CN113987443A - Multi-cloud and multi-chain collaborative electronic medical data security sharing method - Google Patents

Multi-cloud and multi-chain collaborative electronic medical data security sharing method Download PDF

Info

Publication number
CN113987443A
CN113987443A CN202111287111.1A CN202111287111A CN113987443A CN 113987443 A CN113987443 A CN 113987443A CN 202111287111 A CN202111287111 A CN 202111287111A CN 113987443 A CN113987443 A CN 113987443A
Authority
CN
China
Prior art keywords
hbm
data
sig
access
patient
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202111287111.1A
Other languages
Chinese (zh)
Inventor
冯景瑜
汪涛
于婷婷
张文波
黄文华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian University of Posts and Telecommunications
Original Assignee
Xian University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian University of Posts and Telecommunications filed Critical Xian University of Posts and Telecommunications
Priority to CN202111287111.1A priority Critical patent/CN113987443A/en
Publication of CN113987443A publication Critical patent/CN113987443A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H40/00ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
    • G16H40/20ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the management or administration of healthcare resources or facilities, e.g. managing hospital staff or surgery rooms

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • General Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Medical Informatics (AREA)
  • Epidemiology (AREA)
  • General Business, Economics & Management (AREA)
  • Primary Health Care (AREA)
  • Public Health (AREA)
  • Business, Economics & Management (AREA)
  • Biomedical Technology (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Medical Treatment And Welfare Office Work (AREA)

Abstract

A secure sharing method of multi-cloud and multi-chain collaborative electronic medical data comprises the following steps: step one, constructing a multi-cloud and multi-chain cooperative mode framework, wherein the framework is presented in a hierarchical mode and comprises a multi-cloud layer, a multi-chain layer, a user layer and a management layer; step two, a multi-anonymization medical data storage stage; step three, data projection stage on the chain; step four, a zero trust transfer access phase; when a alliance user requests to access electronic medical data, zero trust authentication is required, and then the requested medical data are obtained in a sharing pool in a confidentiality transfer mode; the method has the characteristics of anti-theft, anti-tampering, multi-anonymization of patient identity, cross-regional and cross-mechanism sharing.

Description

Multi-cloud and multi-chain collaborative electronic medical data security sharing method
Technical Field
The invention belongs to the technical field of electronic medical data sharing, and particularly relates to a multi-cloud and multi-chain collaborative electronic medical data security sharing method.
Background
The electronic medical data generally records all data of patient state change, examination report, treatment process and the like from hospitalization to treatment end. The continuous increase of digital hospitals causes electronic medical data to grow explosively and keep a higher growth speed all the time. However, the storage of the electronic medical data is mostly lack of intercommunication, and a seat information island is formed. When a patient changes from one hospital to another, all previous electronic medical data cannot be shared, which is a loss for both the patient and the hospital. The sharing of electronic medical data plays a crucial role in improving medical quality, controlling medical costs, improving the level of scientific research, and promoting the progress in the field of public health.
Electronic medical data has long been the primary target of being peered. The new outbreak of the crown epidemic situation can lead to the rapid increase of the network security risk of medical and public health departments while seriously creating global economic, political, medical and social systems, and become the main target of network attack. However, current systems of medical security defense are primarily directed to suppressing data theft from external threats. With the aging of APT attack, supply chain attack, Lesog and Trojan horse invasion means, an attacker can control a lost host in a hospital to steal and tamper electronic medical data. The existence of internal threats not only seriously affects the operation of a medical service system, but also brings a serious challenge to the safety guarantee of electronic medical data sharing.
Today, medical information systems have become the focus of national key information infrastructure protection and personal information protection. The medical data is guaranteed not to be leaked and prevented from being tampered, and effective isolated safe sharing is implemented, so that the medical data becomes a key factor for determining the success or failure of medical digitization. In view of this, a more reliable and efficient electronic medical data sharing mode is necessary to prevent the potential threat of the internal collapse host, and provide security guarantee and technical support for the digital medical industry developed vigorously in China.
With the construction of digital hospitals, Hospital information systems for realizing digital acquisition, storage, reading and retrieval of information such as characters, images, voice, data, diagrams and the like are relatively mature, and mainly include Hospital Information Systems (HIS), clinical management information systems (CIS), medical image archiving and communication systems (PACS), Laboratory Information Systems (LIS), Electronic Medical Records (EMR) and the like.
Generally, medical data generated by hospital information systems can be divided into two categories: structured and unstructured. Structured data is primarily numeric or textual data. The unstructured data refers to data such as pictures, audio, video and the like generated in the medical treatment process, such as images, B-ultrasonic, electrocardio, endoscope, operation, intensive care and the like. Currently, electronic medical data sharing mainly includes three modes, namely block chain, cloud storage and cloud chain cooperation.
The Blockchain (Blockchain) is a decentralized distributed book, does not need to cooperate with a third party organization or an administrator, all users in the chain can make decisions, and the Blockchain has a unique data trust protection mechanism and strong data tamper resistance. This provides a viable path for medical data sharing. A block chain-based shared medical data system (Xia Q I, Sifah E B, Asamoah K O, et al MeDShare: Trust-less media data sharing annular service provider via block chain [ J ]. IEEE Access,2017,5: 14757-. A Medical Data sharing Scheme (LIU J, LIANG T, SUN R, et al. APrivacy-monitoring Medical Data sharing Scheme Based on Consortium Consortium [ C ]. GLOBECOM 2020 and IEEE Global Communications conference. IEEE,2020:1-6.) with privacy protection function Based on alliance chain designs a conditional anonymity tracking mechanism to protect the privacy of users. The block chaining technique is used to protect the privacy of the patient's medical data (KUO T, OHNO-MACHADO L. Modelchain: Decentralized private-predictive healthcare predictive frame on private block networks [ J ]. arXiv predictive arXiv:1802.01746,2018), while enhancing interoperability of data among various institutions. The electronic medical records are used for sharing (the Zhai-Ping, Wang-Chi, Chenkeji, the application research of a blockchain technology in electronic medical record sharing, the institute of Western Ann electronic technology university, 2020), and a private chain and a alliance chain are constructed to respectively store the electronic medical records encrypted by users and security index records. The technical scheme includes that a searchable encryption electronic medical record data sharing scheme based on a block chain is provided for bovine gentlemen, Liuwenke, Chenlixia, Wangcolofen, Dou Xiao Ni, a searchable encryption electronic medical record data sharing scheme [ J ] communication bulletin, 2020,41(8):204 and 214) based on a union chain, a server is used for storing electronic medical records, a private chain is used for storing ciphertext hash values, and the union chain is used for storing keyword indexes, so that safe storage and sharing of the electronic medical records are finally achieved. To achieve faster block creation speed, the capacity of the blockchain is typically designed to be 1 MB. The electronic medical data includes large-sized data such as pictures, audio, and video in addition to text types, and is difficult to store in the blockchain.
By virtue of high-efficiency computing capacity and strong storage space, the cloud computing can effectively reduce storage pressure and processing pressure in the field of medical data. Patients, medical institutions and research institutions to large cooperating institutions all wish to store data they acquire in the cloud. A Medical Data Cloud platform (Sudheep K, Joseph S.View on secure Medical Big Data in Healthcare Cloud [ C ]/20195 th International Conference on Advanced Computing & Communication Systems (ICACCS). IEEE,2019:212-215) uploads the processed Medical Data set to the Cloud, thereby realizing efficient access and mobility. A cloud-based electronic medical record system (Liu Z, Weng J, Li J, et al. cloud-based electronic medical record system supporting fuzzy keyword search [ J ]. Soft Computing,2016,20(8):3243 and 3255) supports fuzzy keyword search to ensure safe sharing of data and effective utilization of electronic medical records. Zhang Kehong et al proposed a privacy protection patient medical information sharing scheme (Zhang Kehong, Wumenglong, Wangjing, etc. under the cloud environment, a secure verifiable multi-keyword search encryption scheme [ J ] in the communication bulletin, 2021,42(4):139-149.), and a dynamic searchable encryption technology was adopted to achieve high efficiency and strong privacy of shared data. A data storage and sharing method (Chen L, Zhang N, Sun H M, et al. secure search for encrypted personal health records from big data SQL databases in closed [ J ] Computing,2020,102(6): 1521-shell 1545) using a user as a center is designed based on a cloud Computing medical data sharing platform, thereby effectively protecting the safety and privacy of the medical data of the user. However, a single cloud storage still has many defects, for example, a cloud-based storage scheme still depends on a service provider greatly, and if an attack is made on the cloud service provider, data leakage is likely to be caused. A medical data storage platform with a multi-cloud framework (Cao R, Tang Z, Liu C, et al. A scalable storage architecture for closed-supported media Internet of Things [ J ]. IEEE Internet of Things Journal,2019,7(3):1641-1654.) solves the problem of resource management among a plurality of medical cloud platforms. He Xiuli et al proposed a hybrid cloud-based medical data sharing architecture (He Xiuli, Ningzhiyuan, Chenghua, etc.. cloud and fog network oriented to medical big data and its distributed computing scheme [ J ]. Sigan university of transportation proceedings, 2016,50(10):71-77.DOI:10.7652/xjtuxb201610011.) that enhances interoperability in the medical data sharing process. However, peer-to-peer networks and cloud environments do not completely avoid the risk of single point failures and potential attacks on centralized storage.
The block chain and the cloud are organically fused, so that the method has great potential in the aspects of performance enhancement, safety and privacy improvement. Some related researchers have begun to propose a combination of blockchains and cloud storage to enable secure sharing of medical data. A privacy protection scheme (HUANG H, ZHU P, XIAO F, et al. A block-based scheme for privacy-preserving and Security sharing of media data [ J ]. Computers & Security,2020,99:102010) based on a block chain stores medical data of a patient in a cloud to reduce storage pressure, and data indexes are stored in the block chain in a hash pointer mode, thereby realizing safe sharing of the medical data. A collaboration model (SHEN M, DUAN J, ZHU L, et al. Block-based in-resources for secure and collectible data sharing in multiple groups [ J ]. IEEE Journal on Selected Areas in Communications,2020,38(6):1229-1241) includes data owners, blockchain miners and third parties, stores data in respective private or public clouds, provides access rights to each participant by using federation chain authorization, and ensures the security of data privacy. A new framework of cloud-assisted medical data storage and sharing with privacy protection and data security based on a federation block chain (Wang Y, Zhang A, Zhang P, et al. cloud-assisted EHR sharing with security and privacy preservation view a social security block [ J ]. IEEE Access,2019,7: 136704-. A concept of continuous dynamic Health data sharing for personal (ZHENGN X, MUKKAMALA R, VATRAPU R, et al. blocchain-based personal Health data sharing system using closed storage [ C ].2018IEEE 20th International Conference on e-Health Networking, Applications and Services (Health). IEEE,2018:1-6.) with block chaining technique to assist cloud storage, shares Health related information in a safe and transparent way. After the cloud chain is coordinated, if the medical data is stored in the public cloud, the attack problem faced by the cloud service provider still exists. In addition, the block chain assists in cloud storage, privacy protection and access control are only well done, and although the safety of medical data is improved, effective implementation of sharing is still difficult to guarantee. Considering the blockchain assisted cloud storage query, cloud storage locations of medical data can be searched on the blockchain. However, if there is only one block chain in the network, the single-chain mixed type recording situation is easy to occur, which will cause the query efficiency to be low.
Currently, the alliance of medical institutions will face some technical problems when sharing medical data, such as:
1) public cloud storage security relies on cloud service providers, and if the cloud service providers are attacked, the risks of stealing and leaking medical data are caused.
2) The existing related work mainly focuses on a single cloud + single chain cooperative mode or a multi-cloud + single chain cooperative mode. The medical data is stored in the single cloud mode, so that the problem of single-point failure is easy to occur, and electronic medical data leakage is easy to occur due to attack.
3) At present, the block chain assisted cloud storage only performs privacy protection and access control, and although the security of medical data is improved, effective implementation of sharing is still difficult to guarantee.
4) If only one blockchain exists in the network, single-chain mixed type records are easy to appear, and the query efficiency is low.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention aims to provide a secure sharing method of multi-cloud and multi-chain cooperative electronic medical data, which has the characteristics of anti-theft, anti-tampering, multi-anonymization of patient identity, cross-regional and cross-institution sharing.
In order to achieve the purpose, the invention adopts the technical scheme that: a secure sharing method of multi-cloud and multi-chain collaborative electronic medical data comprises the following steps:
step one, constructing a multi-cloud and multi-chain cooperative mode framework, wherein the framework is presented in a hierarchical mode and comprises a multi-cloud layer, a multi-chain layer, a user layer and a management layer;
multi-cloud layer: each hospital has a proprietary cloud that stores the various types of medical data it generates. Medical data in the private cloud can be directly accessed locally, Alliance Users (AUs) cannot be directly accessed, and only data encryption can be put into a sharing pool for obtaining;
multi-chain layer: the hospital provides medical departments for outpatient service, emergency treatment, hospitalization, operation and examination, and in the medical service process of the patients in the departments, the generated medical data can be respectively projected to an outpatient department block chain, an emergency treatment block chain, an accommodation department block chain, an operation block chain and an examination block chain, and a block chain for recording data access logs and user behaviors is added to form a multi-chain distinguishing and recording mode;
and (3) a user layer: the alliance users comprise hospitals, medical research institutes, law enforcement departments and insurance companies, the hospitals play the roles of contributors and visitors in medical data sharing, also play the roles of block generation and verification, have the functions of block chain miners, the medical research institutes can access data after desensitization processing of patient information, the data are used for scientific research, when doctor-patient disputes occur, the law enforcement departments can intervene to access the medical data, and when medical insurance compensation is confirmed, the insurance companies can partially access the medical data;
and (3) a management layer: the system consists of a digital certificate issuing mechanism, a secret key management mechanism, a management certificate revocation list, an anonymous server and a data sharing manager authentication system, and is deployed on a plurality of servers of a health administration mechanism, a management layer only executes authentication and authorization functions, does not store any medical data, and can effectively reduce the load pressure of the system; the digital certificate issuing authority is responsible for applying and issuing digital certificates of the alliance users; the key management mechanism is responsible for permanent keys and zero-time keys of the alliance users; the anonymous server is responsible for anonymizing the identity of the patient and protecting the identity privacy of the patient; when a alliance user requests to access medical data, a data sharing manager not only verifies a digital certificate of the alliance at a digital certificate authority, but also checks whether the digital certificate is invalid on a management certificate revocation list, so that the digital certificate can pass authentication and identity confirmation, and corresponding access rights are given;
step two, a multi-anonymization medical data storage stage
The method for storing the multiple anonymized medical data comprises the following three stages: patient identity de-anonymization, private cloud encrypted storage and on-chain data projection; introducing multi-anonymization storage, wherein each patient can obtain an anonymous identity when visiting a hospital in the medical institution alliance, and the anonymous identities obtained in different hospitals are not repeated;
step three, on-chain data projection stage
HBMkWill EMDjkExtracted as projection DSjk={PIDjk,HBMk,Cjk,spjk,EPKj(accessjk),SigSKk(EMDjk),SigSKj(EMDjk),ADjk,mdtjkAnd packed into corresponding on-chain blocks, spjkIs EMDjkStorage path of EPKj(accessjk) Is EMDjkThe federation user, with patient knowledge and permission, uses the private key to decrypt EPKj(accessjk) Later, only has an opportunity to access the EMDjk,SigSKk(EMDjk),SigSKj(EMDjk) Are HBM respectivelykAnd patient to EMDjkSignature, ADjkFor EMDjkThe summary information description of (1);
step four, zero trust transfer access phase
When the alliance user requests to access the electronic medical data, the alliance user follows the zero trust thought of never trust and always authentication, a data sharing manager, a patient and a hospital where the data are located are linked to perform a series of authentication, encryption and decryption operations, the medical data requested to be accessed are transferred to a sharing pool, after the access is completed, the data in the sharing pool are automatically destroyed,
the core component of the zero trust authentication can be embedded into a data sharing manager of a management layer of a medical institution alliance, and mainly comprises a zero trust gateway, a zero trust authentication engine, a zero trust access control engine and a zero trust audit engine.
The patient identity multi-anonymization comprises the following steps:
step1, selecting a random data r by the patientjkAs an anonymity parameter, an anonymity service request AR [ ID ] is issued to an anonymity serverj]=EPKAS(rjk||IDj||SigSKj(rjk)||iat1) Wherein PKAS is the public key of anonymous server, SigSKj(rjk) Is a patient pair rjkSKj is the private key of the patient, iat1For the time stamp of the request message, the anonymity server holds an anonymity parameter List XI for the patientjChecking rjkWhether or not in xijIn the medical institution alliance, anonymous identity repetition of patients on the medical institution alliance is mainly avoided; if r isjk∈ΞjThe anonymizing server asks the patient for reselectionA random number is selected and the anonymous service request is resent until it is not repeated, if so
Figure BDA0003333514900000041
Anonymous server computing identity anonymous PIDjk=hA(IDj*rjk) Wherein h isA(.) is a hash function performing anonymous operation, having non-invertibility and collision resistance, and anonymous server sends anonymous service response SR [ AS ] to patient]=EPKj(PIDjk||SigSKAS(PIDjk)||iat2) Wherein PKj is the public key of the patient, SigSKAS(PIDjk) For anonymous server pair PIDjkSKAS is the private key of the anonymous server iat2A timestamp for the response message;
step2, patient decrypts ASR with SKj [ anonymous Server ]]To obtain an anonymous identity PIDjkH, a collection of hospitals over a federation of medical institutions { HBM1,…,HBMk,…,HBMhThe anonymous server keeps a list of anonymous identities for the patient denoted as ΓjAlgorithm 1 can be run at the anonymity server to achieve patient identity de-anonymization; having anonymous identity, the patient goes to HBMkHospitalizing, only anonymous identity authentication is needed;
the algorithm 1 is as follows: entering H, xijj,IDjFirst, m is initialized to 0, ΓjIs composed of
Figure BDA0003333514900000042
HBM when patient goes to certain hospitalkAt the time of hospitalization, the patient first selects a random number rjkAs an anonymity parameter, if rjkHaving existed in the anonymous parameter List xijIn (1), the patient must reselect a new rjk(ii) a Otherwise will rjkPut into xijAnd calculating the HBM of the patientkAnonymous identity PID injk=hA(IDj*rjk) Finally, it is applied to HBMkThe anonymous identity in (a) is added to an anonymous identity list Γ held by the patientjFor the medical alliance machineEach hospital in the structure performs cyclic calculation, and finally outputs an anonymous identity list gamma of the patientjWhich contains different anonymous identity information that the patient has in all hospitals.
The anonymous identity authentication specifically comprises the following steps:
step1, patient is administered to HBMkSending anonymous identity docket AIB [ ID ]j]=EPKk(PIDj||SigSKj(PIDj)||pvt1) Wherein PKk is HBMkOf public key, SigSKj(PIDjk) For patient to PIDjkSignature of, pvt1A timestamp for the docket message;
step2, HBMkSending AIV HBM to anonymous server for anonymous identity verification of patientk]=EPKAS(PIDjk||||SigSKk(PIDjk)||pvt2) Wherein, SigSKk(PIDjk) Is HBMkTo PIDjkSignature of SKkIs HBMkPrivate key of (1), pvt2A timestamp for the verification message;
step3, the anonymous server is arranged in the gammajUp-verification PIDjkIf PID existsjk∈Γj Verification result v jk1 if not, vjk0, anonymous Server to HBMkReturning anonymous identity confirmation AIC AS]=EPKk(vjk||SigSKAS(vjk)||pvt3) Wherein, SigSKAS(vjk) AS to vjkSignature of, pvt3A timestamp for the verification message;
step4, HBMkAIC anonymous Server decrypted with SKk]After, if vjkIf 1, then use PIDjkAnonymizing the patient to store medical data, if vjk0, patients in HBMkThe medical service application is difficult to pass;
the patient is in HBMkAfter the medical treatment is finished, the generated medical data MDjk={Cjk,Datajk,mdtjkHas to be stored encrypted to the PCloudkWherein, CjkThe value range Λ ═ 1,2,3,4,5 corresponds to { outpatient service, emergency treatment, hospitalization, operation, examination }, Data, respectivelyjkAll electronic medical records, treatment records, diagnosis reports, C, generated during the patient's visitjkMay take a subset or a full set of Λ, mdtjkIs MDjkThe generation time of (c);
for PCloudkLocal access to medical data, HBMkHas direct access rights and the patient is going to the HBMkApplication to access, and thus, available PKkEncrypted MDjkIs denoted as EMDjkIf the alliance user is not authorized, it is difficult to decrypt the EMDjkAnd obtaining MDjkTherefore, the privacy of the patient and the safety of medical data sharing are effectively guaranteed.
In the step, the zero trust transfer access comprises the following six stages:
and (3) boundary control strategy: zero trust gateway judgment AUiTo access the data. If the trust is reasonable, forwarding the trust to a zero trust authentication engine;
and (3) authentication strategy: zero trust authentication Engine always to AUiChecking the identity of the user, and sending an authentication result to a zero trust access control engine;
access arbitration policy: when the authentication result reaches the access control engine, performing access control arbitration according to a preset strategy set;
and (3) auditing strategy: and the zero trust audit engine performs abnormal audit according to the judgment result. If the security is ensured, the zero trust gateway is informed to give access authority;
and (3) authorization policy: zero trust gateway from AUiOf the respective right ar granted in the set of access rights ΣiThe access authority set Σ ═ 1,2,3,4, } corresponds to { high, medium, low }, respectively, high authority means that all electronic medical data of a patient can be accessed, high authority can access part of the data, medium authority can access desensitized medical data, low authority can access only limited medical data such as a diagnosis certificate, an electronic invoice, a charge detail, and the like, and meanwhile, the zero trust gateway relies on PIDjkAssociating out patient's post at ASMultiple anonymous identities exist, then, search is simultaneously expanded on multiple block chains according to the type of the requested data, and the inquired projection data is loaded to the search result sriIn, feed back to AUi
Transfer sharing strategy: AU (AU)iAccording to the projection data in the search result, the requested electronic medical data is found to be positioned in the HBMpAfter the processing, starting the confidentiality transfer access control protocol immediately, and according to the search result sriAlthough the federation user can know the storage path, abstract information, access password and the like of the requested data, the federation user cannot directly access the data, and the authorization ar is requirediAnd sriThe authentication is sent to a hospital where the electronic medical data is located, the authorization of the alliance user is confirmed to be correct from the zero trust gateway, and the hospital selects a random number as a temporary symmetric key and sends the temporary symmetric key to the alliance user; then, the hospital downloads the requested electronic medical data in the private cloud, decrypts the electronic medical data by using a private key of the hospital, encrypts the electronic medical data by using a temporary symmetric key and forwards the electronic medical data to the sharing pool; finally, the alliance user shows authorization, obtains the electronic medical data in the sharing pool and decrypts the electronic medical data by using the temporary symmetric key; once the access is completed, the data in the shared pool can be destroyed immediately; the access request sent by the alliance user is completed cooperatively by an authentication system deployed in a management layer.
The authentication process of the access request comprises the following steps:
Step1,AUisending an access request AR [ AU ] to DSMi]=EPKDSM(arai||CAi||HBMk||PIDjk||SigSKi(arai)||art1) Wherein araiFor access request applications, CAiIs AUiThe digital certificate of (1). If AUiIs simply HBMkItself, then CAi=CAk,PKDSMPublic keys DSM, Sig for DSMSKi(arai)AUiTo araiSignature, art1A timestamp for the request message;
step2, DSM verifies CA at CAiAnd examining CA on CRLiIf it is invalid, if true, then authentication is carried outBy, then, confirming CAiWhether or not equal to CAkIf CAi=CAkDirectly jumping to Step5, otherwise, continuing to execute the next Step;
step3 DSM-to-HBMkSending an authentication request VR DSM]=EPKk(arai||CAi||PIDjk||SigSKDSM(arai)||art2) Wherein SKDSMBeing the private key, Sig, of DSMSKDSM(arai) For DSM to araiSignature, art2A timestamp for the request message;
Step4,HBMkreturning an authentication acknowledgment VC HBM to DSMk]=EPKDSM(shik||CAk||PIDjk||SigSKk(shik)||art3) If, HBMkConfirmation of being AUiDepends on the hospital, then shikOn the contrary, shik=0。SigSKk(shik) Is HBMkTo shikSignature, art3A timestamp for the acknowledgment message;
step5, if CAi=CAkOr shik0, DSM to AUiReturning an access request response ARR DSM]=EPKi(ari||sri||CAi||SigSKDSM(ari)||SigSKDSM(sri)||art4) Wherein, ariFor access rights, sriFor DSM according to araiDSM can rely on PID for search results queried on blockchainjkAll multi-anonymous identities of John are correlated at the AS, then search is simultaneously expanded on a plurality of block chains according to the type of the requested data, and the inquired projection data are loaded to sriIn, SigSKDSM(ari)、SigSKDSM(sri) Respectively DSM pair ariAnd sriSignature, art4A timestamp for the response message;
AUiaccording to the projection data in the search result, the medical data requested by the search result is found to be positioned in the HBMpAfter processing, the confidential transit access control is immediately startedAnd (4) protocol.
The implementation of the confidentiality transit access control protocol comprises the following steps:
Step1,AUito HBMpSending AN Access requirement AN [ AU ]i]=EPKp(ari||arai||PIDjp||SigSKi(ari)||SigSKi(arai)||crt1) Wherein PKp is HBMpPublic key, PIDjpFor John at HBM given in search resultspAnonymous identity of (Sig)SKi(ari)、SigSKi(arai) Are respectively AUiTo ariAnd araiSignature, crt1A timestamp for the demand message;
Step2,HBMpsending authorization verification RV [ HBM ] to DSMp]=EPKDSM(ari||HBMp||PIDjp||SigSKp(ari)||crt2) Wherein SKp is HBMpPrivate key of (8), SigSKp(ari) Is HBMpTo ariSignature, art2A timestamp for the verification message;
step3 DSM-to-HBMpReturn authorization confirmation RC DSM]=EPKp(rci||HBMp||PIDjp||SigSKDSM(rci)||crt3) If, DSM validates ariEffective, then rc i1, otherwise, rci=0,SigSKDSM(rci) As DSM vs rciSignature, crt3A timestamp for the acknowledgment message;
step4 if rci=1,HBMpTo PCloudpSending data call DT [ HBM ] about patientp]=EPKcp(accessjp||arai||HBMp||PIDjp||SigSKp(accessjp)||SigSKp(arai)||crt4) Wherein access isjpUsing the SKi-decrypted access password, Sig, for the patientSKp(accessjp)、SigSKp(arai) Are HBM respectivelypFor accessjpAnd araiSignature, crt4A timestamp for the invocation message;
Step5,PCloudpverifying accessjpAfter being effective, to HBMpSending an Access data download DP [ PCloud ]p]=EPKp(PIDjp||EMDjp||SigSKcp(EMDjp)||crt5) Wherein EMDjpFor storage in the PCloudpMedical data, crt, encrypted with PKp5A timestamp for the download message;
Step6,HBMpto AUiSending a relay access response RAR [ HBM ]p]=EPKi(sip||PIDjp||SigSKp(sip)||crt6),HBMpSelecting a random number sipAs temporary transfer symmetric key for encrypting medical data MD of patientjp,crt6A timestamp for the response message;
Step7,HBMpWAD [ HBM ] for forwarding data to be accessed to shared pool SPp]=EPKSP(ari||PIDjp||HBMp||TEMDjp||||SigSKp(ari)||WAD[HBMp]=EPKSP(ari||PIDjp||HBMp||TEMDjp||SigSKp(ari)||SigSKcp(TEMDjp)||crt7),HBMpUsing sipEncrypted MDjpTo obtain TEMDjp。SigSKp(ari)、SigSKcp(TEMDjp) Are HBM respectivelypTo ariAnd TEMDjpSignature, crt7A timestamp for the forwarded data;
Step8,AUisending transfer sharing application SA [ AU ] to SPi]=EPKSP(ari||PIDjp||HBMp||SigSKi(ari)||crt8) Wherein, SigSKi(ari) Is AUiTo ariSignature, crt8A timestamp for the application message;
Step9,Sp authentication AUiTransmitted ariHBM (hepatitis B M)pTransmitted ariAfter the agreement, to AUiReturning shared data SD SP]=EPKi(PIDjp||HBMp||TEMDjp||SigPKSP(TEMDjp)||crt9) Wherein, crt9For the timestamp of the shared data, then SP deletes the temporarily stored TEMDjpSaving space and protecting TEMDjpSecurity of, AUiUsing sipDecrypting TEMDjpThen, the final MD is obtainedjp
The invention has the beneficial effects that:
compared with the prior art, the invention has the following advantages:
1) the invention can encrypt and store the medical data of the patient in the private cloud of the hospital, and extract and pack the medical data to the corresponding block chain according to the medical service type of the patient. Compared with the traditional single-chain mixed recording method, the multi-chain differential recording method is more beneficial to improving the query efficiency and tracing.
2) The invention designs a multi-anonymization method, which can ensure that a patient can quickly obtain a plurality of anonymous identities when going to a medical institution alliance for hospitalization for the first time, and ensure the identity privacy data of the patient.
3) The invention designs an on-chain data projection strategy which is used for supporting the whole network data query, and meanwhile, the block structure is improved, so that the data query efficiency is improved.
4) The invention designs a zero-trust transfer access strategy which is used for guaranteeing the security of a coalition user when requesting to access data.
5) The invention designs an access request identity verification mechanism which specifies the authority range of the alliance user for accessing medical data.
6) The invention introduces a sharing pool for the alliance user to access the medical data; if the application is passed, the medical data needing to be accessed is sent to the shared pool, and the medical data is destroyed immediately after the access is finished.
7) The invention can solve the problem of identity privacy of the patient when the information island is broken.
8) In the invention, the patient can obtain a plurality of non-repeated anonymous identities when hospitalizing, and the security of medical electronic data sharing can be greatly improved.
9) The invention can prevent the medical electronic data in the medical institution alliance from being inferred due to the leakage of the identity of the patient in a certain hospital, thereby avoiding the continuous stealing of the data.
10) According to the invention, the encrypted medical data is stored in the private cloud, so that the privacy of the patient and the safety of the medical data can be effectively protected.
11) The invention changes the original structure of the block, and a certain block can only store the shadow data of one patient based on a single patient, thereby not only improving the generation efficiency of the block, but also improving the anti-tampering performance and the query efficiency.
12) The invention can give different access rights of the alliance user to the medical data, and can avoid stealing and leaking the privacy data of the patient.
13) The invention ensures the security of the data in the access sharing pool of the alliance users by implementing the confidentiality transfer access control protocol, and the data is destroyed immediately after the access is finished, thereby effectively saving the storage space and providing effective guarantee for the security of the data.
Drawings
Fig. 1 is a schematic view of a hierarchical architecture of a multi-cloud and multi-chain collaborative mode according to the present invention.
Fig. 2 is a schematic diagram of an overall framework of medical data security sharing in a multi-cloud and multi-chain collaborative mode.
Fig. 3 is a flow chart of the patient identity multi-anonymization medical data storage of the present invention.
Fig. 4 is a schematic diagram of the identity anonymization process of the present invention.
Fig. 5 is a schematic diagram of an anonymous identity verification process.
FIG. 6 is a block diagram of a packed projection.
Fig. 7 is a zero trust transit access policy framework diagram.
Fig. 8 is a schematic diagram of an access request authentication process.
Fig. 9 is a flowchart of the confidentiality transit access control protocol.
Detailed Description
The invention is described in further detail below with reference to the figures and specific examples.
The invention adopts a multi-cloud and multi-chain cooperative mode architecture to realize safe sharing of electronic medical data. As shown in fig. 1, the architecture is presented in a hierarchical fashion, including a multi-cloud tier, a multi-chain tier, a user tier, and a management tier.
Multi-cloud layer: each hospital has a Private cloud (pccloud) that stores the various types of medical data it generates. Medical data in the private cloud can be directly accessed locally, Alliance Users (AUs) cannot directly access the local cloud and only data can be encrypted and put into a shared pool to be acquired.
Multi-chain layer: hospitals typically provide patients with medical services such as outpatient service, emergency, hospitalization, surgery, examination, and the like. During the Medical service, the generated Medical Data can be respectively projected to an outpatient site block chain (HC _ chain), an emergency site block chain (HE _ chain), a residential site block chain (IH _ chain), an operating site block chain (MO _ chain), an examination site block chain (ME _ chain), and a Data access log and user behavor block chain (DU _ chain) for recording Data access logs and user behaviors, thereby forming a multi-chain distinguishing recording mode.
And (3) a user layer: mainly comprises users of unions such as hospitals, medical research institutions, public security, court, insurance companies and the like. Hospitals play both a contributor and visitor role in medical data sharing, and also undertake block generation and verification, with the responsibility of the block chain miners (HBMs). Medical research institutes may access data after desensitization of patient information for scientific research. When doctor-patient disputes occur, judicial authorities such as public security and court can intervene to access medical data. The insurance company has partial access to medical data when confirming the medical insurance reimbursement.
And (3) a management layer: the Certificate authority system mainly includes a digital Certificate Authority (CA), a Key Management Center (KMC), a management Certificate Revocation List (CRL), an Anonymous Server (AS), and a Data Sharing Manager (DSM), and is deployed on a plurality of servers of a health administration. The management layer only executes the authentication and authorization functions, does not store any medical data, and can effectively reduce the load pressure of the management layer. The CA is responsible for applying and issuing digital certificates of alliance users; the KMC is responsible for permanent keys and zero-time keys of the federation users; the AS is responsible for anonymization of the identity of the patient and protecting the identity privacy of the patient; when a federated user requests access to medical data, the DSM not only verifies its digital certificate at the CA, but also verifies whether the digital certificate is invalid on the CRL, and can pass authentication and confirm identity and give corresponding access rights.
Fig. 2 depicts the overall framework of a multi-cloud, multi-chain collaborative medical electronic data security sharing scheme. Taking patient John as an example, when he completes a medical diagnosis, new medical electronic data generated according to his type of medical service will be uploaded to the hospital's proprietary cloud for storage. At the same time, the data will be projected onto the corresponding tile chain, and the tiles containing the projections will be broadcast to all HBMs via multi-chain consensus. In the access phase, the alliance users can obtain the required medical electronic data from the SP through the confidentiality transit access protocol only after the alliance users pass the CA authentication and authorization.
Multiple anonymized medical data storage phases
In order to guarantee the sharing safety, data generated by patients seeking medical services in different hospitals needs to be subjected to multi-anonymization storage. As shown in fig. 3, the implementation of the multiple anonymization medical data storage method includes three phases: patient identity multi-anonymization, private cloud encrypted storage, and on-chain data projection.
By introducing multiple anonymization measures, each patient can obtain an anonymous identity when visiting a hospital in the medical institution alliance, and the anonymous identities in different hospitals are not repeated. Take John's patient as an example, his IDjIn number HBMkThe anonymization process of the hospital can be carried out in an anonymization serverCalculation of anonymous identities PID with the help of (AS)jk. Obviously, John executes the identity anonymization process once every time he visits a hospital, which causes low anonymization efficiency and delays the time of visiting a doctor. By designing the identity multi-anonymization algorithm, when John visits a medical association for the first time, he is combined with a hospital set h ═ HBM over a medical association at AS1,…,HBMk,…,HBMhRunning the algorithm, calculating the anonymous identity list gamma of John in batchesj. The identity anonymization process is implemented in three steps as shown in fig. 4.
Step1, John chooses a random data rjkAS an anonymous parameter, issuing an anonymous service request AR [ ID ] to the ASj]=EPKAS(rjk||IDj||SigSKj(rjk)||iat1) Wherein PKAS is the public key of AS, SigSKj(rjk) For John to rjkSKj is John's private key, iat1For the timestamp of the request message, the AS holds an anonymous parameter list xi for JohnjChecking rjkWhether or not in xijAnd mainly avoids anonymous identity duplication of John on the federation of medical institutions. If r isjk∈ΞjThe AS asks John to select a random number and resend the anonymous service request until it is not repeated. If it is not
Figure BDA0003333514900000091
AS calculates identity anonymous PIDjk=hA(IDj*rjk). Wherein h isA(-) is a hash function that performs anonymous operations, and is irreversible and collision resistant. AS sends an anonymous service response SR [ AS ] to John]=EPKj(PIDjk||SigSKAS(PIDjk)||iat2). PKj is the public key of John, SigSKAS(PIDjk) AS to PIDjkSKAS is the private key of the AS, iat2A timestamp for the response message;
step2, SK for JohnjDecrypting ASR [ AS ]]To obtain an anonymous identity PIDjkH, a collection of hospitals over a federation of medical institutions { HBM1,…,HBMk,…,HBMhThe anonymous identity list held by AS for John is denoted AS ΓjThe algorithm 1 can be operated at the AS to realize the identity anonymization;
the algorithm 1 is as follows: entering H, xijj,IDjFirst, m is initialized to 0, ΓjIs composed of
Figure BDA0003333514900000092
When John goes to a hospital HBMkIn hospitalization, John first selects a random number rjkAs an anonymity parameter, if rjkHaving existed in the anonymous parameter List xijIn (1), John must reselect a new rjk(ii) a Otherwise will rjkPut into xijAnd calculates John at HBMkAnonymous identity PID injk=hA(IDj*rjk) Finally, it is applied to HBMkThe anonymous identity in (1) is added to the anonymous identity list Γ held by JohnjIn the medical alliance, for each hospital in the medical alliance, cyclic calculation is carried out, and finally an anonymous identity list gamma of John is outputjDifferent anonymous identity information that John has in all hospitals;
having anonymous identity, John goes to HBMkHospitalization can be realized by only anonymous identity authentication in four steps, as shown in fig. 5.
Step1, John to HBMkSending anonymous identity docket AIB [ ID ]j]=EPKk(PIDj||SigSKj(PIDj)||pvt1). Wherein PKk is HBMkOf public key, SigSKj(PIDjk) For John to PIDjkSignature of, pvt1A timestamp for the docket message;
Step2,HBMksending AIV [ HBM ] for John anonymous authentication to ASk]=EPKAS(PIDjk||SigSKk(PIDjk)||pvt2) Wherein, SigSKk(PIDjk) Is HBMkTo PIDjkSignature of SKkIs HBMkPrivate key of (1), pvt2Is the experimentA timestamp of the certificate message;
step3, AS at ΓjUp-verification PIDjkIf PID existsjk∈Γj Verification result v jk1 if not, vjk0, AS to HBMkReturning anonymous identity confirmation AIC AS]=EPKk(vjk||SigSKAS(vjk)||pvt3) Wherein, SigSKAS(vjk) AS to vjkSignature of, pvt3A timestamp for the verification message;
Step4,HBMkAIC [ AS ] decrypted with SKk]After, if vjkIf 1, then use PIDjkStore medical data for John anonymization, if vjk0, John in HBMkThe medical service application is difficult to pass;
john on HBMkAfter the medical treatment is finished, the generated medical data MDjk={Cjk,Datajk,mdtjkHas to be stored encrypted to the PCloudkWherein, CjkThe value ranges Λ ═ 1,2,3,4,5 correspond to { outpatient service, emergency treatment, hospitalization, operation, examination }, respectively. DatajkAll electronic medical records, treatment records, diagnostic reports, etc. generated by John during the course of his visit. CjkMay take a subset or a full set of Λ, mdtjkIs MDjkThe generation time of (c);
for PCloudkLocal access to medical data, HBMkHas direct access rights, while John wants to access the HBMkIs applied for access. Thus, PK may be usedkEncrypted MDjkIs denoted as EMDjk. If the alliance user is not authorized, it is difficult to decrypt the EMDjkAnd obtaining MDjkTherefore, the privacy of the patient and the safety of medical data sharing are effectively guaranteed.
On-chain data projection phase
HBMkWill EMDjkExtracted as projection DSjk={PIDjk,HBMk,Cjk,spjk,EPKj(accessjk),SigSKk(EMDjk),SigSKj(EMDjk),ADjk,mdtjkAnd packed into the corresponding on-chain block. Wherein spjkIs EMDjkStorage path of EPKj(accessjk) Is EMDjkThe access password of (2). Federated user John, with John's knowledge and permission, uses the private key to decrypt EPKj(accessjk) Later, only has an opportunity to access the EMDjk。SigSKk(EMDjk),SigSKj(EMDjk) Are HBM respectivelykAnd John to EMDjkThe signature of (2). ADjkFor EMDjkSummary information description of (1).
Selection of the corresponding block chain, depending on Cjk. For example, CjkIf 3, IH _ chain is selected for projection. In the packed projection process, DSjkCan be disassembled into two parts of DSHjk={PIDjk,HBMk,Cjk} and DSBjk={spjk,EPKj(accessjk),SigSKk(EMDjk),SigSKj(EMDjk),ADjk,mdtjk}。
The capacity of one block is usually set to about 1MB, and the data that can be recorded in the block is small. Therefore, it is necessary to improve the block structure of bitcoin, and pack DSH based on inheriting the original parameters { previous block hash, block ID, timestamp, Merkle root }jkInto the block header, DSBjkIt is packed into a zone block in the form of a Merkle tree. The block structure of the packed projection is shown in fig. 6.
Unlike the traditional block structure, the new block is generated when the transaction volume record reaches the upper limit of the block capacity, the improved block structure takes a single patient as a reference, and only the projection related to the anonymous identity of a certain patient is packaged in one block. This may result in an increased blockchain length, but the longer the blockchain, the stronger the tamper resistance. In addition, the PIDjkThe block head is arranged, so that subsequent projection data query is facilitated, and the query efficiency is improved.
Zero trust transit access phase
When a alliance user requests to access electronic medical data, zero trust authentication is required, and then the requested medical data are obtained in a sharing pool in a confidentiality transfer mode;
the core component of the zero trust authentication can be embedded into a Data Sharing Manager (DSM) of a management layer of a medical institution alliance, and mainly comprises a zero trust gateway, a zero trust authentication engine, a zero trust access control engine and a zero trust audit engine. With alliance user AUiFor example, the implementation of the zero-trust transit access policy to which the DSM sends an access request is mainly divided into six stages, as shown in fig. 7;
and (3) boundary control strategy: zero trust gateway judgment AUiTo access the data. If the trust is reasonable, forwarding the trust to a zero trust authentication engine;
and (3) authentication strategy: zero trust authentication Engine always to AUiChecking the identity of the user, and sending an authentication result to a zero trust access control engine;
access arbitration policy: when the authentication result reaches the access control engine, performing access control arbitration according to a preset strategy set;
and (3) auditing strategy: and the zero trust audit engine performs abnormal audit according to the judgment result. If the security is ensured, the zero trust gateway is informed to give access authority;
and (3) authorization policy: zero trust gateway from AUiOf the respective right ar granted in the set of access rights Σi. The set of access permissions Σ ═ {1,2,3,4 }, respectively corresponds to { high, medium, low }. High-level rights mean that all electronic medical data of a patient can be accessed, high-level rights can access part of the data, intermediate-level rights can access desensitized medical data, and low-level rights can only access limited medical data such as diagnostic certificates, electronic invoices, expense details and the like. At the same time, the zero trust gateway relies on PIDjkAll the multiple anonymous identities of the patient are correlated at the AS, then the search is simultaneously expanded on a plurality of block chains according to the type of the requested data, and the inquired projection data is loaded to the search result sriIn, feed back to AUi
Transfer sharing strategy: AU (AU)iAccording to the projection data in the search result, the requested electronic medical data is found to be positioned in the HBMpAfter the treatment, the mixture is put into the furnace,immediately starting a confidentiality transfer access control protocol according to the search result sriAlthough the federation user can know the storage path, abstract information, access password and the like of the requested data, the federation user cannot directly access the data, and the authorization ar is requirediAnd sriThe authentication is sent to a hospital where the electronic medical data is located, the authorization of the alliance user is confirmed to be correct from the zero trust gateway, and the hospital selects a random number as a temporary symmetric key and sends the temporary symmetric key to the alliance user; then, the hospital downloads the requested electronic medical data in the private cloud, decrypts the electronic medical data by using a private key of the hospital, encrypts the electronic medical data by using a temporary symmetric key and forwards the electronic medical data to the sharing pool; finally, the federated user presents the authorization, gets the electronic medical data in the shared pool, and decrypts with the temporary symmetric key. Once access is complete, the data in the shared pool is destroyed immediately.
The authentication of the access request sent by the alliance user is completed by the authentication system deployed in the management layer. With alliance user AUiAs an example, AUiThe transmitted access request authentication procedure can be implemented by the DSM of the management layer in 5 steps, as shown in figure 8,
Step1,AUisending an access request AR [ AU ] to DSMi]=EPKDSM(arai||CAi||HBMk||PIDjk||SigSKi(arai)||art1) Wherein araiFor access request applications, CAiIs AUiThe digital certificate of (1). If AUiIs simply HBMkItself, then CAi=CAk,PKDSMPublic keys DSM, Sig for DSMSKi(arai)AUiTo araiSignature, art1A timestamp for the request message;
step2, DSM verifies CA at CAiAnd examining CA on CRLiIf it is invalid, if true, authentication is passed, and then CA is confirmediWhether or not equal to CAkIf CAi=CAkDirectly jumping to Step5, otherwise, continuing to execute the next Step;
step3 DSM-to-HBMkSending an authentication request VR DSM]=EPKk(arai||CAi||PIDjk||SigSKDSM(arai)||art2) Wherein SKDSMBeing the private key, Sig, of DSMSKDSM(arai) For DSM to araiSignature, art2A timestamp for the request message;
Step4,HBMkreturning an authentication acknowledgment VC HBM to DSMk]=EPKDSM(shik||CAk||PIDjk||SigSKk(shik)||art3) If, HBMkConfirmation of being AUiDepends on the hospital, then shikOn the contrary, shik=0。SigSKk(shik) Is HBMkTo shikSignature, art3A timestamp for the acknowledgment message;
step5, if CAi=CAkOr shik0, DSM to AUiReturning an access request response ARR DSM]=EPKi(ari||sri||CAi||SigSKDSM(ari)||SigSKDSM(sri)||art4) Wherein, ariFor access rights, sriFor DSM according to araiDSM can rely on PID for search results queried on blockchainjkAll multi-anonymous identities of John are correlated at the AS, then search is simultaneously expanded on a plurality of block chains according to the type of the requested data, and the inquired projection data are loaded to sriIn, SigSKDSM(ari)、SigSKDSM(sri) Respectively DSM pair ariAnd sriSignature, art4A timestamp for the response message;
AUiaccording to the projection data in the search result, the medical data requested by the search result is found to be positioned in the HBMpAfter that, the confidentiality relay access control protocol is started immediately, and the process can be implemented in 9 steps (here, it is indicated that the following steps 1 to 9 are limitations on the confidentiality relay access control protocol) as shown in fig. 8.
Step1,AUiTo HBMpSending AN Access requirement AN [ AU ]i]=EPKp(ari||arai||PIDjp||SigSKi(ari)||SigSKi(arai)||crt1) Wherein PKp is HBMpPublic key, PIDjpFor John at HBM given in search resultspAnonymous identity of (Sig)SKi(ari)、SigSKi(arai) Are respectively AUiTo ariAnd araiSignature, crt1A timestamp for the demand message;
Step2,HBMpsending authorization verification RV [ HBM ] to DSMp]=EPKDSM(ari||HBMp||PIDjp||SigSKp(ari)||crt2) Wherein SKp is HBMpPrivate key of (8), SigSKp(ari) Is HBMpTo ariSignature, art2A timestamp for the verification message;
step3 DSM-to-HBMpReturn authorization confirmation RC DSM]=EPKp(rci||HBMp||PIDjp||SigSKDSM(rci)||crt3) If, DSM validates ariEffective, then rc i1, otherwise, rci=0,SigSKDSM(rci) As DSM vs rciSignature, crt3A timestamp for the acknowledgment message;
step4 if rci=1,HBMpTo PCloudpSending data call DT [ HBM ] for Johnp]=EPKcp(accessjp||arai||HBMp||PIDjp||SigSKp(accessjp)||SigSKp(arai)||crt4) Wherein access isjpAccess password, Sig, decrypted using SKi for JohnSKp(accessjp)、SigSKp(arai) Are HBM respectivelypFor accessjpAnd araiSignature, crt4A timestamp for the invocation message;
Step5,PCloudpverifying accessjpAfter being effective, to HBMpSending an Access data download DP [ PCloud ]p]=EPKp(PIDjp||EMDjp||SigSKcp(EMDjp)||crt5) Wherein EMDjpFor storage in the PCloudpMedical data, crt, encrypted with PKp5A timestamp for the download message;
Step6,HBMpto AUiSending a relay access response RAR [ HBM ]p]=EPKi(sip||PIDjp||SigSKp(sip)||crt6),HBMpSelecting a random number sipAs temporary transfer symmetric key, it is used to encrypt medical data MD of Johnjp,crt6A timestamp for the response message;
Step7,HBMpWAD [ HBM ] for forwarding data to be accessed to shared pool SPp]=EPKSP(ari||PIDjp||HBMp||TEMDjp||||SigSKp(ari)||WAD[HBMp]=EPKSP(ari||PIDjp||HBMp||TEMDjp||SigSKp(ari)||SigSKcp(TEMDjp)||crt7),HBMpUsing sipEncrypted MDjpTo obtain TEMDjp。SigSKp(ari)、SigSKcp(TEMDjp) Are HBM respectivelypTo ariAnd TEMDjpSignature, crt7A timestamp for the forwarded data;
Step8,AUisending transfer sharing application SA [ AU ] to SPi]=EPKSP(ari||PIDjp||HBMp||SigSKi(ari)||crt8) Wherein, SigSKi(ari) Is AUiTo ariSignature, crt8A timestamp for the application message;
step9, SP verifies AUiTransmitted ariHBM (hepatitis B M)pTransmitted ariAfter the agreement, to AUiReturning shared data SD SP]=EPKi(PIDjp||HBMp||TEMDjp||SigPKSP(TEMDjp)||crt9) Which isMiddle, crt9For the timestamp of the shared data, then SP deletes the temporarily stored TEMDjpSaving space and protecting TEMDjpSecurity of, AUiUsing sipDecrypting TEMDjpThen, the final MD is obtainedjp
The application advantages of the invention are:
through a large amount of relevant literature research and actual demand analysis at home and abroad, the fact that a block chain is beneficial to promoting medical data sharing but difficult to store large-size audio and video data is found; the cloud storage space is large, but a single cloud mode easily causes single-point failure, and large-scale data leakage is easy to occur after the single cloud mode is attacked due to centralized targets. Existing related work is biased to a single-cloud single-chain mode or a multi-cloud single-chain mode, the advantages of cloud chain cooperation cannot be fully exerted, and a single-chain hybrid storage mode may cause confusion and low efficiency of shared data query.
The invention adopts a multi-cloud and multi-chain cooperation mode to safely share the electronic medical data. In practical application, a hospital with better urban digital construction can form a city-level medical institution alliance. Through a cross-link interaction protocol, a cross-link node is additionally arranged on a city-level alliance management layer, a plurality of city-level medical institution alliances can be connected, a provincial-level medical institution alliance is further formed, and the provincial information query and sharing of electronic medical data is achieved. In the whole alliance architecture, all hospitals are responsible for storing electronic medical data generated by the hospitals in respective proprietary clouds, and data backup is well done. Each hospital holds the private key and does not disclose the private key to the outside. Without authentication and authorization, even federated users have difficulty obtaining encrypted data. After the electronic medical data is stored in a private cloud encryption mode, according to the type of medical service of a patient, index information is extracted and packaged to a corresponding block chain for information inquiry and sharing in a projecting mode. When a cross-city access request occurs, after zero trust authentication and authorization of a provincial alliance management layer are successful, the access user transmits the access request to a target city level cross-link node by the node at the city level cross-link node, and the cross-city transfer method has positive data query and sharing significance for cross-city transfer of patients.
In conclusion, the multi-cloud and multi-chain collaborative mode designed by the invention has better elasticity and expansibility, and is beneficial to being put into practical application of electronic medical data security sharing.

Claims (6)

1. A secure sharing method of electronic medical data based on multi-cloud and multi-chain collaboration is characterized by comprising the following steps:
step one, constructing a multi-cloud and multi-chain cooperative mode framework, wherein the framework is presented in a hierarchical mode and comprises a multi-cloud layer, a multi-chain layer, a user layer and a management layer;
multi-cloud layer: each hospital has a proprietary cloud that stores the various types of medical data it generates. Medical data in the private cloud can be directly accessed locally, and alliance users cannot directly access the medical data and only can encrypt the medical data and put the encrypted medical data into a sharing pool to obtain the encrypted medical data;
multi-chain layer: the hospital provides medical departments for outpatient service, emergency treatment, hospitalization, operation and examination, and in the medical service process of the patients in the departments, the generated medical data can be respectively projected to an outpatient department block chain, an emergency treatment block chain, an accommodation department block chain, an operation block chain and an examination block chain, and a block chain for recording data access logs and user behaviors is added to form a multi-chain distinguishing and recording mode;
and (3) a user layer: the alliance users comprise hospitals, medical research institutes, law enforcement departments and insurance companies, the hospitals play the roles of contributors and visitors in medical data sharing, also play the roles of block generation and verification, have the functions of block chain miners, the medical research institutes can access data after desensitization processing of patient information, the data are used for scientific research, when doctor-patient disputes occur, the law enforcement departments can intervene to access the medical data, and when medical insurance compensation is confirmed, the insurance companies can partially access the medical data;
and (3) a management layer: the system consists of a digital certificate issuing mechanism, a secret key management mechanism, a management certificate revocation list, an anonymous server and a data sharing manager authentication system, and is deployed on a plurality of servers of a health administration mechanism, a management layer only executes authentication and authorization functions, does not store any medical data, and can effectively reduce the load pressure of the system; the digital certificate issuing authority is responsible for applying and issuing digital certificates of the alliance users; the key management mechanism is responsible for permanent keys and zero-time keys of the alliance users; the anonymous server is responsible for anonymizing the identity of the patient and protecting the identity privacy of the patient; when a alliance user requests to access medical data, a data sharing manager not only verifies a digital certificate of the alliance at a digital certificate authority, but also checks whether the digital certificate is invalid on a management certificate revocation list, so that the digital certificate can pass authentication and identity confirmation, and corresponding access rights are given;
step two, a multi-anonymization medical data storage stage
The method for storing the multiple anonymized medical data comprises the following three stages: patient identity de-anonymization, private cloud encrypted storage and on-chain data projection; introducing multi-anonymization storage, wherein each patient can obtain an anonymous identity when visiting a hospital in the medical institution alliance, and the anonymous identities obtained in different hospitals are not repeated;
step three, on-chain data projection stage
HBMkWill EMDjkExtracted as projection DSjk={PIDjk,HBMk,Cjk,spjk,EPKj(accessjk),SigSKk(EMDjk),SigSKj(EMDjk),ADjk,mdtjkAnd packed into corresponding on-chain blocks, spjkIs EMDjkStorage path of EPKj(accessjk) Is EMDjkThe federation user, with patient knowledge and permission, uses the private key to decrypt EPKj(accessjk) Later, only has an opportunity to access the EMDjk,SigSKk(EMDjk),SigSKj(EMDjk) Are HBM respectivelykAnd patient to EMDjkSignature, ADjkFor EMDjkThe summary information description of (1);
step four, zero trust transfer access phase
When the alliance user requests to access the electronic medical data, the alliance user follows the zero trust thought of never trust and always authentication, a data sharing manager, a patient and a hospital where the data are located are linked to perform a series of authentication, encryption and decryption operations, the medical data requested to be accessed are transferred to a sharing pool, after the access is completed, the data in the sharing pool are automatically destroyed,
the core component of the zero trust authentication can be embedded into a data sharing manager of a healthcare institution alliance management layer.
2. The secure sharing method of multi-cloud and multi-chain collaborative electronic medical data according to claim 1, wherein the patient identity is anonymized, comprising the following steps:
step1, selecting a random data r by the patientjkAs an anonymity parameter, an anonymity service request AR [ ID ] is issued to an anonymity serverj]=EPKAS(rjk||IDj||SigSKj(rjk)||iat1) Wherein PKAS is the public key of anonymous server, SigSKj(rjk) Is a patient pair rjkSKj is the private key of the patient, iat1For the time stamp of the request message, the anonymity server holds an anonymity parameter List XI for the patientjChecking rjkWhether or not in xijIn the medical institution alliance, anonymous identity repetition of patients on the medical institution alliance is mainly avoided; if r isjk∈ΞjThe anonymizing server asks the patient to select a random number and resends the anonymizing service request until it is not repeated, if
Figure FDA0003333514890000021
Anonymous server computing identity anonymous PIDjk=hA(IDj*rjk) Wherein h isA(.) is a hash function performing anonymous operations, irreversible and collision-resistant, the anonymous server sending an anonymous service response ASR [ AS ] to the patient]=EPKj(PIDjk||SigSKAS(PIDjk)||iat2) Wherein PKj is the public key of the patient, SigSKAS(PIDjk) Being anonymous clothesServer pair PIDjkSKAS is the private key of the anonymous server iat2A timestamp for the response message;
step2 patient uses SKj to decipher ASR [ AS ]]To obtain an anonymous identity PIDjkH, a collection of hospitals over a federation of medical institutions { HBM1,…,HBMk,…,HBMhThe anonymous server keeps a list of anonymous identities for the patient denoted as ΓjAlgorithm 1 can be run at the anonymity server to achieve patient identity de-anonymization; having anonymous identity, the patient goes to HBMkHospitalizing, only anonymous identity authentication is needed;
the algorithm 1 is as follows: entering H, xijj,IDjFirst, m is initialized to 0, ΓjIs composed of
Figure FDA0003333514890000022
HBM when patient goes to certain hospitalkAt the time of hospitalization, the patient first selects a random number rjkAs an anonymity parameter, if rjkHaving existed in the anonymous parameter List xijIn (1), the patient must reselect a new rjk(ii) a Otherwise will rjkPut into xijAnd calculating the HBM of the patientkAnonymous identity PID injk=hA(IDj*rjk) Finally, it is applied to HBMkThe anonymous identity in (a) is added to an anonymous identity list Γ held by the patientjIn the medical alliance, each hospital in the medical alliance is circularly calculated, and finally, an anonymous identity list gamma of the patient is outputjWhich contains different anonymous identity information that the patient has in all hospitals.
3. The multi-cloud and multi-chain collaborative electronic medical data security sharing method according to claim 2, wherein the anonymous identity authentication specifically includes the following steps:
step1, patient is administered to HBMkSending anonymous identity docket AIB [ ID ]j]=EPKk(PIDj||SigSKj(PIDj)||pvt1) Wherein, in the step (A),PKkis HBMkOf public key, SigSKj(PIDjk) For patient to PIDjkSignature of, pvt1A timestamp for the docket message;
step2, HBMkSending AIV HBM to anonymous server for anonymous identity verification of patientk]=EPKAS(PIDjk||||SigSKk(PIDjk)||pvt2) Wherein, SigSKk(PIDjk) Is HBMkTo PIDjkSignature of SKkIs HBMkPrivate key of (1), pvt2A timestamp for the verification message;
step3, the anonymous server is arranged in the gammajUp-verification PIDjkIf PID existsjk∈ΓjVerification result vjk1 if not, vjk0, anonymous Server to HBMkReturning anonymous identity confirmation AIC AS]=EPKk(vjk||SigSKAS(vjk)||pvt3) Wherein, SigSKAS(vjk) AS to vjkSignature of, pvt3A timestamp for the verification message;
step4, HBMkUsing SKkDecrypting AIC [ AS ]]After, if vjkIf 1, then use PIDjkAnonymizing the patient to store medical data, if vjk0, patients in HBMkThe medical service application is difficult to pass;
the patient is in HBMkAfter the medical treatment is finished, the generated medical data MDjk={Cjk,Datajk,mdtjkHas to be stored encrypted to the PCloudkWherein, CjkThe value range Λ ═ 1,2,3,4,5 corresponds to { outpatient service, emergency treatment, hospitalization, operation, examination }, Data, respectivelyjkAll electronic medical records, treatment records, diagnosis reports, C, generated during the patient's visitjkMay take a subset or a full set of Λ, mdtjkIs MDjkThe generation time of (c);
for PCloudkLocal access to medical data, HBMkHas direct access rights and the patient is going to the HBMkApplication forCan be accessed, and thus, the PK may be usedkEncrypted MDjkIs denoted as EMDjkIf the alliance user is not authorized, it is difficult to decrypt the EMDjkAnd obtaining MDjkTherefore, the privacy of the patient and the safety of medical data sharing are effectively guaranteed.
4. The method for safely sharing electronic medical data in cooperation with multiple clouds and multiple chains according to claim 1, wherein in the step, the zero trust relay access comprises the following six stages:
and (3) boundary control strategy: zero trust gateway judgment AUiTo access the data. If the trust is reasonable, forwarding the trust to a zero trust authentication engine;
and (3) authentication strategy: zero trust authentication Engine always to AUiChecking the identity of the user, and sending an authentication result to a zero trust access control engine;
access arbitration policy: when the authentication result reaches the access control engine, performing access control arbitration according to a preset strategy set;
and (3) auditing strategy: and the zero trust audit engine performs abnormal audit according to the judgment result. If the security is ensured, the zero trust gateway is informed to give access authority;
and (3) authorization policy: zero trust gateway from AUiOf the respective right ar granted in the set of access rights ΣiThe access authority set Σ ═ 1,2,3,4, } corresponds to { high, medium, low }, respectively, high authority means that all electronic medical data of a patient can be accessed, high authority can access part of the data, medium authority can access desensitized medical data, low authority can access only limited medical data such as a diagnosis certificate, an electronic invoice, a charge detail, and the like, and meanwhile, the zero trust gateway relies on PIDjkAll the multiple anonymous identities of the patient are correlated at the AS, then the search is simultaneously expanded on a plurality of block chains according to the type of the requested data, and the inquired projection data is loaded to the search result sriIn, feed back to AUi
Transfer sharing strategy: AU (AU)iAccording to the projection data in the search result, the requested electronic medical data is foundIn HBMpAfter the processing, starting the confidentiality transfer access control protocol immediately, and according to the search result sriAlthough the federation user can know the storage path, abstract information, access password and the like of the requested data, the federation user cannot directly access the data, and the authorization ar is requirediAnd sriThe authentication is sent to a hospital where the electronic medical data is located, the authorization of the alliance user is confirmed to be correct from the zero trust gateway, and the hospital selects a random number as a temporary symmetric key and sends the temporary symmetric key to the alliance user; then, the hospital downloads the requested electronic medical data in the private cloud, decrypts the electronic medical data by using a private key of the hospital, encrypts the electronic medical data by using a temporary symmetric key and forwards the electronic medical data to the sharing pool; finally, the alliance user shows authorization, obtains the electronic medical data in the sharing pool and decrypts the electronic medical data by using the temporary symmetric key; once the access is completed, the data in the shared pool can be destroyed immediately; the access request sent by the alliance user is completed cooperatively by an authentication system deployed in a management layer.
5. The secure sharing method of electronic medical data with multi-cloud and multi-chain cooperation according to claim 4, wherein the authentication process of the access request comprises the following steps:
Step1,AUisending an access request AR [ AU ] to DSMi]=EPKDSM(arai||CAi||HBMk||PIDjk||SigSKi(arai)||art1) Wherein araiFor access request applications, CAiIs AUiIf AUiIs simply HBMkItself, then CAi=CAk,PKDSMPublic keys DSM, Sig for DSMSKi(arai)AUiTo araiSignature, art1A timestamp for the request message;
step2, DSM verifies CA at CAiAnd examining CA on CRLiIf it is invalid, if true, authentication is passed, and then CA is confirmediWhether or not equal to CAkIf CAi=CAkDirectly jumping to Step5, otherwise, continuing to execute the next Step;
step3 DSM-to-HBMkSending an authentication request VR DSM]=EPKk(arai||CAi||PIDjk||SigSKDSM(arai)||art2) Wherein SKDSMBeing the private key, Sig, of DSMSKDSM(arai) For DSM to araiSignature, art2A timestamp for the request message;
Step4,HBMkreturning an authentication acknowledgment VC HBM to DSMk]=EPKDSM(shik||CAk||PIDjk||SigSKk(shik)||art3) If, HBMkConfirmation of being AUiDepends on the hospital, then shikOn the contrary, shik=0。SigSKk(shik) Is HBMkTo shikSignature, art3A timestamp for the acknowledgment message;
step5, if CAi=CAkOr shik0, DSM to AUiReturning an access request response ARR DSM]=EPKi(ari||sri||CAi||SigSKDSM(ari)||SigSKDSM(sri)||art4) Wherein, ariFor access rights, sriFor DSM according to araiDSM can rely on PID for search results queried on blockchainjkAll multi-anonymous identities of John are correlated at the AS, then search is simultaneously expanded on a plurality of block chains according to the type of the requested data, and the inquired projection data are loaded to sriIn, SigSKDSM(ari)、SigSKDSM(sri) Respectively DSM pair ariAnd sriSignature, art4A timestamp for the response message;
AUiaccording to the projection data in the search result, the medical data requested by the search result is found to be positioned in the HBMpAfter processing, the confidentiality relay access control protocol is started immediately.
6. The method according to claim 5, wherein the implementation of the confidentiality transit access control protocol comprises the following steps:
Step1,AUito HBMpSending AN Access requirement AN [ AU ]i]=EPKp(ari||arai||PIDjp||SigSKi(ari)||SigSKi(arai)||crt1) Wherein PKp is HBMpPublic key, PIDjpFor John at HBM given in search resultspAnonymous identity of (Sig)SKi(ari)、SigSKi(arai) Are respectively AUiTo ariAnd araiSignature, crt1A timestamp for the demand message;
Step2,HBMpsending authorization verification RV [ HBM ] to DSMp]=EPKDSM(ari||HBMp||PIDjp||SigSKp(ari)||crt2) Wherein SKp is HBMpPrivate key of (8), SigSKp(ari) Is HBMpTo ariSignature, art2A timestamp for the verification message;
step3 DSM-to-HBMpReturn authorization confirmation RC DSM]=EPKp(rci||HBMp||PIDjp||SigSKDSM(rci)||crt3) If, DSM validates ariEffective, then rci1, otherwise, rci=0,SigSKDSM(rci) As DSM vs rciSignature, crt3A timestamp for the acknowledgment message;
step4 if rci=1,HBMpTo PCloudpSending data call DT [ HBM ] for Johnp]=EPKcp(accessjp||arai||HBMp||PIDjp||SigSKp(accessjp)||SigSKp(arai)||crt4) Wherein access isjpAccess password, Sig, decrypted using SKi for JohnSKp(accessjp)、SigSKp(arai) Are HBM respectivelypFor accessjpAnd araiSignature, crt4A timestamp for the invocation message;
Step5,PCloudpverifying accessjpAfter being effective, to HBMpSending an Access data download DP [ PCloud ]p]=EPKp(PIDjp||EMDjp||SigSKcp(EMDjp)||crt5) Wherein EMDjpFor storage in the PCloudpMedical data, crt, encrypted with PKp5A timestamp for the download message;
Step6,HBMpto AUiSending a relay access response RAR [ HBM ]p]=EPKi(sip||PIDjp||SigSKp(sip)||crt6),HBMpSelecting a random number sipAs temporary transfer symmetric key, it is used to encrypt medical data MD of Johnjp,crt6A timestamp for the response message;
Step7,HBMpWAD [ HBM ] for forwarding data to be accessed to shared pool SPp]=EPKSP(ari||PIDjp||HBMp||TEMDjp||||SigSKp(ari)||WAD[HBMp]=EPKSP(ari||PIDjp||HBMp||TEMDjp||SigSKp(ari)||SigSKcp(TEMDjp)||crt7),HBMpUsing sipEncrypted MDjpTo obtain TEMDjp。SigSKp(ari)、SigSKcp(TEMDjp) Are HBM respectivelypTo ariAnd TEMDjpSignature, crt7A timestamp for the forwarded data;
Step8,AUisending transfer sharing application SA [ AU ] to SPi]=EPKSP(ari||PIDjp||HBMp||SigSKi(ari)||crt8) Wherein, SigSKi(ari) Is AUiTo ariSignature, crt8A timestamp for the application message;
step9, SP verifies AUiTransmitted ariHBM (hepatitis B M)pTransmitted ariAfter the agreement, to AUiReturning shared data SD SP]=EPKi(PIDjp||HBMp||TEMDjp||SigPKSP(TEMDjp)||crt9) Wherein, crt9For the timestamp of the shared data, then SP deletes the temporarily stored TEMDjpSaving space and protecting TEMDjpSecurity of, AUiUsing sipDecrypting TEMDjpThen, the final MD is obtainedjp
CN202111287111.1A 2021-11-02 2021-11-02 Multi-cloud and multi-chain collaborative electronic medical data security sharing method Withdrawn CN113987443A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111287111.1A CN113987443A (en) 2021-11-02 2021-11-02 Multi-cloud and multi-chain collaborative electronic medical data security sharing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111287111.1A CN113987443A (en) 2021-11-02 2021-11-02 Multi-cloud and multi-chain collaborative electronic medical data security sharing method

Publications (1)

Publication Number Publication Date
CN113987443A true CN113987443A (en) 2022-01-28

Family

ID=79745689

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111287111.1A Withdrawn CN113987443A (en) 2021-11-02 2021-11-02 Multi-cloud and multi-chain collaborative electronic medical data security sharing method

Country Status (1)

Country Link
CN (1) CN113987443A (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114547210A (en) * 2022-04-27 2022-05-27 南京邮电大学 Medical data safety sharing system based on double block chains
CN115065679A (en) * 2022-06-02 2022-09-16 湖南天河国云科技有限公司 Block chain based electronic health profile sharing model, method, system, and medium
CN115174082A (en) * 2022-07-22 2022-10-11 杭州师范大学 Cross-hospital electronic medical record access authentication protocol based on block chain
CN115361186A (en) * 2022-08-11 2022-11-18 哈尔滨工业大学(威海) Zero trust network architecture for industrial internet platform
CN116052832A (en) * 2023-04-03 2023-05-02 青岛市妇女儿童医院(青岛市妇幼保健院、青岛市残疾儿童医疗康复中心、青岛市新生儿疾病筛查中心) Tamper-proof transmission method based on medical information
CN116168794A (en) * 2023-04-23 2023-05-26 成都本千医疗科技有限公司 Big data supervision's electronic medical record collection management platform
CN116170448A (en) * 2023-04-20 2023-05-26 河北先见软件科技股份有限公司 Cross-organization data sharing method and storage medium
CN116504365A (en) * 2023-06-25 2023-07-28 安徽影联云享医疗科技有限公司 Medical image information sharing method and related device
CN116522415A (en) * 2023-04-23 2023-08-01 杭州前云数据技术有限公司 System for realizing safe storage and sharing of medical big data
CN116956346A (en) * 2023-07-25 2023-10-27 珠海市辰宇智能技术有限公司 Transaction data safety supervision system and method based on big data
CN116975011A (en) * 2023-09-22 2023-10-31 吉林大学第一医院 Nursing management system for multi-party information sharing
CN117574431A (en) * 2023-11-20 2024-02-20 北京远盟普惠健康科技有限公司 Method and system for guaranteeing internal sharing safety of medical data

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114547210A (en) * 2022-04-27 2022-05-27 南京邮电大学 Medical data safety sharing system based on double block chains
CN114547210B (en) * 2022-04-27 2022-07-08 南京邮电大学 Medical data safety sharing system based on double block chains
CN115065679A (en) * 2022-06-02 2022-09-16 湖南天河国云科技有限公司 Block chain based electronic health profile sharing model, method, system, and medium
CN115065679B (en) * 2022-06-02 2024-06-07 湖南天河国云科技有限公司 Electronic health record sharing model, method, system and medium based on blockchain
CN115174082A (en) * 2022-07-22 2022-10-11 杭州师范大学 Cross-hospital electronic medical record access authentication protocol based on block chain
CN115174082B (en) * 2022-07-22 2024-04-12 杭州师范大学 Cross-hospital electronic medical record access authentication protocol based on blockchain
CN115361186A (en) * 2022-08-11 2022-11-18 哈尔滨工业大学(威海) Zero trust network architecture for industrial internet platform
CN115361186B (en) * 2022-08-11 2024-04-19 哈尔滨工业大学(威海) Zero trust network architecture for industrial Internet platform
CN116052832A (en) * 2023-04-03 2023-05-02 青岛市妇女儿童医院(青岛市妇幼保健院、青岛市残疾儿童医疗康复中心、青岛市新生儿疾病筛查中心) Tamper-proof transmission method based on medical information
CN116170448A (en) * 2023-04-20 2023-05-26 河北先见软件科技股份有限公司 Cross-organization data sharing method and storage medium
CN116522415B (en) * 2023-04-23 2023-11-07 杭州前云数据技术有限公司 System for realizing safe storage and sharing of medical big data
CN116522415A (en) * 2023-04-23 2023-08-01 杭州前云数据技术有限公司 System for realizing safe storage and sharing of medical big data
CN116168794A (en) * 2023-04-23 2023-05-26 成都本千医疗科技有限公司 Big data supervision's electronic medical record collection management platform
CN116504365A (en) * 2023-06-25 2023-07-28 安徽影联云享医疗科技有限公司 Medical image information sharing method and related device
CN116956346A (en) * 2023-07-25 2023-10-27 珠海市辰宇智能技术有限公司 Transaction data safety supervision system and method based on big data
CN116956346B (en) * 2023-07-25 2024-01-26 珠海市辰宇智能技术有限公司 Transaction data safety supervision system and method based on big data
CN116975011A (en) * 2023-09-22 2023-10-31 吉林大学第一医院 Nursing management system for multi-party information sharing
CN116975011B (en) * 2023-09-22 2024-01-02 吉林大学第一医院 Nursing management system for multi-party information sharing
CN117574431A (en) * 2023-11-20 2024-02-20 北京远盟普惠健康科技有限公司 Method and system for guaranteeing internal sharing safety of medical data

Similar Documents

Publication Publication Date Title
CN113987443A (en) Multi-cloud and multi-chain collaborative electronic medical data security sharing method
Wang et al. Cloud-assisted EHR sharing with security and privacy preservation via consortium blockchain
Liang et al. PDPChain: A consortium blockchain-based privacy protection scheme for personal data
Wang et al. Blockchain-based personal health records sharing scheme with data integrity verifiable
Yang et al. A blockchain-based approach to the secure sharing of healthcare data
Xu et al. Healthchain: A blockchain-based privacy preserving scheme for large-scale health data
Zeng et al. Efficient policy-hiding and large universe attribute-based encryption with public traceability for internet of medical things
CN113067857B (en) Electronic medical record cross-hospital sharing method based on double-chain structure
CN103763319B (en) Method for safely sharing mobile cloud storage light-level data
WO2019090988A1 (en) Cryptography attribute-based access control method and system based on dynamic rule
CN112765650A (en) Attribute-based searchable encryption block chain medical data sharing method
CN112365945A (en) Block chain-based electronic medical record fine-grained access control and ciphertext searchable method
Qin et al. A secure storage and sharing scheme of stroke electronic medical records based on consortium blockchain
CN112422522B (en) Medical data safety sharing method based on block chain
KR20120041904A (en) Proxy based privilege management method and apparatus for accessing health data in cloud computing environment
Juyal et al. Privacy and security of IoT based skin monitoring system using blockchain approach
John et al. Provably secure data sharing approach for personal health records in cloud storage using session password, data access key, and circular interpolation
CN113761583A (en) Attribute-based access control method on block chain
Huang et al. Privacy-preserving traceable attribute-based keyword search in multi-authority medical cloud
CN115766098A (en) Personal health data sharing method based on block chain and proxy re-encryption
Vincent et al. Privacy protection and security in ehealth cloud platform for medical image sharing
Xu et al. A privacy-preserving and efficient data sharing scheme with trust authentication based on blockchain for mHealth
Wang et al. Data transmission and access protection of community medical internet of things
Pise et al. Efficient security framework for sensitive data sharing and privacy preserving on big-data and cloud platforms
Yuan et al. B‐SSMD: A Fine‐Grained Secure Sharing Scheme of Medical Data Based on Blockchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20220128

WW01 Invention patent application withdrawn after publication