计算机科学

计算机科学 ›› 2022, Vol. 49 ›› Issue (6A): 537-543.doi: 10.11896/jsjkx.220200139

• 信息安全 • 上一篇    下一篇

基于医疗联盟链的跨域认证方案设计

陈彦冰1, 钟超然1, 周超然1, 薛凌妍1, 黄海平1,2   

  1. 1 南京邮电大学计算机学院 南京 210023
    2 江苏省无线传感网高技术研究重点实验室 南京 210023
  • 出版日期:2022-06-10 发布日期:2022-06-08
  • 通讯作者: 黄海平(hhp@njupt.edu.cn)
  • 作者简介:(chenyanbing192022@163.com)
  • 基金资助:
    国家自然科学基金(62072252);江苏省研究生科研实践创新计划资助项目(KYCX210790);江苏省大学生创新创业训练计划项目(SZDG2021020)

Design of Cross-domain Authentication Scheme Based on Medical Consortium Chain

CHEN Yan-bing1, ZHONG Chao-ran1, ZHOU Chao-ran1, XUE Ling-yan1, HUANG Hai-ping1,2   

  1. 1 School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210023,China
    2 Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks,Nanjing 210023,China
  • Online:2022-06-10 Published:2022-06-08
  • About author:CHEN Yan-bing,born in 2000,undergraduate.Her main research interests include blockchain and information security.
    HUANG Hai-ping,born in 1981,Ph.D,professor,Ph.D supervisor,is a member of China Computer Federation.His main research interests include information security and data privacy in IoT.
  • Supported by:
    National Natural Science Foundation of China(62072252),Postgraduate Research & Practice Innovation Program of Jiangsu Province(KYCX210790) and Innovation and Entrepreneurship Training Program for College students of Jiangsu Province(SZDG2021020).

PDF (PC)

762

摘要: 安全的跨域身份验证是保证医疗数据互联互通的关键,而现有的跨域认证模型大多依赖可信第三方,存在繁重的密钥管理开销和私钥托管问题,通过引入区块链和无证书认证技术,提出一种基于医疗联盟链的安全高效的跨域认证方案。采用哈希函数、数字签名等密码学技术实现对异域用户安全可靠的身份验证,并使用改进的实用拜占庭机制,保证在没有中心节点的情况下联盟中的医疗机构可以快速对验证结果达成一致。分析表明,在安全方面,该方案具有抵抗分布式攻击等安全属性;在效率方面,与已有跨域认证方案相比,该方案在计算开销上、通信开销上都有优势。

关键词: 拜占庭容错算法, 跨域认证, 联盟链, 无证书认证

Abstract: Secure cross-domain authentication is the key to ensure the interconnection of medical data.Most of the existing cross-domain authentication models rely on trusted third parties,and there are heavy key management overhead and private key escrow problems.By introducing blockchain and certificateless authentication technology,a safe and efficient cross-domain authentication scheme based on medical consortium chain is proposed.Using hash function,digital signature and other cryptography technology to achieve safe and reliable authentication of foreign users,and using improved practical Byzantine mechanism to ensure that medical institutions in the alliance can quickly agree on the verification results without central nodes.The analysis shows that in terms of security,the scheme has security properties such as resistance to distributed attacks;in terms of efficiency,compared with the existing cross-domain authentication scheme,the scheme has advantages in computational overhead and communication overhead.

Key words: Byzantine fault tolerance algorithm, Certificateless certification, Consortium chain, Cross-domain authentication

中图分类号: 

  • TP309
[1] FENG J Y,WANG T,YU T T.A Secure Medical Data Sharing Scheme Based on Multi-clouds and Multi-chains Collaboration[J].Netinfo Security,2022,22(1):9-18.
[2] YUAN C,ZHANG W F.EIMAKP:Heterogeneous cross do-main authenticated key agreement protocols in the EIM system[J].Arabian Journal for Science and Engineering,2017,42(8):3275-3287.
[3] ZHANG W,WANG X,KHAN M K.A virtual bridge certificate authority-based cross-domain authentication mechanism for distributed collaborative manufacturing systems[J].Security and Communication Networks.2015,8(6):937-951.
[4] DONG G,CHEN Y,FAN J,et al.Anonymous cross-domain authentication scheme for medical PKI system[C]//Anonymous cross-domain authentication scheme for medical PKI system.Proceedings of the ACM Turing Celebration Conference- China on- ACM TURC '19.1-7.
[5] SHEN M,LIU H,ZHU L,et al.Blockchain-Assisted Secure Device Authentication for Cross-Domain Industrial IoT[J].IEEE Journal on Selected Areas in Communications,2020,PP(99):1-1.
[6] YUAN C,ZHANG W,WANG X.EIMAKP:HeterogeneousCross-Domain Authenticated Key Agreement Protocols in the EIM System[J].Arabian Journal for Science and Engineering,2017,42(8):3275-3287.
[7] LIEBEHERR J,DONG G.An overlay approach to data security in ad-hoc networks[J].Ad Hoc Networks,2007,5(7):1055-1072.
[8] SUN Y,YU Y,LI X,et al.Batch Verifiable Computation with Public Verifiability for Outsourcing Polynomials and Matrix Computations[C]//Australasian Conference on Information Security and Privacy.2016:293-309.
[9] ZHOU Z C,LI L S,LI Z H.Efficient cross-domain authentication scheme based on blockchain technology[J].Journal of Computer Applications,2018,38(2):316-320.
[10] WANG W,HU N,LIU X.BlockCAM:A Blockchain-BasedCross-Domain Authentication Model[C]//2018 IEEE Third International Conference on Data Science in Cyberspace (DSC).IEEE,China,Guangzhou:2018:896-901.
[11] MA X T,MA W P,LIU X X.A Cross Domain Authentication Scheme Based on Blockchain Technology[J].Acta Electronica Sinica,2018,46(11):2571-2579.
[12] JIA X,HU N,SU S,et al.IRBA:An Identity-Based Cross-Domain Authentication Scheme for the Internet of Things[J].Electronics,2020,9(4):634.
[13] LI G,WANG Y,ZHANG B,et al.Smart Contract-BasedCross-Domain Authentication and Key Agreement System for Heterogeneous Wireless Networks[J].Mobile Information Systems,2020(29):1-16.
[14] BENJAMIN K,ANTHONY P,DZISOOP M.Heterogeneousidentity-based to certificateless online/offline signcryption[J].IJISET-International Journal of Innovative Science,Engineering &Technology,2015,2(12):472-484.
[15] LI Y,CHEN W,CAI Z,et al.CAKA:a novel certificateless-based cross-domain authenticated key agreement protocol for wireless mesh networks[J].Wireless Networks,2016,22(8):2523-2535.
[16] AMIN S U,HOSSAIN M S,MUHAMMAD G,et al.Cognitive Smart Healthcare for Pathology Detection and Monitoring[J].IEEE Access,2019,7:10745-1753.
[17] HOSSAIN M S,MUHAMMAD G.Emotion-Aware Connected Healthcare Big Data Towards 5G[J].Internet of Things Journal,IEEE,2018,5(4):2399-2406.
[18] LIU X,MA W.CDAKA:A Provably-Secure HeterogeneousCross-Domain Authenticated Key Agreement Protocol with Symptoms-Matching in TMIS[J].Journal of Medical Systems,2018,42(8):135.
[19] ALI A,RAHIM H A,ALI J,et al.A Novel Secure Blockchain Framework for Accessing Electronic Health Records Using Multiple Certificate Authority[J].Applied Sciences,2021,11(21):9999.
[20] DIFFIE W.New Direction in Cryptography[J].IEEE trans.In-form.Theory,1976,22:644-654.
[21] DOUCEUR J R.The sybil attack[C]//International Workshop on Peer-to-Peer Systems.Springer,Berlin,Heidelberg,2002:251-260.
[22] NAKAMOTO S.Bitcoin:A Peer-to-Peer Electronic Cash Sys-tem[J/OL].https://mronline.org/wp-content/uploads/2018/06/bitcoin.pdf.
[1] 袁昊男, 王瑞锦, 郑博文, 吴邦彦.
基于Fabric的电子病历跨链可信共享系统设计与实现
Design and Implementation of Cross-chain Trusted EMR Sharing System Based on Fabric
计算机科学, 2022, 49(6A): 490-495. https://doi.org/10.11896/jsjkx.210500063
[2] 李博, 向海昀, 张宇翔, 廖浩德.
面向食品溯源场景的PBFT优化算法应用研究
Application Research of PBFT Optimization Algorithm for Food Traceability Scenarios
计算机科学, 2022, 49(6A): 723-728. https://doi.org/10.11896/jsjkx.210800018
[3] 李素, 宋宝燕, 李冬, 王俊陆.
面向金融活动的复合区块链关联事件溯源方法
Composite Blockchain Associated Event Tracing Method for Financial Activities
计算机科学, 2022, 49(3): 346-353. https://doi.org/10.11896/jsjkx.210700068
[4] 王日宏, 周航, 徐泉清, 张立锋.
用于联盟链的非拜占庭容错共识算法
Non-byzantine Fault Tolerance Consensus Algorithm for Consortium Blockchain
计算机科学, 2021, 48(9): 317-323. https://doi.org/10.11896/jsjkx.200600051
[5] 毛瀚宇, 聂铁铮, 申德荣, 于戈, 徐石成, 何光宇.
区块链即服务平台关键技术及发展综述
Survey on Key Techniques and Development of Blockchain as a Service Platform
计算机科学, 2021, 48(11): 4-11. https://doi.org/10.11896/jsjkx.210500159
[6] 江泽涛, 徐娟娟.
云环境下基于代理盲签名的高效异构跨域认证方案
Efficient Heterogeneous Cross-domain Authentication Scheme Based on Proxy Blind Signature in Cloud Environment
计算机科学, 2020, 47(11): 60-67. https://doi.org/10.11896/jsjkx.191100068
[7] 周万锴, 龙敏.
基于区块链的环境监测数据安全传输方案
Secure Transmission Scheme for Environmental Monitoring Data Based on Blockchain
计算机科学, 2020, 47(1): 315-320. https://doi.org/10.11896/jsjkx.190100195
[8] 夏奴奴, 杨晋吉, 赵淦森, 莫晓珊.
基于概率模型的云辅助的轻量级无证书认证协议的形式化验证
Formal Verification of Cloud-aided Lightweight Certificateless Authentication Protocol Based on Probabilistic Model
计算机科学, 2019, 46(8): 206-211. https://doi.org/10.11896/j.issn.1002-137X.2019.08.034
[9] 陈子豪, 李强.
基于K-medoids的改进PBFT共识机制
Improved PBFT Consensus Mechanism Based on K-medoids
计算机科学, 2019, 46(12): 101-107. https://doi.org/10.11896/jsjkx.181002014
[10] 梁贺君, 韩景倜.
基于区块链的云计算资源去中心化交易共识机制研究
Research on Decentralized Transaction Consensus Mechanism of Cloud Computing Resources Based on Block Chain
计算机科学, 2019, 46(11A): 548-552.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发