module 120 is specifically configured to access the first private network based on the first information and the first code information.

In some embodiments, the first obtaining module 110 is specifically configured to receive the diagnosis request that is sent by broadcast or multicast over a first private network and carries the information of the diagnosis need; when the medical service meeting the diagnosis requirement information is determined to be provided, first information of the first private network is obtained; the access module 120 is specifically configured to request to access the first private network by using the access address, and perform access authentication on the first private network by using the first authentication information; the first receiving module 130 is specifically configured to receive the third information provided by the first private network after the access authentication passes.

As shown in fig. 9, the present embodiment provides an information processing apparatus including:

a second receiving module 210, configured to receive an access request sent by a second private network based on first information of a first private network; and a second sending module 220, configured to send, to the access terminal, third information obtained by performing security processing on the second information of the target user based on the access request.

Optionally, the apparatus further comprises: the first authentication module is used for performing access authentication by using the first authentication information carried by the access request; the second sending module 220 is configured to send the third information to the second private network based on the access request if the access authentication passes.

Furthermore, the apparatus further comprises: the filtering module is used for carrying out security filtering on the access request;

the second sending module 220 is specifically configured to, if the access request passes the security filtering, perform information processing on the target user based on the access request to obtain the third information.

Further, the second receiving module 210 is specifically configured to receive, by the first isolated device, an access request sent by the isolated device of the second private network;

the second sending module 220 includes: a query submodule, configured to query, by the first isolation device, the first storage device of the first private network for the second information based on the access request; the processing submodule is used for carrying out safety processing on the second information to obtain third information; and the sending submodule is used for sending the third information to the second private network by the first isolation device and the second isolation device of the second private network.

Optionally, the processing sub-module is specifically configured to delete at least part of the secret information in the second information from the processed third information; desensitizing at least part of the confidential information in the second information to obtain third information; encrypting at least part of secret information in the second information to obtain the third information; and scrambling the second information to obtain the third information.

In addition, the second sending module 220 is specifically configured to send, to the access terminal, third information obtained by performing security processing and data volume reduction processing on the second information based on the access request; and sending third information obtained by performing security processing and visualization processing on the second information of the target user based on the access request to the access terminal.

Further, the data amount reduction process includes at least one of: compressing the information meeting the similar conditions; and distinguishing valid data and invalid data in the second information, and removing the invalid data.

In still other embodiments, the visualization process comprises: determining visualization parameters according to visualization conditions; and carrying out visualization processing on the second information based on the visualization parameters to obtain visualization information.

Optionally, the determining, according to the visualization condition, a visualization parameter includes at least one of: determining the visualization parameters according to visualization clarity conditions; and determining the visualization parameters according to visualization time conditions.

Further, the visualization parameters include at least one of: visualizing the sampling parameters; visualizing the model parameters; the time parameter is visualized.

Furthermore, the apparatus further comprises: a reporting module, configured to receive, by a first isolation device of a first private network, a reporting request sent by a first storage device of the first private network; wherein the reporting request at least comprises: first code information corresponding to a target user; and the storage request module is used for sending a diagnosis request by the first isolation device based on the report request, wherein the diagnosis request at least comprises the first code information of the target user.

The reporting request further comprises: the information of the time sequence of the treatment and/or the information of the requirement of the treatment.

A specific example is provided above in connection with the above embodiments:

example 1:

the present example provides an information processing method including:

original image information related to patient privacy is stored in a distributed form in a private server (corresponding to a storage device in the private network) of each primary hospital, and is accessed to a public network and isolated and protected in a mode of a front-end processor (corresponding to an isolation device of the private network);

the front-end computers of the hospitals are connected through a public network.

When a doctor needs remote medical treatment, firstly, information such as an access address of a private network where a patient is located is acquired through the private network of a hospital where the doctor is located, a front-end computer of the hospital where the patient image examination is located is accessed through a public network based on the acquired information such as the access address, the front-end computer is used for completing the remote medical treatment, when the front-end computer is used for performing service, original image information is not directly transmitted, data is visually calculated according to various diagnosis interactive operations of the doctor, a visualized result picture is transmitted to the doctor end through the network, and the doctor completes final remote medical treatment according to the result of the visualized picture.

Through the distributed solution, the problems of original image information transmission of patients and leakage of privacy information of the patients can be effectively avoided, and then through public database management of limited information storage, doctors can compare and observe the visual results of the images of the same patient in different hospitals at different periods by accessing front-end computers of different hospitals, so that data interconnection and intercommunication and accurate diagnosis meeting the actual diagnosis requirements are realized.

Through the data isolation and data visualization computing capability of the front-end processor and various encryption measures, the data security problem of patient privacy information and original medical image information can be ensured, meanwhile, data interconnection and intercommunication among hospitals can be flexibly realized, and doctors can conveniently and freely provide remote image diagnosis services under various network conditions. Meanwhile, the technical scheme provided by the embodiment of the invention allows remote cooperative consultation performed by different doctors and hospitals, and can flexibly access the private network stored by the information of the target user on the premise of ensuring the safety of the original image information, thereby realizing remote cooperative consultation.

As shown in fig. 10, the present embodiment provides an electronic apparatus including:

a memory;

and the processor is connected with the memory and used for realizing one or more information processing methods provided by one or more technical schemes applied to the second private network, the database and the first private network by executing computer executable instructions on the memory, for example, one or more of the information processing methods shown in fig. 1, fig. 6 and fig. 7.

The memory can be various types of memory, such as random access memory, read only memory, flash memory, etc. The memory may be used for information storage, e.g., storing computer-executable instructions, etc. The computer-executable instructions may be various program instructions, such as object program instructions and/or source program instructions, and the like.

The processor may be various types of processors, such as a central processing unit, a microprocessor, a digital signal processor, a programmable array, a digital signal processor, an application specific integrated circuit, or an image processor, among others.

The processor may be connected to the memory via a bus. The bus may be an integrated circuit bus, or the like.

In some embodiments, the electronic device may further include: a communication interface, which may include: a network interface, e.g., a local area network interface, a transceiver antenna, etc. The communication interface is also connected with the processor and can be used for information transceiving.

In some embodiments, the electronic device further comprises a human interaction interface, which may comprise, for example, various input and output devices, such as a keyboard, a touch screen, and the like.

The electronic device may be a device of the second private network, and may be configured to acquire first information of a first private network in the second private network, where the first private network is a second private network in which second information of a target user is stored; accessing the first private network based on the first information; and receiving third information provided by the first private network, wherein the third information is an information processing method after the second information is processed safely.

The electronic device may be the aforementioned device of the first private network, and may be configured to receive an access request sent by the second private network based on the first information of the first private network; and sending third information obtained by performing security processing on the second information of the target user based on the access request to the access terminal information processing method.

The present embodiments provide a computer storage medium having computer-executable instructions stored thereon; after being executed, the computer-executable instructions can be applied to one or more technical solutions in a terminal device, a database, and a first private network, for example, one or more of the information processing methods shown in fig. 1A, fig. 1B, fig. 4, fig. 6A, fig. 6B, and fig. 7.

The computer storage medium may be various recording media including a recording function, for example, various storage media such as a CD, a floppy disk, a hard disk, a magnetic tape, an optical disk, a usb disk, or a removable hard disk. Optionally, the computer storage medium may be a non-transitory storage medium, and the computer storage medium may be readable by a processor, so that after the computer executable instructions stored on the computer storage mechanism are obtained and executed by the first processor, the information processing method provided in any of the foregoing technical solutions can be implemented, for example, the information processing method applied to the terminal device or the information processing method applied to the application server is executed.

The present embodiments also provide a computer program product comprising computer executable instructions; the computer-executable instructions, when executed, enable one or more of the information processing methods provided by one or more of the foregoing technical solutions, for example, one or more of the information processing methods shown in fig. 1A, fig. 1B, fig. 4, fig. 6A, fig. 6B, and fig. 7.

The computer program includes a computer program tangibly embodied on a computer storage medium, the computer program includes program code for executing the method illustrated in the flowchart, and the program code may include instructions corresponding to the execution of the method steps provided by the embodiments of the present invention.

In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described device embodiments are merely illustrative, for example, the division of the unit is only one logical function division, and there may be other division ways in actual implementation, such as: multiple units or components may be combined, or may be integrated into another system, or certain features may be omitted, or not implemented. In addition, the coupling, direct coupling or communication connection between the components shown or discussed may be through some interfaces, and the indirect coupling or communication connection between the devices or units may be electrical, mechanical or other forms.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed on a plurality of network units; some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, all functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may be separately used as one unit, or two or more units may be integrated into one unit; the integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.

Those of ordinary skill in the art will understand that: all or part of the steps of implementing the method embodiments may be implemented by hardware associated with program instructions, and the program may be stored in a computer readable storage medium, and when executed, performs the steps including the method embodiments; and the aforementioned storage medium includes: various media that can store program codes, such as a removable Memory device, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.

The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims

1. An information processing method characterized by comprising:

the second private network receives a diagnosis request which is broadcast or multicast by the first private network and carries the information of the diagnosis requirement; the information of the medical examination requirement is used for determining a hospital for the target user to carry out medical service;

in the case that the medical service meeting the information of the visit demand can be provided, the second private network acquires the first information of the first private network based on the diagnosis request; wherein the first private network stores second information of the target user; the diagnosis request carries first code information and diagnosis timing sequence information of the target user; the first code information is used for referring to identity information of the target user; the first information is information required by the second private network to access the first private network; the visit timing information includes: the target user collects the collection time information when collecting the remote visit information in the hospital where the first private network is located;

a second isolation device of the second private network accesses the first private network based on the first information, the visit timing information and the first code information;

and the second isolation device receives third information provided by the first private network based on the first code information and the visit timing sequence information, wherein the third information is information after the second information is safely processed.

2. The method of claim 1,

the second isolation device of the second private network accesses the first private network based on the first information, the visit timing information, and the first code information, including:

accessing, by a second isolated device of the second private network, a first isolated device of the first private network based on the first information, the visit timing information, and the first code information; wherein the second information is stored in a first storage device of the first private network, and the first isolation device isolates the first storage device from a public network.

3. The method of claim 2,

the second isolation device receives third information provided by the first private network based on the first code information and the visit timing information, and the third information comprises:

and receiving the third information which is provided by the first isolation equipment of the first private network based on the first code information and the visit sequence information and is obtained by safely processing the second information.

4. The method according to claim 1 or 2,

the second isolation device receives third information provided by the first private network, wherein the third information comprises at least one of the following information:

receiving the third information after at least partial confidential information desensitization processing in the second information;

5. The method according to claim 1 or 2,

the third information is the information after the second information security processing and the data volume reduction processing;

and/or the presence of a gas in the gas,

the third information is the information after the second information is processed safely and visually.

6. The method of claim 5,

the visualization process includes: two-dimensional visualization processing and/or three-dimensional visualization processing.

7. The method according to claim 1 or 2,

the second private network obtains the first information of the first private network based on the diagnosis request, and further comprises:

the second private network acquires an access address of the first private network based on the diagnosis request, and the second private network acquires first authentication information;

the second isolation device of the second private network requests to access the first private network by using the access address, the visit time sequence information and the first code information;

the second isolation device of the second private network performs access authentication of the first private network by using the first authentication information;

and the second isolation equipment receives the third information provided by the first private network based on the first code information and the visit time sequence information after the access authentication is passed.

8. An information processing method, comprising:

a first private network receives a reporting request sent by first storage equipment of the first private network; wherein the reporting request at least comprises: first code information, treatment demand information and treatment time sequence information corresponding to the target user; the visit demand information is used for determining a hospital for the target user to perform medical service; the visit timing sequence information comprises: the target user collects the collection time information when collecting the remote visit information in the hospital where the first private network is located;

the first private network sends a diagnosis request based on the report request broadcast or multicast, wherein the diagnosis request comprises the first code information of the target user, the diagnosis requirement information and the diagnosis timing sequence information;

the first private network receives an access request sent by a second isolation device of a second private network based on first information of the first private network, the clinic timing information and the first code information; the first information is acquired by the second private network based on the diagnosis request under the condition that the medical service meeting the information of the clinic requirement can be provided;

and the first private network sends third information obtained by performing security processing on the second information of the target user to the second isolation device based on the access request.

9. The method of claim 8, further comprising:

the sending, to the second isolation device, third information obtained by performing security processing on second information of a target user by the first private network based on the access request includes:

and if the access authentication passes, the first private network sends the third information to the second private network based on the access request.

10. The method of claim 8 or 9,

the method further comprises the following steps:

performing security filtering on the access request;

11. The method according to claim 8 or 9,

the first private network receiving an access request sent by a second isolation device of a second private network based on first information of the first private network, the visit timing information and the first code information, includes:

the first isolation device of the first private network receives an access request sent by the second isolation device of the second private network based on the first information of the first private network, the visit timing information and the first code information;

the third information obtained by performing security processing on the second information of the target user by the first private network based on the access request is sent to the second isolation device, and the third information includes:

12. The method of claim 11,

the performing security processing on the second information to obtain the third information includes:

the third information after at least part of confidential information in the second information is deleted; the third information after desensitization processing of at least part of confidential information in the second information; encrypting the third information after at least part of confidential information in the second information is encrypted; and scrambling at least part of the secret information of the second information to the processed third information.

13. The method of claim 12,

the third information obtained by performing security processing on the second information of the target user by the first private network based on the access request is sent to the second isolation device, and the third information includes at least one of the following: third information obtained by performing security processing and data volume reduction processing on the second information based on the access request is sent to the second isolation device; and sending third information obtained by performing security processing and visualization processing on the second information of the target user based on the access request to the second isolation device.

14. The method of claim 13,

the data amount reduction processing includes at least one of:

compressing the information meeting the similar conditions;

distinguishing valid data and invalid data in the second information, and removing the invalid data; the effective data is data comprising information quantity; the invalid data includes at least data of no information amount.

15. The method of claim 14,

the visualization process comprises the following steps:

determining visualization parameters according to visualization conditions;

and carrying out visualization processing on the second information based on the visualization parameters to obtain visualization information.

16. The method of claim 15,

the determining of the visualization parameters according to the visualization conditions includes at least one of the following:

17. The method of claim 15,

the visualization parameters include at least one of: visualizing the sampling parameters; visualizing the model parameters; the time parameter is visualized.

18. The method of claim 15,

19. The method of claim 8,

the first private network receiving a reporting request sent by a first storage device of the first private network includes:

the first isolation device of the first private network receives a reporting request sent by a first storage device of the first private network;

the first private network sends a diagnosis request based on the report request broadcast or multicast, and the diagnosis request comprises the following steps:

and the first isolation equipment of the first private network sends a diagnosis request based on the report request broadcast or multicast.

20. An information processing apparatus characterized by comprising:

the system comprises a first acquisition module, a second acquisition module and a first processing module, wherein the first acquisition module is used for receiving a diagnosis request which is sent by a first private network in a broadcast or multicast way and carries information of a diagnosis requirement by a second private network, and the second private network acquires first information of the first private network based on the diagnosis request under the condition that the medical service meeting the information of the diagnosis requirement can be provided, wherein the information of the diagnosis requirement is used for determining a hospital for performing the medical service by a target user; the first private network stores second information of the target user; the diagnosis request carries first code information and clinic time sequence information of the target user; the first code information is used for referring to the identity information of the target user; the first information is information required by the second private network to access the first private network; the visit timing sequence information comprises: the target user acquires time information when acquiring remote treatment information in a hospital where the first private network is located;

the access module is used for accessing the first private network by second isolation equipment of the second private network based on the first information, the clinic time sequence information and the first code information;

a first receiving module, configured to receive, by the second isolation device, third information provided by the first private network based on the first code information and the visit timing information, where the third information is information after the second information is safely processed.

21. The apparatus of claim 20,

the first obtaining module is specifically configured to access, based on the first information, a first isolation device of the first private network; wherein the second information is stored in a first storage device of the first private network, and the first isolation device isolates the first storage device from a public network;

22. The apparatus of claim 20,

the access module is specifically configured to access, by the second isolation device of the second private network, the first isolation device of the first private network based on the first information;

23. The apparatus of claim 21 or 22,

the first receiving module is specifically configured to receive the third information that is provided by the first isolation device and obtained by performing security processing on the second information.

24. The apparatus of any one of claims 20 to 22,

the first receiving module is specifically configured to execute at least one of the following:

25. The apparatus of claim 24,

and/or the third information is the information after the second information is processed safely and visually.

26. The apparatus of claim 25,

27. The apparatus of claim 20,

the first obtaining module is specifically configured to obtain an access address and first authentication information of the first private network;

28. An information processing apparatus includes:

a reporting module, configured to receive, by a first private network, a reporting request sent by a first storage device of the first private network; wherein the reporting request at least comprises: first code information, treatment requirement information and treatment time sequence information corresponding to the target user; the visit demand information is used for determining a hospital for the target user to perform medical service; the visit timing information includes: the target user collects the collection time information when collecting the remote visit information in the hospital where the first private network is located;

a storage request module, configured to send, by the first private network, a diagnosis request based on the report request broadcast or multicast, where the diagnosis request includes first code information of the target user, the visit demand information, and the visit timing information;

the second receiving module is used for the first private network to receive an access request sent by second isolation equipment of the second private network based on the first information, the visit time sequence information and the first code information of the first private network; the first information is acquired by the second private network based on the diagnosis request under the condition that the medical service meeting the information of the clinic requirement can be provided;

and the second sending module is used for sending third information obtained by performing security processing on the second information of the target user on the basis of the access request to the second isolation device through the first private network.

29. The apparatus of claim 28, further comprising:

30. The apparatus of claim 28 or 29,

the device further comprises:

31. The apparatus of claim 28 or 29,

the second receiving module is specifically configured to receive, by the first isolated device, the access request sent by the isolated device of the second private network;

the second sending module comprises:

the query submodule is used for the first isolation device to query the second information from the first storage device of the first private network based on the access request;

32. The apparatus of claim 31,

the processing sub-module is specifically configured to delete at least part of the confidential information in the second information to obtain the third information; desensitizing at least part of confidential information in the second information to obtain third information; encrypting at least part of secret information in the second information to obtain third information; and scrambling the second information to obtain the third information.

33. The apparatus of claim 28 or 29,

the second sending module is specifically configured to send, to the access terminal, third information obtained by performing security processing and data size reduction processing on the second information based on the access request; and sending third information obtained by performing security processing and visualization processing on the second information of the target user based on the access request to the access terminal.

34. The apparatus of claim 33,

the data amount reduction processing includes at least one of:

compressing the information meeting the similar conditions;

35. The apparatus of claim 34,

the visualization process comprises:

determining visualization parameters according to visualization conditions; and performing visualization processing on the second information based on the visualization parameters to obtain visualization information.

36. The apparatus of claim 35,

37. The apparatus of claim 36,

38. The apparatus of claim 35,

39. The apparatus of claim 28,

the reporting module is further configured to receive, by a first isolation device of a first private network, a reporting request sent by a first storage device of the first private network;

the storage request module is further configured to send, by the first isolation device, a diagnosis request based on the report request.

40. An electronic device, comprising:

a transceiver for transceiving information;

a memory for storing information;

a processor, respectively connected to the transceiver and the memory, for controlling the transceiver and the memory by executing the computer program stored in the memory, and implementing the method provided by any one of claims 1 to 7 or 8 to 19.

41. A computer storage medium having executable instructions stored thereon;

when executed, the computer-executable instructions are capable of implementing the method as provided in any one of claims 1 to 7 or 8 to 19.