CN115221555A - Health medical big data privacy protection method based on risk adaptive access control - Google Patents

Health medical big data privacy protection method based on risk adaptive access control Download PDF

Info

Publication number
CN115221555A
CN115221555A CN202210845823.9A CN202210845823A CN115221555A CN 115221555 A CN115221555 A CN 115221555A CN 202210845823 A CN202210845823 A CN 202210845823A CN 115221555 A CN115221555 A CN 115221555A
Authority
CN
China
Prior art keywords
access
value
risk
doctor
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210845823.9A
Other languages
Chinese (zh)
Other versions
CN115221555B (en
Inventor
姜茸
赵旭升
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yunnan University of Finance and Economics
Original Assignee
Yunnan University of Finance and Economics
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yunnan University of Finance and Economics filed Critical Yunnan University of Finance and Economics
Priority to CN202210845823.9A priority Critical patent/CN115221555B/en
Publication of CN115221555A publication Critical patent/CN115221555A/en
Application granted granted Critical
Publication of CN115221555B publication Critical patent/CN115221555B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Medical Treatment And Welfare Office Work (AREA)

Abstract

The invention discloses a health medical big data privacy protection method based on risk adaptive access control, which only comprises three modules: the system comprises an access request processing module, an authority management module and a limit calculation module. The access request module mainly processes a main body judgment flow after a user (doctor) submits an access request to the management system, and the access request of the user is judged by the access request module; the authority management module is composed of original one
Figure DEST_PATH_IMAGE002
In the frame
Figure DEST_PATH_IMAGE004
The elements are expanded, the access authority of the user is self-adaptively adjusted on the basis of the original authority, and the problem of protecting the privacy of the patient is solved together with the access request processing module; the quota calculating module is used for calculating corresponding data sent from the access request processing model, and particularlyIn order to calculate the value of the corresponding access request after risk quantification, the value is called the risk value in the present invention. The calculation process is separated, so that only the module for processing the access request determines the access response time, and the content of the module is a judgment step, so that the requirement on the calculation resource is limited, and the problem of shortening the response time of most doctor access requests is solved.

Description

Health medical big data privacy protection method based on risk adaptive access control
Technical Field
The invention relates to a health medical big data privacy protection method based on risk adaptive access control.
Background
Existing adaptive access control models are mainly classified into two categories: one type only considers the result of access control, and does not care how long the user needs to wait for the feedback result of access, when the data set is particularly large or the access request is concentrated, the system may not respond within 3 seconds; and the other type of model updates the access control information of the user only once in a longer time interval, and the model can quickly acquire the access feedback result and is often not comparable to the first type of model in accuracy. According to the risk adaptive access control-based health medical big data privacy protection model, on the premise that the overall access control effect of the model is not reduced, the access response time is optimized in a targeted mode, the feedback acquisition time of an access request can be estimated and endured, and a new reference direction is provided for the automatic realization of access control in the field of electronic medical information.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to research how to protect the privacy of patients on the premise of ensuring the normal access of most doctors; how to shorten the response time of most doctor access requests.
The invention provides a health medical big data privacy protection method based on risk adaptive access control, which only comprises three modules: the system comprises an access request processing module, an authority management module and a limit calculation module. The access request module mainly processes a main body judgment flow after a user (doctor) submits an access request to the management system, and the access request of the user is judged by the access request module; the authority management module is expanded from Permissions elements in an original RBAC framework, adaptively adjusts the access authority of a user on the basis of the original authority, and solves the problem of protecting the privacy of a patient together with the access request processing module; the quota calculating module calculates corresponding data sent from the access request processing model, specifically calculates a numerical value of the corresponding access request after risk quantification, and the numerical value is called a risk quota value in the invention. The calculation process is separated, so that only the module for processing the access request determines the access response time, and the content of the module is a judgment step, so that the requirement on the calculation resource is limited, and the problem of shortening the response time of most doctor access requests is solved.
The invention provides the following technical scheme:
a health medical big data privacy protection method based on risk adaptive access control comprises the following 3 modules:
the system comprises an access request processing module, a permission management module and an amount calculation module.
Preferably, the access request processing module includes the following working steps:
(1) the management system receives a request of a user for accessing medical data;
(2) the management system verifies whether the user has the access right; if the verification is passed, turning to the step (3); otherwise, access is denied;
(3) the management system comprehensively verifies the access behavior of the user. If the verification is passed, the access is allowed, and go to
Step (4); otherwise, go to step (5);
(5) sending the access request to a computing module in the form of < factor _ id, task _ id > for processing;
sending the access request to a computing module in the form of < factor _ id, task _ id > for processing, and receiving an access risk value risk _ value of the access request in the form of < factor _ id, task _ id >, risk _ value > after processing; if the access risk value is smaller than the minimum risk limit, allowing the access; otherwise, refusing the access;
wherein, factor _ id is a doctor identifier, task _ id is a work identifier, and risk _ value is an access risk value.
Preferably, the rights management module includes the following working steps:
(1) calculating the access risk value, wherein information entropy is selected as a tool for quantifying the access risk value; h ave (d k ,t j ) Representing the mean entropy values of all physicians facing the same work target, based on thisTo measure a doctor d i Facing the work target t j An access limit generated at the time;
(2) and (3) calculating user classification and conformity, and dividing doctors into two categories according to the access behaviors of the doctors, wherein the first category of doctors only access medical data helpful to the current work, and compared with the second category of doctors, the access behaviors of the first category of doctors have lower confusion degree.
Preferably, the two types of doctors are distinguished by using the FCM algorithm, and the steps are as follows:
step 1: initializing the parameters to satisfy the formula
Figure BDA0003752713730000021
Q is a set of access limits;
x ij the definition is that after the set Q is preprocessed, an element of a new set X is obtained;
wherein Quota (d) i ,t j ) Is defined as follows: doctor d i At the completion of the work t j The access credit, its value and Risk (d) are generated i ,t j ) Equivalently, it is the subset of the set of access lines Q, quote (d) i ) An element of (a);
wherein i is defined as: doctor's serial number, its value is the integer, and the value range is: [1, n ];
wherein j is defined as: the work number, its value is an integer, and the value range is: [0,m ];
wherein m is i Is defined as follows: doctor d i The total work amount of (2) is an integer, and the value range is as follows: [0, + ∞];
Wherein m is defined as: the maximum work total of all doctors is max { m } 1 ,m 2 ,…,m n };
Wherein Quota (d) i ,t k ) Is defined as follows: doctor d i At the completion of the work t k Access limit generated by the time for traversing doctor d i All access limits of (1);
wherein k is defined as: the working number, its value is an integer, and the range of valuing is: [0,m ];
step 2: by the formula
Figure BDA0003752713730000031
Calculating a membership matrix U;
wherein, mu ij ∈[0,1]Denotes a sample X j Membership to each cluster;
X j is a sample of a physician, where j is defined as: doctor's serial number, its value is the integer, and the value range is: [1,n ]];
dist ij =||core i -X j The| | is the Euclidean distance between the ith clustering center and the jth data point;
where core is the cluster center, i is defined as: the cluster centers are numbered, the values of the cluster centers are integers, and the value ranges are as follows: [1,2];
j is defined as: the sample number is an integer and the value range is as follows: [1,n ];
wherein k is defined as: the cluster centers are numbered, the values of the cluster centers are integers, and the value ranges are as follows: [1,2];
fw belongs to [1, + - ] as fuzzy weighting index;
and 3, step 3: by the formula
Figure BDA0003752713730000032
Computing clustering center core i
Wherein n is defined as: the total number of samples is an integer, and the value range is as follows: [1, + ∞ ];
wherein j is defined as: the sample number, its value is an integer, and the range of taking the value is: [1,n ];
wherein i is defined as: the cluster centers are numbered, the values of the cluster centers are integers, and the value ranges are as follows: [1,2];
μ ij ∈[0,1]denotes a sample X j Membership to each cluster;
fw belongs to [1, + - ] as fuzzy weighting index;
and 4, step 4: by the formula
Figure BDA0003752713730000033
Calculating the FCM cost function if J (U, corrk) 1 ,core 2 ) If the change amount of (2) is smaller than the predetermined threshold value, the iteration is terminated; otherwise, returning to the step 2;
given threshold ε =1 × 10 -6
Wherein n is defined as: the total number of samples is an integer, and the value range is as follows: [1, + ∞ ];
wherein j is defined as: the sample number, its value is an integer, and the range of taking the value is: [1,n ];
wherein i is defined as: the cluster centers are numbered, the values of the cluster centers are integers, and the value ranges are as follows: [1,2];
ji is defined as: fuzzy C-means clustering objective function;
after iteration is finished, a fuzzy clustering center and a membership matrix of a doctor vector set X can be obtained, and a membership fuzzy group of each data point is judged, so that two types of doctors are distinguished; meanwhile, the value of the membership matrix U corresponding to the first class doctor is the coincidence degree simla between the corresponding user and the first class doctor.
Preferably, the credit calculation module comprises the following working steps:
(1) and (3) allocating risk limits: the maximum accumulative access limit of the user in the nth period is equal to Quota _ max (n) = mu + b sigma;
μ is Seq _ E ave σ is Seq _ E ave Standard deviation of (d);
Seq_E ave a sequence representing the average of all users producing a line of access during the last few cycles;
(2) quick access authentication:
for the user with the access right, when the simla is within the range of the corresponding group and the access limit is not excessive, the system firstly carries out risk assessment on the access through the user access request.
Preferably, n is defined as a cycle, one cycle time span being 3 days or 7 days, or 30 days.
The invention has the beneficial effects that: the health medical big data privacy protection model based on risk adaptive access control can autonomously decide whether to limit access according to the access behavior of a user, and protect the privacy of a patient by preventing the user from abusing access rights. The model is used for improving and reconstructing the existing classical access control model, the functions of the model are divided into three modules, and respective tasks are processed in parallel in the system. Because the response time of access control under large access amount is not considered in the existing model, the invention separates the calculation process in the access process and takes the calculation process as an independent quota calculation module to participate in parallel, so that the response time of user access is greatly reduced, and the overall performance of the model is improved. Measuring the chaos degree of user access through information entropy, and calling the value as an access limit; the users are classified into first-class doctors and second-class doctors through a fuzzy C-means algorithm, and meanwhile the coincidence degree simla obtained in the process influences the judgment of the system on the user access request. Compared with the similar model, the performance of the invention is 14 percent higher; the model provided by the invention optimizes the access response time and has the characteristic of quick response which is not possessed by the similar model.
Description of the drawings:
FIG. 1 is a diagram: the invention discloses a privacy protection model schematic diagram;
FIG. 2 is a diagram: an access request processing flow schematic diagram;
FIG. 3 is a diagram: a dataset normalization instance;
FIG. 4 is a diagram of: access to a quota and period example graph;
FIG. 5 is a diagram: accessing the value increment and frequency schematic diagram of the quota;
FIG. 6 is a diagram of: difference in conformity and tolerance;
Detailed Description
The present invention will be described in further detail with reference to specific embodiments.
The invention relates to a health care big data privacy protection method based on risk adaptive access control, which comprises the following 3 modules:
1. an access request processing module;
2. a rights management module;
3. and an amount calculating module.
1. Access request processing module
The access request processing module is mainly used for processing the access request of the user and giving a response of allowing access or denying access, and the specific processing steps are as follows:
(1) the management system receives a request from a user to access medical data.
(2) The management system verifies whether the user has access rights. If the verification is passed, turning to the step (3); otherwise, access is denied.
(3) And the management system comprehensively verifies the access behavior of the user. If the verification is passed, the access is allowed, and the step (4) is carried out; otherwise, go to step (5).
(4) And sending the access request to a computing module in a form of < factor _ id, task _ id > for processing.
(5) Sending the access request to a computing module in the form of < sector _ id, task _ id > for processing, and receiving an access risk value risk _ value of the access request in the form of < sector _ id, task _ id >, risk _ value > after processing. If the access risk value is smaller than the minimum risk limit, allowing the access; otherwise, the access is denied.
The authorization verification step is used for the current access authorization owned by the user initiating the request when the access request is generated; the details of the comprehensive verification will be described later.
2. Authority management module
2.1 interview Risk value calculation
In the privacy protection model based on risks, risks possibly generated by user access behaviors are used as a judgment basis to control the user access behaviors. Therefore, under the model provided by the invention, risk quantification is carried out on the access behavior of each user, namely, the risk value of each access is calculated. The calculation task in the quota calculation module is generated by the operation of the access request processing module, and the main purpose is to separate the calculation process from the verification process, so that the first class of users can obtain feedback only by simple verification during access. The sequence of processing the access risk value calculation task adopts the first-in first-out queue idea.
According to the method, the deviation degree of the concerned user individuals and the whole user group is taken as a basis for measuring the access risk, and the information entropy is specifically selected as a tool for quantifying the access risk value.
Let D be the set of physicians, any D i E is D represents a doctor individual; let T be the set of work targets, any T j E.T represents a specific work target, namely a specific illness state, and corresponds to the task _ id in the previous paragraph; let C be the set of medical record codes accessed by the doctor over the past period of time, any one of C k And e C represents the ICD code of the accessed medical record.
In the present invention, doctor d i A diagnosis for a patient is judged as a job t j Medical record c accessed by doctor for diagnosing patient's condition k Called doctor d i For the working target t j To access the medical record c k . For any d i ∈D,t j ∈T,S(d i ,c k |t j ) For a period of time past, doctor d i To work on the target t j And accessed sequence of medical record codes; for any d i ∈D,t j ∈T,c k ∈C,F(d i ,t j ,c k ) For doctor d i Over a period of time in the past, the medical record codes c k At S (d) i ,c k |t j ) The number of occurrences in (c). Doctor d i To work on the target t j Access code of c k The probability of the medical record of (a) is the following formula:
Figure BDA0003752713730000061
for a working target t j In other words, doctor d i To more accurately ascertain the patient' S condition, multiple medical records may be accessed, and the classification labels associated with the medical records, which may or may not be the same, are recorded in the label sequence S (d) i ,c k |t j ) In (d), P i ,c k |t j ) Is a working target t j Lower classification label c k Probability of occurrence, i.e. working target t j Corresponding classification label c k Number of occurrences, and S (d) i ,c k |t j ) The ratio of the total length of the sequence.
On the basis of which the uncertainty of the doctor's visit, i.e. the degree of confusion of the doctor's visit, i.e. doctor d, is calculated i Is a working target t j Selecting an information entropy formula of duration of illness:
Figure BDA0003752713730000062
H(d i ,t j ) Greater indicates doctor d i In the face of the work target t j The higher the degree of confusion of the next selection period. In the same way, calculate any doctor d k In the face of the work target t j Selecting disorder degree H (d) of disease duration k ,t j ). All doctors face the working target t j The average degree of confusion for the selected medical record is then expressed by the following equation.
Figure BDA0003752713730000063
At an average degree of disorder H ave (d k ,t j ) As a basis, with a doctor d i In the face of work t j The chaos contrast of the duration of the next selection is used as the doctor d i The access limit generated under the access action.
Risk(d i ,t j )=max{H(d i ,t j )-H ave (d k ,t j ),0}
Since doctors are a group with a certain professional threshold, whether the visit behavior meets the knowledge requirement principle is difficult to distinguish among other groups, so that the doctor can only distinguish by the personnel in the group, and the invention extends the scope to all the personnel in the group. H ave (d k ,t j ) Representing the average entropy of all doctors facing the same working target, and using this as a reference to measure d of a certain doctor i Facing the work target t j Access quota.
2.2 user Classification and conformity calculation
We classify doctors into two categories according to their access behavior, the first category of doctors only accessing medical data that is helpful to the current work, and the access behavior of the first category of doctors is less confusing than the second category of doctors. Doctor d is measured by information entropy i Facing the working target t j The access quota value generated in the process and the information entropy reflect the chaos degree of doctors in accessing the medical data, so the invention takes the access quota generated by the doctors as the standard of a clustering algorithm for distinguishing the first type of doctors from the second type of doctors. The invention selects fuzzy C-means (FCM) clustering algorithm to classify doctors, and the algorithm can divide the data set into corresponding number of clusters on the premise of known classification number.
Let Q be the access Quota set, whose size is n, any of quotes (d) i ) E Q denotes doctor d i The subset of access lines; for Quota (d) i ) Scale of m i Is provided with
Figure BDA0003752713730000071
Is m i Dimension vector of any one of
Figure BDA0003752713730000072
Numerical value of and
Figure BDA0003752713730000073
the same is true. However, there is Quota (d) i ),Quota(d j ) E.g. R, corresponding to scale m i ,m j The sizes are different, and FCM clustering needs to take a matrix form as an input, so that the set Q needs to be preprocessed.
After comprehensive consideration, the invention selects a strategy of using mean filling to process the set Q, and the vector set X = { X = 1 ,X 2 ,…,X n Which contains n physician's samples, for any one of which X i ={x 1i ,x 2i ,…,x mi Is an m-dimensional vector, where m = max { m } 1 ,m 2 ,…,m n There are:
Figure BDA0003752713730000074
at each element X of set X it After assignment, the FCM cluster is used as an input of the FCM cluster, that is, a new set obtained after mean filling is adopted for the set Q. An example of which is shown in figure 3.
The method comprises the steps that an access limit set processed by n doctors is used as an input set X, the n doctors are divided into two clusters according to the access limit under the condition that the n doctors are divided into a first type of doctors and a second type of doctors, namely, a vector set X is divided into two fuzzy groups, and a clustering center core is respectively solved, so that a value function of a non-similarity index is minimized.
And determining the degree of membership of each data point to 2 fuzzy groups by using the value in the interval [0,1], and forming a membership matrix U by using the sum of the membership degrees on each data point as 1.
Figure BDA0003752713730000081
The cost function of FCM is:
Figure BDA0003752713730000082
wherein mu ij ∈[0,1]Represents a sample X i Membership to each cluster. dist ij =||core i -X j The| | is the Euclidean distance between the ith clustering center and the jth data point; fw ∈ [1, + ]]Is a fuzzy weighted index. The clustering target is to find J (U, core) 1 ,core 2 ) And the membership degree matrix and the clustering center reach minimum values. To solve for J (U, core) 1 ,core 2 ) Using Lagrange multiplier method and formula
Figure BDA0003752713730000083
And the formula
Figure BDA0003752713730000084
Construct new functions
Figure BDA0003752713730000085
Wherein λ j ,
Figure BDA0003752713730000086
Is the n constrained lagrange multipliers of the following formula.
Figure BDA0003752713730000087
According to Lagrange multiplier method, after respectively obtaining derivatives and solving equations of membership and clustering center, J (U, core) can be known 1 ,core 2 ) The membership degree and the clustering center when the minimum value is reached meet the following conditions:
Figure BDA0003752713730000088
Figure BDA0003752713730000091
the specific implementation of using the FCM algorithm to distinguish between the two classes of physicians is as follows:
step 1: parameters are initialized to satisfy the formula
Figure BDA0003752713730000092
And 2, step: by the formula
Figure BDA0003752713730000093
And calculating a membership matrix U.
And step 3: by the formula
Figure BDA0003752713730000094
Computing clustering center core i
And 4, step 4: by the formula
Figure BDA0003752713730000095
Calculating the FCM cost function if J (U, core) 1 ,core 2 ) If the change amount of (2) is smaller than the predetermined threshold value, the iteration is terminated; otherwise, returning to the step 2.
After the iteration is finished, the fuzzy clustering center and the membership degree matrix of the doctor vector set X can be obtained, and the membership fuzzy group of each data point is judged, so that two types of doctors are distinguished. Meanwhile, the value of the membership matrix U corresponding to the first class doctor is the coincidence degree simla between the corresponding user and the first class doctor.
3. Limit calculation module
In the access request processing module, besides verifying the access authority of the user, the conformity degree simla between the user and the first type doctor, the doctor type and whether the access limit of the user is excessive or not need to be verified.
3.1 Allocation of Risk lines
The access limit of each user in a period is limited, which is taken as a means for restricting the user to access the specification, but the excessive restriction will cause the normal access behavior of most users to be affected, so the degree of the restriction needs to be reasonable.
Let Quota (n) be the access Quota accumulated for the nth cycle, let E ave (k) And generating a mean value of the access quota for all users (doctors) in the kth quota granting period. An example of which is shown in figure 4.
Seq _ E may be used assuming that reference is made to the case where the doctor generated the access limit in the last m cycles ave ={E ave (n-1),E ave (n-2),…,E ave (n-m) represents the sequence of the mean values of the access limit values generated by all users (doctors) in the latest m periods, and can be set as Seq _ E ave σ is Seq _ E ave Standard deviation of (2). Then:
Figure BDA0003752713730000101
Figure BDA0003752713730000102
Figure BDA0003752713730000103
assuming that the consumption of the access limit of the user (doctor) in different limit granting periods is normally distributed, and the relationship between the new value of the access limit and the frequency is shown in fig. 5, the maximum accumulative access limit of the user in the nth period is equal to Quota _ max (n) = μ + b σ. Wherein b is the maximum access limit coefficient.
3.2 quick Access authentication
The aim of the risk limit verification is to prevent the user from not following the requirement-aware principle as much as possible on the premise that the user has the access right. The invention introduces the concept of fuzzy system into the proposed model, so the coincidence degree is also used as a judgment element.
From the foregoing, it can be seen that the first category of doctors only access medical data that is helpful to the current work, which means that in most premises the management system does not pay much attention to the access behavior of the first category of doctors. Therefore, in the comprehensive verification process, the model provided by the invention sets different requirements on the compliance degree of two types of doctors, simla _ one is the minimum compliance degree allowed to be accessed by the first type of doctors, simla _ two is the minimum compliance degree allowed to be accessed by the second type of doctors, the value of simla _ two is greater than that of simla _ one, the difference between the simla _ two indicates the tolerance difference simla _ diff of the system to the two types of doctors, and the size of the difference directly influences the overall effect of the model, as shown in fig. 6.
For the user with access authority, when simla is in the range of the corresponding group and the access limit is not excessive, the system firstly carries out risk assessment on the access through the user access request, so the access is called as 'quick access'; correspondingly, the system firstly carries out risk verification and then decides whether the passed access is passed, and the verification process is similar to that of the existing model, so that the method is called as 'ordinary access'.
The comprehensive verification has two specific contents:
(1) checking whether the accumulated value of the access limit of the user at the current moment is excessive. If so, the verification fails.
(2) And acquiring the coincidence degree simla of the user at the current moment, and comparing the coincidence degree simla with the lowest coincidence degree value of the corresponding doctor category. If the simla of the current user is smaller than the contrast value, the verification fails.
When the verification contents of the two aspects are passed, the result of the quick access verification is set as pass.
Meanwhile, when the access limit is accumulated, the accumulated value of the access limit can be properly reduced or cancelled for the access request with the coincidence degree higher than a certain threshold.
The above description is only a partial embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are also included in the scope of the present invention.

Claims (6)

1. A health medical big data privacy protection method based on risk adaptive access control is characterized by comprising the following 3 modules:
an access request processing module;
a rights management module;
and the quota calculating module.
2. The method for protecting privacy of health care big data based on risk adaptive access control as claimed in claim 1, wherein the access request processing module includes the following working steps:
(1) the management system receives a request of a user for accessing the medical data;
(2) the management system verifies whether the user has the access right; if the verification is passed, the step (3) is carried out; otherwise, access is denied;
(3) the management system comprehensively verifies the access behavior of the user. If the verification is passed, allowing the access, and proceeding to the step (4); otherwise, go to step (5);
(4) sending the access request to a computing module in a form of < factor _ id and task _ id > for processing;
(5) sending the access request to a computing module in a form of < sector _ id, task _ id > for processing, and receiving an access risk value risk _ value of the access request in a form of < sector _ id, task _ id, risk _ value > after processing; if the access risk value is smaller than the minimum risk limit, allowing the access; otherwise, refusing the access;
wherein, vector _ id is doctor identification, task _ id is work identification, and risk _ value is access risk value.
3. The health care big data privacy protection method based on risk adaptive access control as claimed in claim 1, wherein the authority management module includes the following working steps:
(1) calculating the access risk value, wherein information entropy is selected as a tool for quantifying the access risk value; h ave (d k ,t j ) Represents the average entropy of all doctors facing the same work target, and measures a doctor d based on the average entropy i Facing the work target t j Access limit generated in time;
(2) and (3) calculating user classification and conformity, and dividing doctors into two categories according to the access behaviors of the doctors, wherein the first category of doctors only access medical data helpful to the current work, and compared with the second category of doctors, the access behaviors of the first category of doctors have lower confusion degree.
4. The method for protecting privacy of health care big data based on risk adaptive access control according to claim 3, wherein the two types of doctors in step (2) are differentiated by FCM algorithm, and the steps are as follows:
step 1: parameters are initialized to satisfy the formula
Figure FDA0003752713720000021
Q is a set of access limits;
x ij the definition is that after the set Q is preprocessed, an element of a new set X is obtained;
wherein Quota (d) i ,t j ) Is defined as: doctor d i At the completion of the work t j The access credit, its value and Risk (d) are generated i ,t j ) Equivalently, it is the subset of the set of access lines Q, quote (d) i ) An element of (1);
wherein i is defined as: the doctor numbers are integer numbers, and the value range is as follows: [1, n ];
wherein j is defined as: the work number, its value is an integer, and the value range is: [0,m ];
wherein m is i Is defined as follows: doctor d i The total work amount of (2) is an integer, and the value range is as follows: [0, + ∞];
Wherein m is defined as: the maximum total work amount of all doctors is max { m } 1 ,m 2 ,…,m n };
Wherein Quota (d) i ,t k ) Is defined as follows: doctor d i At the completion of work t k Access limit generated by the time for traversing doctor d i All access limits of (2);
wherein k is defined as: the work number, its value is an integer, and the value range is: [0,m ];
step 2: by the formula
Figure FDA0003752713720000022
Calculating a membership matrix U;
wherein, mu ij ∈[0,1]Denotes a sample X j Membership to each cluster;
X j is a sample of a doctor, where j is defined as: the doctor numbers are integer numbers, and the value range is as follows: [1,n ]];
dist ij =||core i -X j The | | | is the Euclidean distance between the ith clustering center and the jth data point;
where core is the cluster center, i is defined as: the cluster centers are numbered, the values of the cluster centers are integers, and the value ranges are as follows: [1,2];
j is defined as: the sample number is an integer and the value range is as follows: [1,n ];
wherein k is defined as: the cluster centers are numbered, the values of the cluster centers are integers, and the value ranges are as follows: [1,2];
fw belongs to [1, + - ] as fuzzy weighting index;
and 3, step 3: by the formula
Figure FDA0003752713720000023
Computing clustering center core i
Wherein n is defined as: the total number of samples is an integer, and the value range is as follows: [1, + ∞ ];
wherein j is defined as: the sample number is an integer and the value range is as follows: [1,n ];
wherein i is defined as: the cluster center is numbered, the value is an integer, and the value range is as follows: [1,2];
μ ij ∈[0,1]represents a sample X j Membership to each cluster;
fw belongs to [1, + - ] is a fuzzy weighting index;
and 4, step 4: by the formula
Figure FDA0003752713720000031
Calculating the FCM cost function if J (U, core) 1 ,core 2 ) If the amount of change of (2) is less than the predetermined threshold, the iteration is terminated; otherwise, returning to the step 2;
established threshold value epsilon =1 x 10 -6
Wherein n is defined as: the total number of samples is an integer, and the value range is as follows: [1, + ∞ ];
wherein j is defined as: the sample number is an integer and the value range is as follows: [1, n ];
wherein i is defined as: the cluster centers are numbered, the values of the cluster centers are integers, and the value ranges are as follows: [1,2];
ji is defined as: fuzzy C-means clustering objective function;
after iteration is finished, a fuzzy clustering center and a membership matrix of a doctor vector set X can be obtained, and a membership fuzzy group of each data point is judged, so that two types of doctors are distinguished; meanwhile, the numerical value corresponding to the first class doctor in the membership matrix U is the coincidence degree simla between the corresponding user and the first class doctor.
5. The method for protecting privacy of health care big data based on risk adaptive access control as claimed in claim 1, wherein the credit calculation module comprises the following working steps:
(1) allocating risk amount: the maximum accumulative access limit of the user in the nth period is equal to Quota _ max (n) = mu + b sigma;
μ is Seq _ E ave σ is Seq _ E ave Standard deviation of (d);
Seq_E ave a sequence representing the average of all the users who have generated the access quota in the last few cycles;
(2) quick access authentication:
for the user with the access right, when the simla is within the range of the corresponding group and the access limit is not excessive, the system firstly carries out risk assessment on the access through the user access request.
6. The method for protecting privacy of health care big data based on risk adaptive access control according to claim 5, wherein n is defined as a period, and a period time span is 3 days, 7 days, or 30 days.
CN202210845823.9A 2022-07-19 2022-07-19 Health medical big data privacy protection method based on risk adaptive access control Active CN115221555B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210845823.9A CN115221555B (en) 2022-07-19 2022-07-19 Health medical big data privacy protection method based on risk adaptive access control

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210845823.9A CN115221555B (en) 2022-07-19 2022-07-19 Health medical big data privacy protection method based on risk adaptive access control

Publications (2)

Publication Number Publication Date
CN115221555A true CN115221555A (en) 2022-10-21
CN115221555B CN115221555B (en) 2023-03-31

Family

ID=83611899

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210845823.9A Active CN115221555B (en) 2022-07-19 2022-07-19 Health medical big data privacy protection method based on risk adaptive access control

Country Status (1)

Country Link
CN (1) CN115221555B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116776389A (en) * 2023-08-15 2023-09-19 中电科大数据研究院有限公司 Medical industry data security supervision system based on block chain

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060155668A1 (en) * 2005-01-03 2006-07-13 Cerner Innovation, Inc. System and method for medical privacy management
CN113255006A (en) * 2021-06-16 2021-08-13 云南财经大学 Medical big data access control method based on evolutionary game

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060155668A1 (en) * 2005-01-03 2006-07-13 Cerner Innovation, Inc. System and method for medical privacy management
CN113255006A (en) * 2021-06-16 2021-08-13 云南财经大学 Medical big data access control method based on evolutionary game

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116776389A (en) * 2023-08-15 2023-09-19 中电科大数据研究院有限公司 Medical industry data security supervision system based on block chain
CN116776389B (en) * 2023-08-15 2023-11-24 中电科大数据研究院有限公司 Medical industry data security supervision system based on block chain

Also Published As

Publication number Publication date
CN115221555B (en) 2023-03-31

Similar Documents

Publication Publication Date Title
EP2438547B1 (en) Dynamic determination of access rights
WO2021159761A1 (en) Pathological data analysis method and apparatus, and computer device and storage medium
US10423803B2 (en) Smart suppression using re-identification risk measurement
Zhang et al. Joint optimization of AI fairness and utility: a human-centered approach
CN114861224B (en) Medical data system based on risk and UCON access control model
CN114300106A (en) Medical resource allocation method and device and electronic equipment
CN115221555B (en) Health medical big data privacy protection method based on risk adaptive access control
CN112259210B (en) Medical big data access control method and device and computer readable storage medium
CN112017042A (en) Resource quota determining method and device based on tweed distribution and electronic equipment
CN110472409B (en) Process management method and system based on white list mechanism
CN116186757A (en) Method for publishing condition feature selection differential privacy data with enhanced utility
Jiang et al. Risk and UCON-based access control model for healthcare big data
CN113066543B (en) Clinical research coordinator scheduling method, device, computer equipment and storage medium
US9063897B2 (en) Policy-based secure information disclosure
CN110957046A (en) Medical health case knowledge matching method and system
CN113742781B (en) K anonymous clustering privacy protection method, system, computer equipment and terminal
Vavilis et al. Role mining with missing values
CN112183861B (en) Method for predicting treatment cost based on lasso regression
CN113392385B (en) User trust measurement method and system in cloud environment
CN116665914B (en) Old man monitoring method and system based on health management
Chen Risk-based Access Control Model for Hospital Information Systems
CN116451190B (en) Data authority setting method based on Internet medical service system
CN117132242B (en) Electronic seal identity authority safety management method
CN112765579B (en) User identity identification method, device, equipment and storage medium
Bangroo et al. Comparative Study of Elastic Net Regression, Naive Bayes & Lasso Regression

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant