KR20130085501A - Device and method for extracting personal health care information, and method for verifying integrity of personal health care information - Google Patents

Device and method for extracting personal health care information, and method for verifying integrity of personal health care information Download PDF

Info

Publication number
KR20130085501A
KR20130085501A KR1020110133819A KR20110133819A KR20130085501A KR 20130085501 A KR20130085501 A KR 20130085501A KR 1020110133819 A KR1020110133819 A KR 1020110133819A KR 20110133819 A KR20110133819 A KR 20110133819A KR 20130085501 A KR20130085501 A KR 20130085501A
Authority
KR
South Korea
Prior art keywords
image data
medical image
data
personal
authentication code
Prior art date
Application number
KR1020110133819A
Other languages
Korean (ko)
Inventor
윤은준
유기영
박종태
Original Assignee
경북대학교 산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 경북대학교 산학협력단 filed Critical 경북대학교 산학협력단
Priority to KR1020110133819A priority Critical patent/KR20130085501A/en
Publication of KR20130085501A publication Critical patent/KR20130085501A/en

Links

Images

Classifications

    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • HELECTRICITY
    • H03ELECTRONIC CIRCUITRY
    • H03KPULSE TECHNIQUE
    • H03K19/00Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits
    • H03K19/20Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits characterised by logic function, e.g. AND, OR, NOR, NOT circuits
    • H03K19/21EXCLUSIVE-OR circuits, i.e. giving output if input signal exists at only one input; COINCIDENCE circuits, i.e. giving output only if all input signals are identical
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Physics (AREA)
  • Health & Medical Sciences (AREA)
  • Epidemiology (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Primary Health Care (AREA)
  • Public Health (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Medical Treatment And Welfare Office Work (AREA)

Abstract

An apparatus for extracting personal medical information, an extraction method, and an integrity verification method are provided. An apparatus for extracting personal medical information according to an embodiment of the present invention includes an image data restoration unit that separates binary merged data and second medical image data from input first medical image data, and converts the binary merged data into character string data. And a data extraction unit for extracting an authentication code value and personal medical information from the string data.

Description

DEVICE AND METHOD FOR EXTRACTING PERSONAL HEALTH CARE INFORMATION, AND METHOD FOR VERIFYING INTEGRITY OF PERSONAL HEALTH CARE INFORMATION}

The present invention relates to an apparatus for extracting personal medical information, an extraction method, and a method for verifying integrity, and more particularly, to extract personal medical information from a medical image in which individual medical information of a patient is hidden and verify the integrity of the extracted personal medical information. The present invention relates to an apparatus for extracting personal medical information, an extraction method, and an integrity verification method.

Steganography is a technology that hides confidential data in images and is widely used in the security technology field for multimedia media. In particular, the problems that password-based traditional authentication methods are vulnerable to hacking have been steadily found. As a research on secure communication methods, researches on the development of data hiding technology have been actively conducted in recent years, military and U-healthcare (Ubiquitous Heathcare) By hiding important information directly on the image in the medical field, there is an advantage to protect the information more secure.

Ubiquitous is a Latin word meaning that it exists anytime, anywhere. It refers to an information and communication environment in which a user can freely access a network regardless of a network or a computer. Recently, with the development of ubiquitous computing technology, there is an increasing demand for U-healthcare services that can monitor and manage patient information in real time anytime and anywhere.

Nevertheless, there are no services that provide information of patients while ensuring security in hospitals. In particular, since the patient's personal medical information includes medical history or medical prescription information that may invade privacy, such information may be misused when exposed to others.

In addition, the patient's information includes medical images such as CT information, MRI information, and X-ray information, which are taken in a medical institution such as a hospital, which is sometimes indistinguishable from or incompatible with another person's medical image. Problems may occur. In addition, a serious attack such as a deliberate change of an image manipulation may occur by a malicious attacker on a medical image stored as a digital image.

Therefore, there is a need to research and develop technologies for solving the above problems through a method of safely managing such image information and storing necessary information for the corresponding image.

In addition, there is a need for a technique for storing essential information in a corresponding image and extracting the stored essential information without damaging the image, and easily verifying whether the extracted personal medical information is damaged to an outsider.

The problem to be solved by the present invention conceived in this respect, to provide a personal medical information extraction apparatus and extraction method that can extract personal medical information from the medical image data hidden personal medical information without damage to the medical image data It is.

Another problem to be solved by the present invention is to verify whether the personal medical information extracted from the hidden medical image data is damaged or not, the integrity of the personal medical information that can easily determine whether the medical image data itself or forgery or tampering with the personal medical information It is to provide a verification method.

The objects of the present invention are not limited to the above-mentioned objects, and other objects not mentioned can be clearly understood by those skilled in the art from the following description.

In order to achieve the above object, the personal medical information extraction apparatus according to an embodiment of the present invention, the image data recovery unit for separating the binary merged data and the second medical image data from the input first medical image data, and the binary And a data extracting unit for converting merged data into string data, and a data extracting unit for extracting an authentication code value and personal medical information from the string data.

In accordance with another aspect of the present invention, an apparatus for extracting personal medical information includes an image data restoration unit for separating binary merged data and second medical image data from input first medical image data, an authentication code value, and the binary merged data. It includes a data extraction unit for extracting personal medical information.

In accordance with another aspect of the present invention, there is provided a method of extracting personal medical information, the method comprising: inputting first medical image data, separating binary merged data and second medical image data from the first medical image data, and receiving the binary data. Converting merged data into character string data; and extracting an authentication code value and personal medical information from the character string data.

In accordance with an aspect of the present invention, there is provided a method for verifying personal medical information integrity, the method comprising: inputting first medical image data, separating binary merged data and second medical image data from the first medical image data, and Converting binary merged data into string data; extracting an authentication code value and personal medical information from the string data; calculating an integrity authentication code value based on the personal medical information; Determining whether a value and the authentication code value are the same.

The details of other embodiments are included in the detailed description and drawings.

According to the personal medical information extraction apparatus, the extraction method and the integrity verification method of the present invention as described above, it is possible to extract the personal medical information from the medical image data hidden personal medical information without damaging the medical image data, hidden medical By verifying whether the personal medical information extracted from the image data is damaged, it is possible to easily determine whether the medical image data itself or the personal medical information is forged or tampered with.

1 is a block diagram showing the configuration of a personal medical information extraction apparatus according to an embodiment of the present invention.
FIG. 2 is a diagram illustrating an approximate extraction process of the extraction apparatus of FIG. 1.
3 is a diagram illustrating a process of verifying integrity of personal medical information extracted by the extracting apparatus of FIG. 1.
4 is an exemplary diagram of an original medical image before personal medical information is separated by the extracting apparatus of FIG. 1.
FIG. 5 is an exemplary diagram of a medical image after personal medical information is separated by the extracting apparatus of FIG. 1.
6 is a flowchart illustrating a method of extracting personal medical information according to an embodiment of the present invention.
7 is a flowchart illustrating a method for verifying personal medical information integrity according to an embodiment of the present invention.

Advantages and features of the present invention and methods for achieving them will be apparent with reference to the embodiments described below in detail with the accompanying drawings. The present invention may, however, be embodied in many different forms and should not be construed as being limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. Is provided to fully convey the scope of the invention to those skilled in the art, and the invention is only defined by the scope of the claims.

DETAILED DESCRIPTION Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. &Quot; and / or "include each and every combination of one or more of the mentioned items. ≪ RTI ID = 0.0 >

Although the first, second, etc. are used to describe various components, it goes without saying that these components are not limited by these terms. These terms are used only to distinguish one component from another. Therefore, it goes without saying that the first component mentioned below may be the second component within the technical scope of the present invention.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. In the present specification, the singular form includes plural forms unless otherwise specified in the specification. The terms " comprises "and / or" comprising "used in the specification do not exclude the presence or addition of one or more other elements in addition to the stated element.

Unless otherwise defined, all terms (including technical and scientific terms) used in the present specification may be used in a sense that can be commonly understood by those skilled in the art. Also, commonly used predefined terms are not ideally or excessively interpreted unless explicitly defined otherwise.

Hereinafter, embodiments of the present invention will be described with reference to the accompanying drawings.

1 to 5, a personal medical information extraction apparatus according to an embodiment of the present invention will be described.

Referring to FIG. 1, the apparatus for extracting personal medical information according to an embodiment of the present invention may include binary data (binData; Binary Data) and second medical image data from input steganographic information (SI). Image data reconstruction unit 110 for separating (OI; Original Information), data conversion unit 120 for converting the binary merge data (binData) into string data (strData), and authentication from the string data (strData) A data extractor 130 extracts a code value (HV) and a personal healthcare information (PHI).

Referring to FIG. 2, the image data reconstruction unit 110 analyzes the input first medical image data SI and extracts binary merged data hidden in the first medical image data SI. The second medical image data OI is generated from the data other than the binary merge data binData from the medical image data SI.

The first medical image data (SI) may include a color image or a black and white image. Representative examples of the medical image include magnetic resonance imaging (MRI), computed tomography (CT), and X-ray (CT). X-ray imaging) or the like.

The image data reconstructor 110 may calculate a second pixel value corresponding to the predetermined point of the first pixel value from the first pixel value of the predetermined point of the first medical image data SI input using a predetermined algorithm. In this process, the binary bit data may be calculated by extracting the one-bit hidden value included in the first pixel value of each point and combining the extracted hidden values.

When the first pixel value is expressed as (x, y), the second pixel value at the same position may be calculated as (x ', y'). Since the first pixel value (x, y) includes data divided into one bit of binary merge data (binData), the binary merge data (binData) is safely hidden in the first medical image data (SI). . From this, hidden data is extracted to form binary merge data (binData).

The image data reconstruction unit 110 may include the second medical image data (the second pixel values x ′ and y ′ calculated from the first pixel values x and y of the first medical image data SI). OI) is generated and separated. The second medical image data OI corresponds to original data of the medical image from which the personal medical information hidden from the first medical image data SI is excluded. As such, the image data restoration unit 110 may restore the original medical image from the input medical image.

Specifically, for example, the image data restoration unit 110 uses the DE (Difference Expansion) algorithm, which is a reversible data hiding algorithm, to conceal the personal medical information (PHI) of the patient in the medical image. The second medical image data OI may be separately restored.

When the second medical image data OI is generated from the first medical image data SI by the image data reconstruction unit 110 using the DE algorithm, it is expressed as follows.

Figure pat00001

Figure pat00002

Figure pat00003

Figure pat00004

In Equations 1 to 3, x and y represent pixel values at predetermined positions of the first medical image data SI, which is a medical image in which the personal medical information PHI is concealed, and x 'and y' represent the restored original. Represents a pixel value at the predetermined position of the second medical image data OI, which is a medical image, [] represents an integer floor operation, b represents hidden one-bit hidden values, and d Denotes an average value of the pixel value differences between two pixels x and y.

This process is repeatedly applied to the size of the first medical image data SI to extract hidden information included in all pixels. As a result, not only the second medical image data OI, which is the original image, can be completely restored, but also all of the inserted hidden information can be extracted and combined to calculate binary merge data (binData).

By such a process, the image data restoration unit 110 may extract the personal medical information PHI hidden in the first medical image data SI, and the personal medical information PHI may be extracted by another device. Because it is not extracted, it is possible to manage the patient's personal information (PHI), such as the patient's condition and medical prescription information, in the privacy-related patient medical image not to be exposed to the outside, and to manage the patient's personal medical information (PHI) and medical image in the future. It can prevent wrong medical prescription due to neglect.

That is, anyone can easily access personal health information (PHI) that can occur when personal health information (PHI) is managed separately from the medical image or stored in the metadata of the file header of the medical image, or directly modify the metadata. The deletion may be prevented from erroneously deforming the personal medical information (PHI).

The data converter 120 receives the binary merge data binData from the data extractor 130, and then converts the binary merge data binData into string data strData.

The data extractor 130 extracts the authentication code value HV and the personal medical information PHI based on the string data strData received from the data converter 120.

In some embodiments, after the configuration of the data converter 120 is omitted and the data extractor 130 receives the binary merge data (binData) directly from the image data recovery unit 110, the binary data (binData) from the binary data (binData) The authentication code value (HV) and personal medical information (PHI) may be extracted directly.

The process of inversely extracting the authentication code value HV and the personal medical information PHI from the string data strData by the data extracting unit 130 is expressed as follows.

Figure pat00005

In Equation 5, bin2str () is a function that converts data in a binary format into data in a string format, and || represents a join operator. As described above, the authentication code value HV and the personal medical information PHI may be directly extracted based on the binary merge data binData instead of the string data strData.

The personal medical information (PHI) may include a personal identification key, personal status information, and medical prescription information. That is, based on the personal identification key provided in the form of patient ID or patient number used to identify a patient in a medical institution such as a hospital, the patient's status information, that is, personal status information such as medical history, hospitalization period, current status, etc. It may include one or more of the prescription information, such as a prescription list, the prescription prescribed for the patient.

Referring to FIG. 3, the integrity determining unit 140 receives the authentication code value HV and the personal medical information PHI extracted from the data extracting unit 130 to extract the first medical image data SI and the extraction. Determine the integrity of the PHI.

The integrity determination unit 140 may generate an integrity authentication code value IHV (Integrity Hash Value) through a predetermined algorithm based on the personal medical information PHI extracted from the first medical image data SI. In this process, the integrity determination unit 140 may calculate the integrity authentication code value IHV using a predetermined secret key k and personal medical information PHI together. The predetermined secret key k is a key value that is shared only between predetermined users, and is used not only to extract personal medical information from medical image data including hidden personal medical information but also to conceal personal medical information in medical image data. Can be. The secret key k used to calculate the integrity authentication code value IHV may be limited to the same secret key k that was used to conceal the personal medical information PHI to the first medical image data SI. If the same secret key k is not entered, the integrity authentication code value IHV can be blocked.

As such, by sharing a secret key value between users, personal medical information (PHI) may be shared only between specific users.

In detail, the integrity determination unit 140 may calculate an integrity authentication code value (IHV) by using a Keyed-Hash Message Authentication Code (HMAC) algorithm.

Keyed-Hash Massage Authentication Code (HMAC) is an encryption method that generates a MAC using a hash function. In general, a hash function is a function that compresses a bitstream of an arbitrary length into a hash code that is a fixed length output value. Representative hash function is Secure Hash Algorithm (SHA-1), which receives input data of arbitrary length, separates a message, or makes a 512-bit unit using a 0 padding method. The process yields 160 bits of output and is resistant to most attacks.

When the integrity authentication code value IHV is generated by the integrity determination unit 140 using the HMAC, it is expressed as follows.

Figure pat00006

In Equation 6, PHI means personal medical information of an individual patient extracted from first medical image data, and HMAC represents a key-based cryptographic hash function.

The specific definition of the HMAC k () function in Equation 6 is as shown in the following equation.

Figure pat00007

In Equation 7, H () means cryptographic hash function, k o and k i are foreign key and internal key derived from secret key (k), and extra space is 0 to fit the block size of hash function. Filled with || is a concatenation operator, ∪ is an Exclusive Or (XOR) operation, and opad and ipad mean outer padding and inner padding, respectively.

In other words, the integrity determination unit 140 exclusively uses the external key (ko) and the internal key (ki) derived from the predetermined secret key (k) with the external padding and the internal padding, respectively, in units of bits. By performing an OR operation, the integrity authentication code value IHV may be derived.

The integrity authentication code value IHV determined as described above is compared with the authentication code value HV extracted from the data extracting unit 130. If the authentication code values are the same, the patient extracted from the first medical image data SI is identical. Personal health information (PHI) is determined to be error free and safe to use.

If the authentication code values are different from each other, it is determined that the first medical image data SI and / or the hidden personal medical information PHI are damaged due to manipulation or error.

Referring back to FIG. 1, for this purpose, the image data management unit discarding the first and second medical image data and / or the extracted personal medical information PHI when the integrity authentication code value IHV and the authentication code value HV are different. 160 may further include.

The controller 150 separately performs operations such as data transmission and reception and operation between the image data restoration unit 110, the data conversion unit 120, the data extraction unit 130, the integrity determination unit 140, and the image data management unit 160. In some embodiments, the controller 150 may be omitted, and the image data restorer 110, the data converter 120, the data extractor 130, the integrity determiner 140, and the image data manager 160 may be omitted. ) May be configured to directly transmit and receive data with each other.

4 and 5, the second medical image data OI, which is a restored original medical image, is pre-restored in which personal medical information PHI is concealed based on a peak signal-to-noise ratio (PSNR) measurement method. 1 may have a range of 30dB to 50dB compared to the medical image data (SI).

That is, the second medical image data (OI) and the first medical image data (SI) are compared to extract the hidden personal medical information (PHI), and then the quality of the restored original medical image is reduced. PSNR can be used as a measure of how acceptable to humans.

Based on the PSNR measurement, the quality of medical images that are generally acceptable for medical personnel to read the necessary information from the medical images is usually 30 dB or more, and it is not easy to distinguish whether the medical images are visually damaged.

PSNR refers to the ratio between the maximum output of the signal and the output of the error noise, which is typically used to measure the quality of reproduction of a lossy compression codec. When comparing compression codecs, PSNR is used to make inferences about human visual perception. This can be defined as the mean squared error (MSE) for images I and K of medical image size m 크기 n. The second medical image data OI is noise of the first medical image data SI and may be defined as in the following equation.

Figure pat00008

Figure pat00009

In Equations 8 and 9, MAXi refers to the maximum possible pixel value of the medical image. Typical values for PSNR in lossy video and video compression range from 30 dB to 50 dB. Larger PSNR numbers indicate higher quality medical images.

As shown in FIGS. 4 and 5, the difference between the quality of the actual image photograph of the second medical image data OI, which is the restored original medical image, and the first medical image data SI including the hidden data, is visually identified. This is impossible. In the illustrated example, the PSNR measurement shows 48.3691 dB, and the second medical image data (OI) of high quality close to 50 dB is restored.

That is, according to the apparatus for extracting personal medical information according to the present embodiment, there is no problem of deterioration in image quality between the original medical image data OI restored after the hidden personal medical information is extracted and the input medical image data SI. .

Hereinafter, a method of extracting personal medical information according to an embodiment of the present invention will be described with reference to FIG. 6. The method for extracting personal medical information according to the present embodiment includes inputting first medical image data (S102), separating binary merged data and second medical image data from the first medical image data (S104), and And converting the binary merged data into string data (S110), and extracting an authentication code value and personal medical information from the string data (S114).

First, the first medical image data (SI) is input (S102). The first medical image data (SI) may include a color image or a black and white image. Representative examples of the medical image may include magnetic resonance imaging (MRI), computed tomography (CT), and X-ray (CT). X-ray imaging) or the like.

Subsequently, binary merged data binData and second medical image data OI are separated from the first medical image data SI (S104). In this process, a hidden value is extracted from each pixel value of the first medical image data SI by using a difference expansion (DE) algorithm, which is a reversible data hiding algorithm, and the personal medical information PHI is extracted. Binary merge data (binData) including the can be generated, it is possible to generate and provide a second medical image data (OI) that is the original medical image from which the hidden information is excluded (S106).

The second medical image data OI may have a range of 30 dB to 50 dB compared to the first medical image data SI based on a peak signal-to-noise ratio (PSNR) measurement method. That is, the image quality may be maintained at a constant level without deterioration of the image quality of the medical image data before and after conversion.

Subsequently, the binary merge data (binData) is transmitted to the data converter (S108), and the binary merge data (binData) is converted into character string data (strData) (S110). In some embodiments, after the configuration of the data converter 120 is omitted and the data extractor 130 receives the binary merge data (binData) directly from the image data recovery unit 110, the binary data (binData) from the binary data (binData) The authentication code value (HV) and personal medical information (PHI) may be extracted directly.

The converted string data strData is transmitted to the data extracting unit (S112), and the data extracting unit may extract the authentication code value HV and the personal medical information PHI from the string data strData (S114).

The extracted authentication code value HV and / or personal medical information PHI may be transmitted to the integrity determination unit 140 for integrity verification (S116).

As described above, according to the extraction method of the present embodiment, the personal medical information can be extracted from the medical image data where the personal medical information is concealed without being damaged, and the image quality of the restored original image does not occur.

Hereinafter, a method for verifying personal medical information integrity according to an embodiment of the present invention will be described with reference to FIG. 7. In accordance with an embodiment of the present invention, a method of verifying personal medical information integrity includes inputting first medical image data (S102) and separating binary merged data and second medical image data from the first medical image data. (S104), converting the binary merged data into string data (S110), extracting an authentication code value and personal medical information from the string data (S114), and authenticating authentication based on the personal medical information. Calculating a code value (S208); and determining whether the integrity authentication code value and the authentication code value are the same (S210).

Until the step of extracting the authentication code value and the personal medical information from the string data (S114) is duplicated with the extraction method according to the previous embodiment, so duplicate description is omitted.

Subsequently, the extracted authentication code value HV and the personal medical information PHI are transmitted to the integrity determination unit 140 (S202 and S204).

Subsequently, a predetermined secret key k for use in generating an integrity authentication code value (IHV) may be input together at the time of integrity verification (S206). The predetermined secret key k is a key value that is shared only between predetermined users, and is used not only to extract personal medical information from medical image data including hidden personal medical information but also to conceal personal medical information in medical image data. Can be.

Subsequently, an integrity authentication code value (IHV) may be generated through a predetermined algorithm based on the personal medical information PHI and the secret key k extracted from the first medical image data SI ( S208). The secret key k used to calculate the integrity authentication code value IHV may be limited to the same secret key k that was used to conceal the personal medical information PHI to the first medical image data SI. If the same secret key k is not entered, the integrity authentication code value IHV can be blocked. As such, by sharing a secret key value between users, the PHI may be shared only between specific users. In detail, the integrity determination unit 140 may calculate an integrity authentication code value (IHV) by using a Keyed-Hash Message Authentication Code (HMAC) algorithm.

Subsequently, it is determined whether the calculated integrity authentication code value IHV and the received authentication code value HV are the same (S210). If the authentication code values are the same, the personal medical information (PHI) of the patient extracted from the corresponding first medical image data (SI) is determined to be error free, and thus the first and second medical image data (SI, OI) and the personal medical information Use PHI safely (S212).

If the authentication code values are different from each other, it is determined that the first medical image data SI and / or the hidden personal medical information PHI are damaged due to manipulation or error, and then the first image data management unit 160 determines that the first medical image data SI is damaged. And / or the second medical image data (SI, OI) and / or the personal medical information (PHI) are moved and then discarded (S214, S216).

As described above, according to the present exemplary embodiment, the personal medical information extracted from the hidden medical image data may be verified to easily determine whether the medical image data itself or the personal medical information is forged or tampered with.

While the present invention has been described in connection with what is presently considered to be practical exemplary embodiments, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, It will be understood. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive.

110: image data recovery unit
120: data conversion unit
130: data extraction unit
140: integrity determination unit
150:
160: image data management unit

Claims (25)

An image data restoration unit for separating binary merged data and second medical image data from the input first medical image data;
A data converter converting the binary merged data into character string data; And
And a data extracting unit for extracting an authentication code value and personal medical information from the string data. The method of claim 1,
And an integrity determination unit which calculates an integrity authentication code value based on the personal medical information, and determines whether the integrity authentication code value and the authentication code value are the same. The method of claim 2,
The integrity determination unit,
Personal medical information extraction device for calculating the integrity authentication code value using a keyed-hash message authentication code (HMAC) algorithm. The method of claim 2,
The integrity determination unit,
Personal medical information extraction device for calculating the integrity authentication code value using a predetermined secret key and the personal medical information together. 5. The method of claim 4,
The integrity determination unit,
And an exclusive logical OR operation for each of the external and internal keys derived from the predetermined secret key with the external padding and the internal padding. The method of claim 2,
And an image data management unit for discarding the first and second medical image data when the integrity authentication code value and the authentication code value are different from each other. The method of claim 1,
The image data restoration unit,
And extracting a hidden value and a second pixel value of a point corresponding to the predetermined point from the first pixel value of the predetermined point of the first medical image data. The method of claim 7, wherein
The image data restoration unit,
Personal medical information extraction device for separating the second medical image data consisting of the second pixel value. The method of claim 1,
The image data restoration unit,
An apparatus for extracting personal medical information that separates the second medical image data using a difference expansion (DE) algorithm. The method of claim 1,
The first medical image data and the second medical image data personal medical information extraction device comprising a black and white image. The method of claim 1,
The first medical image data has a range of 30dB to 50dB compared to the second medical image data based on the Peak Signal-to-noise ratio (PSNR) measurement method. The method of claim 1,
The personal medical information,
Personal medical information extraction device including a personal identification key, personal status information, medical prescription information. Inputting first medical image data;
Separating binary merged data and second medical image data from the first medical image data;
Converting the binary merged data into character string data; And
Extracting an authentication code value and personal medical information from the string data. The method of claim 13,
Separating the second medical image data,
And extracting a hidden value and a second pixel value of a point corresponding to the predetermined point from the first pixel value of the predetermined point of the first medical image data. 15. The method of claim 14,
Separating the second medical image data,
Personal medical information extraction method for separating the second medical image data consisting of the second pixel value. The method of claim 13,
Separating the second medical image data,
A personal medical information extraction method for separating the second medical image data using a difference expansion (DE) algorithm. The method of claim 13,
In the step of inputting the first medical image data,
The first medical image data is a personal medical information extraction method comprising a black and white image. The method of claim 13,
In the step of separating the second medical image data,
The first medical image data has a range of 30dB to 50dB compared to the second medical image data based on the Peak Signal-to-noise ratio (PSNR) measurement method. The method of claim 13,
In the step of extracting the personal medical information,
The personal medical information,
Personal medical information extraction method including personal identification key, personal status information, medical prescription information. Inputting first medical image data;
Separating binary merged data and second medical image data from the first medical image data;
Converting the binary merged data into character string data;
Extracting an authentication code value and personal medical information from the string data;
Calculating an integrity authentication code value based on the personal medical information; And
And determining whether the integrity authentication code value and the authentication code value are the same. 21. The method of claim 20,
Computing the integrity authentication code value,
Personal information integrity verification method for calculating the integrity authentication code value using a keyed-hash message authentication code (HMAC) algorithm. 21. The method of claim 20,
Computing the integrity authentication code value,
Personal information integrity verification method for calculating the integrity authentication code value using a predetermined secret key and the personal medical information together. The method of claim 22,
Computing the integrity authentication code value,
And an exclusive OR operation of each of the external and internal keys derived from the predetermined secret key with the external padding and the internal padding. 21. The method of claim 20,
And discarding the first and second medical image data when the integrity authentication code value and the authentication code value are different from each other. An image data restoration unit for separating binary merged data and second medical image data from the input first medical image data; And
And a data extracting unit for extracting an authentication code value and personal medical information from the binary merged data.
KR1020110133819A 2011-12-13 2011-12-13 Device and method for extracting personal health care information, and method for verifying integrity of personal health care information KR20130085501A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020110133819A KR20130085501A (en) 2011-12-13 2011-12-13 Device and method for extracting personal health care information, and method for verifying integrity of personal health care information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020110133819A KR20130085501A (en) 2011-12-13 2011-12-13 Device and method for extracting personal health care information, and method for verifying integrity of personal health care information

Publications (1)

Publication Number Publication Date
KR20130085501A true KR20130085501A (en) 2013-07-30

Family

ID=48995655

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020110133819A KR20130085501A (en) 2011-12-13 2011-12-13 Device and method for extracting personal health care information, and method for verifying integrity of personal health care information

Country Status (1)

Country Link
KR (1) KR20130085501A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104392178A (en) * 2014-12-05 2015-03-04 中国科学院上海微***与信息技术研究所 Using method of embedded system with data splitting and encrypting function
KR101720268B1 (en) * 2015-10-26 2017-03-27 (주)아이알엠 Medical Imaging Cloud Database Building and Reading Method for Protecting Patient Information

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104392178A (en) * 2014-12-05 2015-03-04 中国科学院上海微***与信息技术研究所 Using method of embedded system with data splitting and encrypting function
KR101720268B1 (en) * 2015-10-26 2017-03-27 (주)아이알엠 Medical Imaging Cloud Database Building and Reading Method for Protecting Patient Information
WO2017074017A1 (en) * 2015-10-26 2017-05-04 주식회사 아이알엠 Method for building cloud-based medical image database for protection of patient information and reading medical image therefrom
US11327943B2 (en) 2015-10-26 2022-05-10 Z-Emotion Co., Ltd. Method for building cloud-based medical image database for protection of patient information and reading medical image therefrom
US11893124B2 (en) 2015-10-26 2024-02-06 Irm Inc. Method for building cloud-based medical image database for protection of patient information and reading medical image therefrom

Similar Documents

Publication Publication Date Title
Sharma et al. Robust and secure multiple watermarking for medical images
Haddad et al. Joint watermarking-encryption-JPEG-LS for medical image reliability control in encrypted and compressed domains
Bouslimi et al. A joint encryption/watermarking system for verifying the reliability of medical images
Al‐Haj et al. Crypto‐based algorithms for secured medical image transmission
Nyeem et al. A review of medical image watermarking requirements for teleradiology
Viswanathan et al. A joint FED watermarking system using spatial fusion for verifying the security issues of teleradiology
Bouslimi et al. A crypto-watermarking system for ensuring reliability control and traceability of medical images
Usman et al. Using image steganography for providing enhanced medical data security
Thiyagarajan et al. Reversible dynamic secure steganography for medical image using graph coloring
Kannammal et al. Two level security for medical images using watermarking/encryption algorithms
Pavithra et al. A survey on the techniques of medical image encryption
WO2002037418A1 (en) Watermarking system and method for protecting a digital image from forgery or alteration
El-Shafai et al. Robust and efficient multi-level security framework for color medical images in telehealthcare services
Alexan et al. Iomt security: Sha3-512, aes-256, rsa and lsb steganography
Sharma et al. [Retracted] A Robust Image Encrypted Watermarking Technique for Neurodegenerative Disorder Diagnosis and Its Applications
Soualmi et al. A novel blind medical image watermarking scheme based on Schur triangulation and chaotic sequence
Pavithra et al. Developing security solutions for telemedicine applications: medical image encryption and watermarking
Velumani et al. A reversible blind medical image watermarking scheme for patient identification, improved telediagnosis and tamper detection with a facial image watermark
Ajili et al. Combining watermarking and encryption algorithm for medical image safe transfer: method based on DCT
KR101331201B1 (en) Cctv media secure transmission system and method thereof
Rawat et al. Natural share-based lightweight (n, n) single secret image sharing scheme using LSB stuffing for medical images
KR20130085501A (en) Device and method for extracting personal health care information, and method for verifying integrity of personal health care information
Alluhaidan Secure medical data model using integrated transformed paillier and klein algorithm encryption technique with elephant herd optimization for healthcare applications
Verma et al. Enhancing the Security of Medical Images in Telemedicine Using Region-based Crypto-Watermarking Approach
OKEDIRAN A security scheme for patient information Privacy in digital medical imaging

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment