计算机科学 ›› 2022, Vol. 49 ›› Issue (6A): 537-543.doi: 10.11896/jsjkx.220200139
陈彦冰1, 钟超然1, 周超然1, 薛凌妍1, 黄海平1,2
CHEN Yan-bing1, ZHONG Chao-ran1, ZHOU Chao-ran1, XUE Ling-yan1, HUANG Hai-ping1,2
摘要: 安全的跨域身份验证是保证医疗数据互联互通的关键,而现有的跨域认证模型大多依赖可信第三方,存在繁重的密钥管理开销和私钥托管问题,通过引入区块链和无证书认证技术,提出一种基于医疗联盟链的安全高效的跨域认证方案。采用哈希函数、数字签名等密码学技术实现对异域用户安全可靠的身份验证,并使用改进的实用拜占庭机制,保证在没有中心节点的情况下联盟中的医疗机构可以快速对验证结果达成一致。分析表明,在安全方面,该方案具有抵抗分布式攻击等安全属性;在效率方面,与已有跨域认证方案相比,该方案在计算开销上、通信开销上都有优势。
中图分类号:
[1] FENG J Y,WANG T,YU T T.A Secure Medical Data Sharing Scheme Based on Multi-clouds and Multi-chains Collaboration[J].Netinfo Security,2022,22(1):9-18. [2] YUAN C,ZHANG W F.EIMAKP:Heterogeneous cross do-main authenticated key agreement protocols in the EIM system[J].Arabian Journal for Science and Engineering,2017,42(8):3275-3287. [3] ZHANG W,WANG X,KHAN M K.A virtual bridge certificate authority-based cross-domain authentication mechanism for distributed collaborative manufacturing systems[J].Security and Communication Networks.2015,8(6):937-951. [4] DONG G,CHEN Y,FAN J,et al.Anonymous cross-domain authentication scheme for medical PKI system[C]//Anonymous cross-domain authentication scheme for medical PKI system.Proceedings of the ACM Turing Celebration Conference- China on- ACM TURC '19.1-7. [5] SHEN M,LIU H,ZHU L,et al.Blockchain-Assisted Secure Device Authentication for Cross-Domain Industrial IoT[J].IEEE Journal on Selected Areas in Communications,2020,PP(99):1-1. [6] YUAN C,ZHANG W,WANG X.EIMAKP:HeterogeneousCross-Domain Authenticated Key Agreement Protocols in the EIM System[J].Arabian Journal for Science and Engineering,2017,42(8):3275-3287. [7] LIEBEHERR J,DONG G.An overlay approach to data security in ad-hoc networks[J].Ad Hoc Networks,2007,5(7):1055-1072. [8] SUN Y,YU Y,LI X,et al.Batch Verifiable Computation with Public Verifiability for Outsourcing Polynomials and Matrix Computations[C]//Australasian Conference on Information Security and Privacy.2016:293-309. [9] ZHOU Z C,LI L S,LI Z H.Efficient cross-domain authentication scheme based on blockchain technology[J].Journal of Computer Applications,2018,38(2):316-320. [10] WANG W,HU N,LIU X.BlockCAM:A Blockchain-BasedCross-Domain Authentication Model[C]//2018 IEEE Third International Conference on Data Science in Cyberspace (DSC).IEEE,China,Guangzhou:2018:896-901. [11] MA X T,MA W P,LIU X X.A Cross Domain Authentication Scheme Based on Blockchain Technology[J].Acta Electronica Sinica,2018,46(11):2571-2579. [12] JIA X,HU N,SU S,et al.IRBA:An Identity-Based Cross-Domain Authentication Scheme for the Internet of Things[J].Electronics,2020,9(4):634. [13] LI G,WANG Y,ZHANG B,et al.Smart Contract-BasedCross-Domain Authentication and Key Agreement System for Heterogeneous Wireless Networks[J].Mobile Information Systems,2020(29):1-16. [14] BENJAMIN K,ANTHONY P,DZISOOP M.Heterogeneousidentity-based to certificateless online/offline signcryption[J].IJISET-International Journal of Innovative Science,Engineering &Technology,2015,2(12):472-484. [15] LI Y,CHEN W,CAI Z,et al.CAKA:a novel certificateless-based cross-domain authenticated key agreement protocol for wireless mesh networks[J].Wireless Networks,2016,22(8):2523-2535. [16] AMIN S U,HOSSAIN M S,MUHAMMAD G,et al.Cognitive Smart Healthcare for Pathology Detection and Monitoring[J].IEEE Access,2019,7:10745-1753. [17] HOSSAIN M S,MUHAMMAD G.Emotion-Aware Connected Healthcare Big Data Towards 5G[J].Internet of Things Journal,IEEE,2018,5(4):2399-2406. [18] LIU X,MA W.CDAKA:A Provably-Secure HeterogeneousCross-Domain Authenticated Key Agreement Protocol with Symptoms-Matching in TMIS[J].Journal of Medical Systems,2018,42(8):135. [19] ALI A,RAHIM H A,ALI J,et al.A Novel Secure Blockchain Framework for Accessing Electronic Health Records Using Multiple Certificate Authority[J].Applied Sciences,2021,11(21):9999. [20] DIFFIE W.New Direction in Cryptography[J].IEEE trans.In-form.Theory,1976,22:644-654. [21] DOUCEUR J R.The sybil attack[C]//International Workshop on Peer-to-Peer Systems.Springer,Berlin,Heidelberg,2002:251-260. [22] NAKAMOTO S.Bitcoin:A Peer-to-Peer Electronic Cash Sys-tem[J/OL].https://mronline.org/wp-content/uploads/2018/06/bitcoin.pdf. |
[1] | 袁昊男, 王瑞锦, 郑博文, 吴邦彦. 基于Fabric的电子病历跨链可信共享系统设计与实现 Design and Implementation of Cross-chain Trusted EMR Sharing System Based on Fabric 计算机科学, 2022, 49(6A): 490-495. https://doi.org/10.11896/jsjkx.210500063 |
[2] | 李博, 向海昀, 张宇翔, 廖浩德. 面向食品溯源场景的PBFT优化算法应用研究 Application Research of PBFT Optimization Algorithm for Food Traceability Scenarios 计算机科学, 2022, 49(6A): 723-728. https://doi.org/10.11896/jsjkx.210800018 |
[3] | 李素, 宋宝燕, 李冬, 王俊陆. 面向金融活动的复合区块链关联事件溯源方法 Composite Blockchain Associated Event Tracing Method for Financial Activities 计算机科学, 2022, 49(3): 346-353. https://doi.org/10.11896/jsjkx.210700068 |
[4] | 王日宏, 周航, 徐泉清, 张立锋. 用于联盟链的非拜占庭容错共识算法 Non-byzantine Fault Tolerance Consensus Algorithm for Consortium Blockchain 计算机科学, 2021, 48(9): 317-323. https://doi.org/10.11896/jsjkx.200600051 |
[5] | 毛瀚宇, 聂铁铮, 申德荣, 于戈, 徐石成, 何光宇. 区块链即服务平台关键技术及发展综述 Survey on Key Techniques and Development of Blockchain as a Service Platform 计算机科学, 2021, 48(11): 4-11. https://doi.org/10.11896/jsjkx.210500159 |
[6] | 江泽涛, 徐娟娟. 云环境下基于代理盲签名的高效异构跨域认证方案 Efficient Heterogeneous Cross-domain Authentication Scheme Based on Proxy Blind Signature in Cloud Environment 计算机科学, 2020, 47(11): 60-67. https://doi.org/10.11896/jsjkx.191100068 |
[7] | 周万锴, 龙敏. 基于区块链的环境监测数据安全传输方案 Secure Transmission Scheme for Environmental Monitoring Data Based on Blockchain 计算机科学, 2020, 47(1): 315-320. https://doi.org/10.11896/jsjkx.190100195 |
[8] | 夏奴奴, 杨晋吉, 赵淦森, 莫晓珊. 基于概率模型的云辅助的轻量级无证书认证协议的形式化验证 Formal Verification of Cloud-aided Lightweight Certificateless Authentication Protocol Based on Probabilistic Model 计算机科学, 2019, 46(8): 206-211. https://doi.org/10.11896/j.issn.1002-137X.2019.08.034 |
[9] | 陈子豪, 李强. 基于K-medoids的改进PBFT共识机制 Improved PBFT Consensus Mechanism Based on K-medoids 计算机科学, 2019, 46(12): 101-107. https://doi.org/10.11896/jsjkx.181002014 |
[10] | 梁贺君, 韩景倜. 基于区块链的云计算资源去中心化交易共识机制研究 Research on Decentralized Transaction Consensus Mechanism of Cloud Computing Resources Based on Block Chain 计算机科学, 2019, 46(11A): 548-552. |
|