CN112669921A - Medical data management method for realizing safety privacy - Google Patents

Medical data management method for realizing safety privacy Download PDF

Info

Publication number
CN112669921A
CN112669921A CN202011599769.1A CN202011599769A CN112669921A CN 112669921 A CN112669921 A CN 112669921A CN 202011599769 A CN202011599769 A CN 202011599769A CN 112669921 A CN112669921 A CN 112669921A
Authority
CN
China
Prior art keywords
medical data
ciphertext
data
intelligent contract
medical
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011599769.1A
Other languages
Chinese (zh)
Inventor
闫世杰
周凯
钟松延
孙文亮
周树言
岳云
甑平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Aerospace Science And Technology Network Information Development Co ltd
Original Assignee
Aerospace Science And Technology Network Information Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aerospace Science And Technology Network Information Development Co ltd filed Critical Aerospace Science And Technology Network Information Development Co ltd
Priority to CN202011599769.1A priority Critical patent/CN112669921A/en
Publication of CN112669921A publication Critical patent/CN112669921A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Medical Treatment And Welfare Office Work (AREA)

Abstract

The invention relates to a medical data management method for realizing safety and privacy, which comprises the following steps: when new data is generated, the data is encrypted into a ciphertext by using the public key; uploading the Hash value and the index information of the ciphertext to a block chain platform by a medical data owner; when a data demand party wants to acquire medical data of a user, triggering a medical data sharing request through an intelligent contract; the intelligent contract informs the medical data owner to participate in the data sharing transaction initiated by the demand party; the medical data owner acquires a position index of ciphertext storage from the block chain platform; the medical data owner generates a conversion key, and then the position index of the ciphertext and the conversion key are transmitted to the intelligent contract; the intelligent contract sends a request to the database system by using the position index of the ciphertext; the database system transmits the corresponding ciphertext to the intelligent contract; converting the ciphertext into a ciphertext encrypted by the public key of the medical data demander by using the conversion key; the data demand party can obtain the plaintext of the exchanged ciphertext by using private use.

Description

Medical data management method for realizing safety privacy
Technical Field
The invention relates to a medical data management technology, in particular to a medical data management method for realizing safety privacy.
Background
With the advent of the digital era, medical big data brings new gospel to the health of people. Although medical informatization is being promoted, many problems still exist at present and need to be solved. Firstly, the safety protection of clinical medical data from the whole life cycle of the acquisition, cleaning and pretreatment and data analysis processes is realized, the problem of data tampering possibly existing in the data circulation process is avoided, the cost of repeated review and verification of the data is reduced, and the safety and reliability of the medical clinical data are ensured. Actually, the medical clinical data has very sensitive private information of the patient, and when relevant data analysis is carried out, data desensitization treatment is needed to protect the private information of the patient; because the patient often has the treatment problem of crossing the hospital in different regions, the diagnosis data of the previous hospital can be used as the diagnosis reference of other hospitals, so that the problem of repeated diagnosis can be avoided, the medical resources are saved, and the medical cost of the patient is reduced. Most of information systems of the existing hospitals have barriers and become information islands, so that data sharing and utilization are difficult to realize, and meanwhile, great challenges are faced to perfection of privacy security in the data exchange and sharing processes.
In the block chain, a chain data structure is formed by combining data blocks in a sequential connection mode according to a time sequence, and a tamper-proof and counterfeit distributed decentralized database is guaranteed in a cryptographic mode. Thus, essentially the blockchain as a database technology and the data itself are perfectly matched, coupling levels are much higher than if the blockchain were combined with other domains. The characteristics of decentralization, anonymity, non-falsification, consensus mechanism and the like of the blockchain in the same time zone perfectly solve the problems of safety, privacy and sharing of medical data, not only can protect the privacy of patients, but also can give full play to the value of the medical data.
At present, a plurality of data transaction methods based on block chains are proposed, but the security and privacy protection of user medical data is not realized.
Disclosure of Invention
The present invention aims to provide a medical data management method for realizing safe privacy, which is used for solving the problems of the prior art.
The invention discloses a medical data management method for realizing safety privacy, which comprises the following steps: in the initialization phase of the invention, the user in the system firstly generates a private and public key pair of the user, and the medical data owner generates a private key skAAnd the public key pkAThe medical data demander synchronously generates the private key skBAnd the public key pkB(ii) a When the user generates new data during the hospital treatment, the public key sk is usedAEncrypting the data into a ciphertext, calculating a Hash value of the ciphertext, and uploading the ciphertext to a database system; the database system returns the position index information for storing the ciphertext to the medical data owner; uploading the Hash value and the index information of the ciphertext to a block chain platform by a medical data owner; when a data demand party wants to acquire medical data of a user, triggering a medical data sharing request through an intelligent contract; the intelligent contract informs the medical data owner to participate in the data sharing transaction initiated by the demand party; the medical data owner acquires a position index of ciphertext storage from the block chain platform; the medical data owner generates a conversion key, and then the position index of the ciphertext and the conversion key are transmitted to the intelligent contract; the intelligent contract sends a request to the database system by using the position index of the ciphertext; the database system transmits the corresponding ciphertext to the intelligent contract; the intelligent contract converts the ciphertext into the public key pk of the medical data demander by using the conversion keyBAn encrypted ciphertext; data demander utilizes private skBPlaintext capable of obtaining exchange cipher text。
According to one embodiment of the medical data management method for achieving security and privacy, a medical data owner generates a conversion key of an agent re-encryption algorithm, and then the position index of the ciphertext and the conversion key are transmitted to an intelligent contract.
According to an embodiment of the medical data management method for realizing the security privacy, the intelligent contract is deployed on the block chain platform and serves as a role of an agent in an agent re-encryption algorithm, and when medical data need to be shared, a cipher text of a medical data owner is converted into a cipher text of a medical data demand party through a conversion key, so that the sharing of the medical data is completed.
According to an embodiment of the medical data management method for realizing safe privacy, the database system is used for storing encrypted medical data of users; and the block chain platform is used for storing the position index and the Hash value of the encrypted data stored in the database system by the user so as to ensure the traceability and integrity of the medical data of the user and support the execution of the intelligent contract.
According to an embodiment of the medical data management method for implementing security privacy, the method further includes: and storing the encrypted data position index and the Hash value on a block chain platform.
According to an embodiment of the medical data management method for implementing security and privacy, the architecture of the blockchain platform includes: the system comprises an application layer, a service interface layer, a platform management layer, a block chain bottom layer technology layer and a cloud platform layer from top to bottom in sequence.
According to one embodiment of the medical data management method for realizing the safety privacy, the blockchain platform is deployed in a cloud computing environment, and the cloud platform layer management provides user management, operation management, service management, data management and operation monitoring services; the application layer provides the realization of an application scene, and constructs a medical service system through a service docking API.
The method and the system can better realize privacy protection of medical data by introducing agent re-encryption and intelligent contract technologies.
Drawings
FIG. 1 is a schematic diagram of a blockchain;
FIG. 2 is a schematic diagram of an intelligent contract;
FIG. 3 is a proxy re-encryption process;
FIG. 4 is a diagram of a medical data management system implementing secure privacy;
fig. 5 is a diagram illustrating a basic technical architecture of a blockchain-based medical data management platform.
Detailed Description
In order to make the objects, contents, and advantages of the present invention clearer, the following detailed description of the embodiments of the present invention will be made in conjunction with the accompanying drawings and examples.
As shown in fig. 1, the blockchain is a decentralized distributed book, and may be simply understood as a distributed database distributed at various nodes around the world, where the database is formed by connecting blocks in time sequence, and the blocks record several transactions. It is based on cryptographic principles rather than credit, allowing any agreed party to pay directly without the involvement of a third party intermediary. Currently, mainstream blockchain platforms include bitcoin, Ethereum (Ethereum), hyper ledger (hyper ledger Fabric), and the like.
Fig. 2 is a schematic diagram of an intelligent contract, as shown in fig. 2, the intelligent contract: is a set of commitments (promises) defined in a digital form, which includes a protocol on which the contractual participants can execute the commitments, and once the relevant event is triggered, the node executes the code to update the general ledger (hedger), and currently the ether house is the most common platform for intelligent contracts.
As shown in FIG. 3, Proxy re-encryption is a key translation mechanism between ciphertexts in which a semi-trusted agent (Proxy) generates a translation key rk by Proxy authorizer AliceA→BTo use the public key pk of the authorizer AliceAThe encrypted ciphertext is transformed into the public key pk of Bob by the authorized person (Delegate)BIn the process of the encrypted ciphertext, the agent can not obtain the plaintext information of the data, so that the risk of data leakage is reduced. At present, the proxy re-encryption is matureE.g. ECIES, etc.
Note: a semi-trusted agent is one that is able to perform encryption protocols strictly as required, but may guess the clear content of the encrypted message with some information.
Fig. 4 is a diagram of a medical data management system for implementing security privacy, as shown in fig. 4, the main subjects include: (1) the database management system is mainly used for storing encrypted medical data of users; (2) the block chain platform is mainly used for storing a position index and a Hash value of encrypted data stored in a database by a user so as to ensure the traceability and integrity of medical data of the user and support the execution of an intelligent contract; (3) the intelligent contract is deployed on the block chain platform and serves as a role of a Proxy (Proxy) in a Proxy re-encryption algorithm, and when medical data need to be shared, a cipher text of a medical data owner is automatically converted into a cipher text of a medical data demand party through a conversion key, so that the sharing of the medical data is completed; (4) the medical data owner, usually a patient, encrypts and stores the diagnosed medical data in a database by using a public key of the medical data owner, and stores an encrypted data position index and a Hash value in a block chain; (5) the medical data demander, a hospital or third party institution, mines more valuable information by analyzing the patient's prior medical data.
In the initialization phase of the invention, the user in the system first generates a private and public key pair, i.e. the medical data owner generates a private key skAAnd the public key pkAThe medical data demander synchronously generates the private key skBAnd the public key pkB. The private key is kept secret, and the public key is disclosed to the outside.
The execution process of the invention is as follows:
when the user generates new data during the hospital treatment, the public key sk is usedAEncrypting the data into a ciphertext, calculating a Hash value of the ciphertext, and uploading the ciphertext to a database system;
the database returns the position index for storing the ciphertext to the medical data owner;
uploading the Hash value and the index information of the ciphertext to a block chain platform by a medical data owner;
when a data demand party wants to acquire medical data of a user, triggering a medical data sharing request through an intelligent contract;
the intelligent contract informs the medical data owner to participate in the data sharing transaction initiated by the demand party;
the medical data owner acquires a position index of ciphertext storage from the block chain platform;
the medical data owner generates a conversion key of the proxy re-encryption algorithm, and then the ciphertext index and the conversion key are transmitted to the intelligent contract;
the intelligent contract sends a request to the database by using the ciphertext storage index;
the database system transmits the corresponding ciphertext to the intelligent contract;
the intelligent contract converts the ciphertext into the public key pk of the medical data demander by using the conversion keyBAn encrypted ciphertext;
data demander utilizes private skBThe plaintext of the exchanged cipher text can be obtained.
The characteristics of decentralized, traceable and non-falsifiable block chain technology can ensure the safety and reliability of medical data; by adopting the agent re-encryption technology, the safe sharing process of the medical data can be realized on the premise of ensuring the privacy of the medical data, and a third party is prevented from obtaining the medical data; by means of the intelligent contract, automatic execution of the medical data sharing process can be guaranteed, manual intervention is avoided, data sharing efficiency can be improved, and safety and reliability in the data sharing process are guaranteed. Therefore, the medical data management method for realizing safety and privacy has a high application value.
From the development point of view, a blockchain platform capable of executing the intelligent contract needs to be constructed, the blockchain platform can be realized by adopting Ethereum or Fabric, the intelligent contract needs to support a proxy re-encryption algorithm, and the development of the intelligent contract is the most difficult in the development process.
The invention mainly develops a medical data management platform based on a block chain, and the basic technical architecture of the medical data management platform is as shown in fig. 5, and the medical data management platform comprises an application layer, a service interface layer, a platform management layer, a block chain bottom layer technical layer and a cloud platform layer from top to bottom in sequence. The platform is primarily deployed in a cloud computing environment. At the heart of this is the blockchain technology layer, which can be developed based on the current more mature Fabric architecture. The platform layer management provides services such as user management, operation management, service management, data management and operation monitoring. The top layer is the realization of an application scene, on the basis of a block chain service platform, a system meeting medical services, such as a medicine management system, an electronic medical record management system, an electronic data acquisition system and the like, is constructed through a service docking API, and the privacy safety and the value of clinical medical data are enabled to be realized through a block chain.
The block chain has the characteristics of (1) removing centralization, data non-tampering, traceability and the like, can realize the safety protection of the medical data of the user from the whole life cycle of the acquisition, cleaning and pretreatment and data analysis process, avoids the possible data tampering problem in the data circulation process, reduces the cost of repeated examination and verification of the data, and ensures the safety and reliability of the medical data. (2) By using the agent re-encryption and intelligent contract technology, the medical data sharing is automatically and efficiently realized on the premise of ensuring the privacy and the safety of the transaction data, the medical cost of a user is reduced, the use experience of the user is improved, and the data value is exerted.
The invention adopts a block chain and an agent re-encryption technology, provides a medical data management method for realizing safety privacy, realizes possible tampering and traceability of medical data by using the block chain, and ensures the full life cycle protection of the medical data; the password technology is utilized to ensure the safety and privacy of shared data, so that the data is really mastered in the hands of the user, the privacy protection of the user is enhanced, the data circulation sharing of the medical data of the user in a cross-hospital can be conveniently realized, the medical diagnosis cost is reduced, and the user experience is improved.
The invention has the advantages that: (1) the medical data ciphertext is stored under the chain by using the block chain, and only the Hash value and the position index of the ciphertext are stored on the chain, so that the integrity check of the data is ensured, and the expansion of the data on the chain is avoided; (2) the agent re-encryption technology is adopted, and the safe sharing of the data is realized on the premise of ensuring the safe storage of the medical data; (3) and the automatic execution of the data sharing process is realized through an intelligent contract, and the system operation efficiency is improved.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.

Claims (7)

1. A medical data management method for realizing safety privacy is characterized by comprising the following steps:
in the initialization phase of the invention, the user in the system firstly generates a private and public key pair of the user, and the medical data owner generates a private key skAAnd the public key pkAThe medical data demander synchronously generates the private key skBAnd the public key pkB
When the user generates new data during the hospital treatment, the public key sk is usedAEncrypting the data into a ciphertext, calculating a Hash value of the ciphertext, and uploading the ciphertext to a database system;
the database system returns the position index information for storing the ciphertext to the medical data owner;
uploading the Hash value and the index information of the ciphertext to a block chain platform by a medical data owner;
when a data demand party wants to acquire medical data of a user, triggering a medical data sharing request through an intelligent contract;
the intelligent contract informs the medical data owner to participate in the data sharing transaction initiated by the demand party;
the medical data owner acquires a position index of ciphertext storage from the block chain platform;
the medical data owner generates a conversion key, and then the position index of the ciphertext and the conversion key are transmitted to the intelligent contract;
the intelligent contract sends a request to the database system by using the position index of the ciphertext;
the database system transmits the corresponding ciphertext to the intelligent contract;
intelligent boxApproximately utilizes the conversion key to convert the ciphertext into the public key pk of the medical data demanderBAn encrypted ciphertext;
data demander utilizes private skBThe plaintext of the exchanged ciphertext may be obtained.
2. The medical data management method for achieving security and privacy as claimed in claim 1, wherein the medical data owner generates a conversion key of the proxy re-encryption algorithm, and then the position index of the ciphertext and the conversion key are passed to the smart contract.
3. The medical data management method for realizing security and privacy as claimed in claim 2, wherein the intelligent contract is deployed on a blockchain platform and serves as a role of an agent in an agent re-encryption algorithm, and when medical data needs to be shared, a cipher text of a medical data owner is converted into a cipher text of a medical data demand party through a conversion key, so that sharing of the medical data is completed.
4. The medical data management method for achieving secure privacy according to claim 1, wherein a database system for storing encrypted medical data of a user; and the block chain platform is used for storing the position index and the Hash value of the encrypted data stored in the database system by the user so as to ensure the traceability and integrity of the medical data of the user and support the execution of the intelligent contract.
5. The method for managing medical data with secure privacy as claimed in claim 1, further comprising: and storing the encrypted data position index and the Hash value on a block chain platform.
6. The method for managing medical data with secure privacy as claimed in claim 1, wherein the architecture of the blockchain platform comprises: the system comprises an application layer, a service interface layer, a platform management layer, a block chain bottom layer technology layer and a cloud platform layer from top to bottom in sequence.
7. The medical data management method for achieving safe privacy as claimed in claim 6, wherein a blockchain platform is deployed in a cloud computing environment, and cloud platform layer management provides user management, operation management, business management, data management and operation monitoring services; the application layer provides the realization of an application scene, and constructs a medical service system through a service docking API.
CN202011599769.1A 2020-12-29 2020-12-29 Medical data management method for realizing safety privacy Pending CN112669921A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011599769.1A CN112669921A (en) 2020-12-29 2020-12-29 Medical data management method for realizing safety privacy

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011599769.1A CN112669921A (en) 2020-12-29 2020-12-29 Medical data management method for realizing safety privacy

Publications (1)

Publication Number Publication Date
CN112669921A true CN112669921A (en) 2021-04-16

Family

ID=75410435

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011599769.1A Pending CN112669921A (en) 2020-12-29 2020-12-29 Medical data management method for realizing safety privacy

Country Status (1)

Country Link
CN (1) CN112669921A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114979210A (en) * 2022-05-23 2022-08-30 南通大学 Medical data sharing method based on block chain
WO2023246400A1 (en) * 2022-06-24 2023-12-28 郑州大学第一附属医院 Blockchain-based intelligent medical system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106682530A (en) * 2017-01-10 2017-05-17 杭州电子科技大学 Method and device for medical information sharing privacy protection based on blockchain technology
CN108063752A (en) * 2017-11-02 2018-05-22 暨南大学 A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology
CN108881160A (en) * 2018-05-07 2018-11-23 北京信任度科技有限公司 Medical treatment & health data managing method and system based on block chain intelligence contract
CN110289056A (en) * 2019-05-15 2019-09-27 杭州趣链科技有限公司 A kind of medical data shared system and method based on block chain
CN110400642A (en) * 2019-06-12 2019-11-01 梁胤豪 A kind of medical data shared system and design method based on block chain technology
CN110797099A (en) * 2019-10-28 2020-02-14 河北北方学院 Medical data sharing method and system based on block chain
CN111401503A (en) * 2020-04-15 2020-07-10 河北博影云一科技有限公司 Resident electronic health record card based on block chain and medical health system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106682530A (en) * 2017-01-10 2017-05-17 杭州电子科技大学 Method and device for medical information sharing privacy protection based on blockchain technology
CN108063752A (en) * 2017-11-02 2018-05-22 暨南大学 A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology
CN108881160A (en) * 2018-05-07 2018-11-23 北京信任度科技有限公司 Medical treatment & health data managing method and system based on block chain intelligence contract
CN110289056A (en) * 2019-05-15 2019-09-27 杭州趣链科技有限公司 A kind of medical data shared system and method based on block chain
CN110400642A (en) * 2019-06-12 2019-11-01 梁胤豪 A kind of medical data shared system and design method based on block chain technology
CN110797099A (en) * 2019-10-28 2020-02-14 河北北方学院 Medical data sharing method and system based on block chain
CN111401503A (en) * 2020-04-15 2020-07-10 河北博影云一科技有限公司 Resident electronic health record card based on block chain and medical health system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114979210A (en) * 2022-05-23 2022-08-30 南通大学 Medical data sharing method based on block chain
CN114979210B (en) * 2022-05-23 2024-05-07 南通大学 Medical data sharing method based on blockchain
WO2023246400A1 (en) * 2022-06-24 2023-12-28 郑州大学第一附属医院 Blockchain-based intelligent medical system

Similar Documents

Publication Publication Date Title
Yang et al. Lightweight break-glass access control system for healthcare Internet-of-Things
Chen et al. A blockchain-based preserving and sharing system for medical data privacy
CN102077545B (en) Personal security manager for ubiquitous patient monitoring
CN111324898B (en) Block chain-based electronic medical document dual-access control system
CN102882847B (en) Secure digital (SD)-password-card-based secure communication method of Internet of things healthcare service system
CN112349368A (en) Electronic health record authorization sharing and management system based on medical block chain
US20080028214A1 (en) Secure flash media for medical records
CN112669921A (en) Medical data management method for realizing safety privacy
CN112422522B (en) Medical data safety sharing method based on block chain
Annane et al. Blockchain based context-aware CP-ABE schema for Internet of Medical Things security
Buzachis et al. On the design of a blockchain-as-a-service-based health information exchange (BaaS-HIE) system for patient monitoring
Ahmid et al. An intelligent and secure health monitoring system based on agent
CN108959883A (en) A kind of network identity real name identification method based on quick response matrix code
Layouni et al. Privacy-preserving telemonitoring for ehealth
Shakor et al. Built-in encrypted health cloud environment for sharing COVID-19 data
CN114065261A (en) Block chain-based distributed trusted data sharing platform, method and system
CN114090510A (en) Method for constructing digital medical information storage and sharing architecture based on block chain
Yuan et al. B-SSMD: a fine-grained secure sharing scheme of medical data based on blockchain
Lawrence et al. Application of Biometric security in agent based hotel booking system-android environment
Sonya et al. An effective blockchain‐based smart contract system for securing electronic medical data in smart healthcare application
De Oliveira et al. Red Alert: break-glass protocol to access encrypted medical records in the cloud
JP2000293603A (en) Area medical information system and electronic patient card
BR102020009537A2 (en) INTELLIGENT IMMUNIZATION SYSTEM - REAL-TIME MANAGEMENT AND MONITORING
Farzana et al. Symmetric key-based patient controlled secured electronic health record management protocol
Yesmin Mobile Application for Secure Healthcare System

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination