计算机科学 ›› 2020, Vol. 47 ›› Issue (2): 294-299.doi: 10.11896/jsjkx.181202256
屠袁飞,张成真
TU Yuan-fei,ZHANG Cheng-zhen
摘要: 随着移动设备的发展和普及,基于体域网(Body Area Network,BAN)的电子健康记录正变得越来越流行。人们将从体域网中获取的医疗数据备份到云端,导致几乎任何地方的医疗人员都能够使用移动终端来访问用户的医疗数据。但是对于一些病患来说,这些医疗数据属于个人隐私,他们只想让拥有某些权限的人查看。文中提出了一种高效、安全的细粒度访问控制方案,不仅实现了授权用户对云存储中医疗数据的访问,而且还支持某些特权医生对记录进行修改。为了提高整个系统的效率,加入了先匹配再解密的手段,用于执行解密测试而不解密。此外,该方案将双线性配对操作外包给网关,而不会泄露数据内容,因此在很大程度上消除了用户的解密开销。性能评估显示所提解决方案在计算、通信和存储方面的效率得到了显著提高。
中图分类号:
[1]LI M,YU S C,CAO N,et al.Authorized private keyword search over encrypted data in cloud computing[C]∥Proceedings of the 2011 31st International Conference on Distributed Computing Systems.Washington:IEEE Computer Society,2011:383-392. [2]REZAEIBAGHA F,MU Y.Distributed clinical data sharing via dynamic access-control policy transformation[J].International Journal of Medical Informatics,2016,89(10):25-31. [3]QIAN H L,LI J G,ZHANG Y C,et al.Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation[J].International Journal of Information Security.2015,14(6):487-497. [4]AKINYELE J A,LEHMANN C U,GREEN M D,et al.Self-Protecting Electronic Medical Records Using Attribute-Based Encryption[J].Faculty Publications,2010,2011(10):1-20. [5]LIU X J,XIA Y J,YAN W,et al.Secure and Efficient Querying over Personal Health Records in Cloud Computing[J].Neurocomputing,2018,274(24):99-105. [6]SAHAI A,WATERS B.Fuzzy identity-based encryption[C]∥Proceedings of the 24th Annual International Conference on the Theory and Application of Cryptographic Techniques.Berlin:Springer,2005:457-473. [7]GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]∥Proceedings of the 13th ACM Conference on Computer and Communications Security.New York,ACM,2006:89-98. [8]ZHANG Y H,ZHENG D,DENG R H.Security and Privacy in Smart Health:Efficient Policy-Hiding Attribute-Based Access Control[J].IEEE Internet of Things Journal,2018,5(3):2130-2145. [9]NARAYAN S,GAGNE M,SAFAVI-NAINI R.Privacy preserving EHR system using attribute-based infrastructure[C]∥Proceedings of the 2010 ACM Conference on Computer and Communications Security.NewYork:ACM,2010:47-52. [10]XHAFA F,WANG J F,CHEN X F,et al.An efficient PHR service system supporting fuzzy keyword search and fine-grained access control[J].Soft Computing,2014,18(9):1795-1802. [11]IBRAIMI L,ASIM M,PETKOVIC M.Secure Management of Personal Health Records by Applying Attribute-Based En-cryption[C]∥Proceedings of the 6th International Workshop on Wearable,Micro,and Nano Technologies for Personalized Health.Norway:IEEE,2011:71-74. [12]AKINYELE J A,PAGANO M W,GREEN M D,et al.Securing electronic medical records using attribute-based encryption on mobile devices[C]∥Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices.New York:ACM,2011:75-86. [13]EOM J,LEE D,LEE K.Patient-Controlled Attribute-Based Encryption for Secure Electronic Health Records System[J].Journal of Medical System,2016,40(12):253. [14]LYNN B.Stanford Pairings-Based Crypto Library[OL].http://crypto.stanford.edu/ pbc/. [15]BETHENCOURT J,SAHAI A,WATERS B.Ciphertext-policy attribute-based encryption[C]∥Proceedings of the 2007 IEEE Symposium on Security and Privacy.Washington:IEEE,2007:321-334. [16]WATERS B.Ciphertext-policy attribute-based encryption:an expressive,efficient,and provably secure realization[C]∥Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography Conference on Public Key Crytography.Berlin:Springer,2011:53-70. [17]HHENBERGER S,WATERS B.Attribute-based encryption with fast decryption[J].Public Key Cryptography,2013,7778(10):162-179. [18]GREEN M,HOHENBERGER S,WATERS B.Outsourcing the Decryption of Abe Ciphertexts[C]∥Proceedings of the 20th USENIX Conference on Security.San Francisco:ACM,2011:34. |
[1] | 鲁晨阳, 邓苏, 马武彬, 吴亚辉, 周浩浩. 基于分层抽样优化的面向异构客户端的联邦学习 Federated Learning Based on Stratified Sampling Optimization for Heterogeneous Clients 计算机科学, 2022, 49(9): 183-193. https://doi.org/10.11896/jsjkx.220500263 |
[2] | 郭鹏军, 张泾周, 杨远帆, 阳申湘. 飞机机内无线通信网络架构与接入控制算法研究 Study on Wireless Communication Network Architecture and Access Control Algorithm in Aircraft 计算机科学, 2022, 49(9): 268-274. https://doi.org/10.11896/jsjkx.210700220 |
[3] | 汤凌韬, 王迪, 张鲁飞, 刘盛云. 基于安全多方计算和差分隐私的联邦学习方案 Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy 计算机科学, 2022, 49(9): 297-305. https://doi.org/10.11896/jsjkx.210800108 |
[4] | 吕由, 吴文渊. 隐私保护线性回归方案与应用 Privacy-preserving Linear Regression Scheme and Its Application 计算机科学, 2022, 49(9): 318-325. https://doi.org/10.11896/jsjkx.220300190 |
[5] | 王磊, 李晓宇. 基于随机洋葱路由的LBS移动隐私保护方案 LBS Mobile Privacy Protection Scheme Based on Random Onion Routing 计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077 |
[6] | 黄觉, 周春来. 基于本地化差分隐私的频率特征提取 Frequency Feature Extraction Based on Localized Differential Privacy 计算机科学, 2022, 49(7): 350-356. https://doi.org/10.11896/jsjkx.210900229 |
[7] | 王健. 基于隐私保护的反向传播神经网络学习算法 Back-propagation Neural Network Learning Algorithm Based on Privacy Preserving 计算机科学, 2022, 49(6A): 575-580. https://doi.org/10.11896/jsjkx.211100155 |
[8] | 李利, 何欣, 韩志杰. 群智感知的隐私保护研究综述 Review of Privacy-preserving Mechanisms in Crowdsensing 计算机科学, 2022, 49(5): 303-310. https://doi.org/10.11896/jsjkx.210400077 |
[9] | 阳真, 黄松, 郑长友. 基于区块链与改进CP-ABE的众测知识产权保护技术研究 Study on Crowdsourced Testing Intellectual Property Protection Technology Based on Blockchain and Improved CP-ABE 计算机科学, 2022, 49(5): 325-332. https://doi.org/10.11896/jsjkx.210900075 |
[10] | 王美珊, 姚兰, 高福祥, 徐军灿. 面向医疗集值数据的差分隐私保护技术研究 Study on Differential Privacy Protection for Medical Set-Valued Data 计算机科学, 2022, 49(4): 362-368. https://doi.org/10.11896/jsjkx.210300032 |
[11] | 李昊, 曹书瑜, 陈亚青, 张敏. 基于注意力机制的用户轨迹识别模型 User Trajectory Identification Model via Attention Mechanism 计算机科学, 2022, 49(3): 308-312. https://doi.org/10.11896/jsjkx.210300231 |
[12] | 吕由, 吴文渊. 基于同态加密的线性系统求解方案 Linear System Solving Scheme Based on Homomorphic Encryption 计算机科学, 2022, 49(3): 338-345. https://doi.org/10.11896/jsjkx.201200124 |
[13] | 孔钰婷, 谭富祥, 赵鑫, 张正航, 白璐, 钱育蓉. 基于差分隐私的K-means算法优化研究综述 Review of K-means Algorithm Optimization Based on Differential Privacy 计算机科学, 2022, 49(2): 162-173. https://doi.org/10.11896/jsjkx.201200008 |
[14] | 金华, 朱靖宇, 王昌达. 视频隐私保护技术综述 Review on Video Privacy Protection 计算机科学, 2022, 49(1): 306-313. https://doi.org/10.11896/jsjkx.201200047 |
[15] | 雷羽潇, 段玉聪. 面向跨模态隐私保护的AI治理法律技术化框架 AI Governance Oriented Legal to Technology Bridging Framework for Cross-modal Privacy Protection 计算机科学, 2021, 48(9): 9-20. https://doi.org/10.11896/jsjkx.201000011 |
|