计算机科学 ›› 2020, Vol. 47 ›› Issue (2): 294-299.doi: 10.11896/jsjkx.181202256

• 信息安全 • 上一篇    下一篇

面向云端的安全高效的电子健康记录

屠袁飞,张成真   

  1. (南京工业大学计算机科学与技术学院 南京211816)
  • 收稿日期:2018-12-04 出版日期:2020-02-15 发布日期:2020-03-18
  • 通讯作者: 屠袁飞(yuanfeitu@163.com)
  • 基金资助:
    国家自然科学基金(61572263,61272084);江苏省高校自然科学研究重大项目(11KJA520002);高等学校博士学科点专项科研基金(20113223110003);中国博士后科学基金(2015M581794);江苏省博士后科研资助计划(1501023C)

Secure and Efficient Electronic Health Records for Cloud

TU Yuan-fei,ZHANG Cheng-zhen   

  1. (College of Computer Science and Technology,Nanjing University of Technology,Nanjing 211816,China)
  • Received:2018-12-04 Online:2020-02-15 Published:2020-03-18
  • About author:TU Yuan-fei,born in 1984,doctor of philosophy.His main research interests include the safety and access control of cloud computing;ZHANG Cheng-zhen,born in 1992.His main research interests in clude,the security of information.
  • Supported by:
    This work was supported by the National Natural Science Foundation of China (61572263, 61272084), Major Natural Science Research Projects in Colleges and University of Jiangsu Province (11KJA520002), Special Research Fund for Doctoral Discipline Points in College and Universities (20113223110003), China Postdoctoral Science Foundation (2015M591794), Jiangsu Postdoctoral Research Grant Scheme (1501023C).

摘要: 随着移动设备的发展和普及,基于体域网(Body Area Network,BAN)的电子健康记录正变得越来越流行。人们将从体域网中获取的医疗数据备份到云端,导致几乎任何地方的医疗人员都能够使用移动终端来访问用户的医疗数据。但是对于一些病患来说,这些医疗数据属于个人隐私,他们只想让拥有某些权限的人查看。文中提出了一种高效、安全的细粒度访问控制方案,不仅实现了授权用户对云存储中医疗数据的访问,而且还支持某些特权医生对记录进行修改。为了提高整个系统的效率,加入了先匹配再解密的手段,用于执行解密测试而不解密。此外,该方案将双线性配对操作外包给网关,而不会泄露数据内容,因此在很大程度上消除了用户的解密开销。性能评估显示所提解决方案在计算、通信和存储方面的效率得到了显著提高。

关键词: 电子健康记录, 访问控制, 体域网, 医疗数据, 隐私

Abstract: With the development and popularty of mobile devices,Electronic Health Record-based BAN is becoming more and more popular.People can back up the medical data acquired by the Body Area Network (BAN) to the cloud,which makes it possible for medical workers to accessed the user’s medical data using mobile terminals almost anywhere.However,for some patients,these medical data are personal privacy and they only wantto be accessed by someone with some rights.This paper proposed an efficient and secure fine-grained access control scheme,which not only enables authorized users to access medical data stored in the cloud,but also supports some privileged doctors to write records.In order to improve effciency of whole system,a method of matching before decryption is added to perform decryption tests without decryption.In addition,this scheme can outsource the bilinear pairing operation to the gateway without leaking the data content so that eliminates the user’s computation overhead.Performance evaluation shows that efficiency of proposed solution in computating,communication and storage has been significantly improved.

Key words: Access control, Body area network, Electronic health record, Medical data, Privacy

中图分类号: 

  • TP309.7
[1]LI M,YU S C,CAO N,et al.Authorized private keyword search over encrypted data in cloud computing[C]∥Proceedings of the 2011 31st International Conference on Distributed Computing Systems.Washington:IEEE Computer Society,2011:383-392.
[2]REZAEIBAGHA F,MU Y.Distributed clinical data sharing via dynamic access-control policy transformation[J].International Journal of Medical Informatics,2016,89(10):25-31.
[3]QIAN H L,LI J G,ZHANG Y C,et al.Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation[J].International Journal of Information Security.2015,14(6):487-497.
[4]AKINYELE J A,LEHMANN C U,GREEN M D,et al.Self-Protecting Electronic Medical Records Using Attribute-Based Encryption[J].Faculty Publications,2010,2011(10):1-20.
[5]LIU X J,XIA Y J,YAN W,et al.Secure and Efficient Querying over Personal Health Records in Cloud Computing[J].Neurocomputing,2018,274(24):99-105.
[6]SAHAI A,WATERS B.Fuzzy identity-based encryption[C]∥Proceedings of the 24th Annual International Conference on the Theory and Application of Cryptographic Techniques.Berlin:Springer,2005:457-473.
[7]GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]∥Proceedings of the 13th ACM Conference on Computer and Communications Security.New York,ACM,2006:89-98.
[8]ZHANG Y H,ZHENG D,DENG R H.Security and Privacy in Smart Health:Efficient Policy-Hiding Attribute-Based Access Control[J].IEEE Internet of Things Journal,2018,5(3):2130-2145.
[9]NARAYAN S,GAGNE M,SAFAVI-NAINI R.Privacy preserving EHR system using attribute-based infrastructure[C]∥Proceedings of the 2010 ACM Conference on Computer and Communications Security.NewYork:ACM,2010:47-52.
[10]XHAFA F,WANG J F,CHEN X F,et al.An efficient PHR service system supporting fuzzy keyword search and fine-grained access control[J].Soft Computing,2014,18(9):1795-1802.
[11]IBRAIMI L,ASIM M,PETKOVIC M.Secure Management of Personal Health Records by Applying Attribute-Based En-cryption[C]∥Proceedings of the 6th International Workshop on Wearable,Micro,and Nano Technologies for Personalized Health.Norway:IEEE,2011:71-74.
[12]AKINYELE J A,PAGANO M W,GREEN M D,et al.Securing electronic medical records using attribute-based encryption on mobile devices[C]∥Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices.New York:ACM,2011:75-86.
[13]EOM J,LEE D,LEE K.Patient-Controlled Attribute-Based Encryption for Secure Electronic Health Records System[J].Journal of Medical System,2016,40(12):253.
[14]LYNN B.Stanford Pairings-Based Crypto Library[OL].http://crypto.stanford.edu/ pbc/.
[15]BETHENCOURT J,SAHAI A,WATERS B.Ciphertext-policy attribute-based encryption[C]∥Proceedings of the 2007 IEEE Symposium on Security and Privacy.Washington:IEEE,2007:321-334.
[16]WATERS B.Ciphertext-policy attribute-based encryption:an expressive,efficient,and provably secure realization[C]∥Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography Conference on Public Key Crytography.Berlin:Springer,2011:53-70.
[17]HHENBERGER S,WATERS B.Attribute-based encryption with fast decryption[J].Public Key Cryptography,2013,7778(10):162-179.
[18]GREEN M,HOHENBERGER S,WATERS B.Outsourcing the Decryption of Abe Ciphertexts[C]∥Proceedings of the 20th USENIX Conference on Security.San Francisco:ACM,2011:34.
[1] 鲁晨阳, 邓苏, 马武彬, 吴亚辉, 周浩浩.
基于分层抽样优化的面向异构客户端的联邦学习
Federated Learning Based on Stratified Sampling Optimization for Heterogeneous Clients
计算机科学, 2022, 49(9): 183-193. https://doi.org/10.11896/jsjkx.220500263
[2] 郭鹏军, 张泾周, 杨远帆, 阳申湘.
飞机机内无线通信网络架构与接入控制算法研究
Study on Wireless Communication Network Architecture and Access Control Algorithm in Aircraft
计算机科学, 2022, 49(9): 268-274. https://doi.org/10.11896/jsjkx.210700220
[3] 汤凌韬, 王迪, 张鲁飞, 刘盛云.
基于安全多方计算和差分隐私的联邦学习方案
Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy
计算机科学, 2022, 49(9): 297-305. https://doi.org/10.11896/jsjkx.210800108
[4] 吕由, 吴文渊.
隐私保护线性回归方案与应用
Privacy-preserving Linear Regression Scheme and Its Application
计算机科学, 2022, 49(9): 318-325. https://doi.org/10.11896/jsjkx.220300190
[5] 王磊, 李晓宇.
基于随机洋葱路由的LBS移动隐私保护方案
LBS Mobile Privacy Protection Scheme Based on Random Onion Routing
计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077
[6] 黄觉, 周春来.
基于本地化差分隐私的频率特征提取
Frequency Feature Extraction Based on Localized Differential Privacy
计算机科学, 2022, 49(7): 350-356. https://doi.org/10.11896/jsjkx.210900229
[7] 王健.
基于隐私保护的反向传播神经网络学习算法
Back-propagation Neural Network Learning Algorithm Based on Privacy Preserving
计算机科学, 2022, 49(6A): 575-580. https://doi.org/10.11896/jsjkx.211100155
[8] 李利, 何欣, 韩志杰.
群智感知的隐私保护研究综述
Review of Privacy-preserving Mechanisms in Crowdsensing
计算机科学, 2022, 49(5): 303-310. https://doi.org/10.11896/jsjkx.210400077
[9] 阳真, 黄松, 郑长友.
基于区块链与改进CP-ABE的众测知识产权保护技术研究
Study on Crowdsourced Testing Intellectual Property Protection Technology Based on Blockchain and Improved CP-ABE
计算机科学, 2022, 49(5): 325-332. https://doi.org/10.11896/jsjkx.210900075
[10] 王美珊, 姚兰, 高福祥, 徐军灿.
面向医疗集值数据的差分隐私保护技术研究
Study on Differential Privacy Protection for Medical Set-Valued Data
计算机科学, 2022, 49(4): 362-368. https://doi.org/10.11896/jsjkx.210300032
[11] 李昊, 曹书瑜, 陈亚青, 张敏.
基于注意力机制的用户轨迹识别模型
User Trajectory Identification Model via Attention Mechanism
计算机科学, 2022, 49(3): 308-312. https://doi.org/10.11896/jsjkx.210300231
[12] 吕由, 吴文渊.
基于同态加密的线性系统求解方案
Linear System Solving Scheme Based on Homomorphic Encryption
计算机科学, 2022, 49(3): 338-345. https://doi.org/10.11896/jsjkx.201200124
[13] 孔钰婷, 谭富祥, 赵鑫, 张正航, 白璐, 钱育蓉.
基于差分隐私的K-means算法优化研究综述
Review of K-means Algorithm Optimization Based on Differential Privacy
计算机科学, 2022, 49(2): 162-173. https://doi.org/10.11896/jsjkx.201200008
[14] 金华, 朱靖宇, 王昌达.
视频隐私保护技术综述
Review on Video Privacy Protection
计算机科学, 2022, 49(1): 306-313. https://doi.org/10.11896/jsjkx.201200047
[15] 雷羽潇, 段玉聪.
面向跨模态隐私保护的AI治理法律技术化框架
AI Governance Oriented Legal to Technology Bridging Framework for Cross-modal Privacy Protection
计算机科学, 2021, 48(9): 9-20. https://doi.org/10.11896/jsjkx.201000011
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!