CN114422265B - Data access method and server - Google Patents
Data access method and server Download PDFInfo
- Publication number
- CN114422265B CN114422265B CN202210185340.0A CN202210185340A CN114422265B CN 114422265 B CN114422265 B CN 114422265B CN 202210185340 A CN202210185340 A CN 202210185340A CN 114422265 B CN114422265 B CN 114422265B
- Authority
- CN
- China
- Prior art keywords
- user
- data
- health data
- target health
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 68
- 230000036541 health Effects 0.000 claims abstract description 366
- 238000013475 authorization Methods 0.000 claims abstract description 51
- 230000004044 response Effects 0.000 claims abstract description 32
- 239000013598 vector Substances 0.000 claims description 146
- 238000010339 medical test Methods 0.000 claims description 48
- 238000012360 testing method Methods 0.000 claims description 15
- 238000004891 communication Methods 0.000 abstract description 11
- 239000008280 blood Substances 0.000 description 28
- 210000004369 blood Anatomy 0.000 description 28
- 230000008569 process Effects 0.000 description 26
- 230000036772 blood pressure Effects 0.000 description 18
- 238000010586 diagram Methods 0.000 description 15
- 238000012545 processing Methods 0.000 description 15
- 230000002093 peripheral effect Effects 0.000 description 10
- 230000001133 acceleration Effects 0.000 description 9
- 210000004556 brain Anatomy 0.000 description 9
- 210000004072 lung Anatomy 0.000 description 9
- LEHOTFFKMJEONL-UHFFFAOYSA-N Uric Acid Chemical compound N1C(=O)NC(=O)C2=C1NC(=O)N2 LEHOTFFKMJEONL-UHFFFAOYSA-N 0.000 description 8
- TVWHNULVHGKJHS-UHFFFAOYSA-N Uric acid Natural products N1C(=O)NC(=O)C2NC(=O)NC21 TVWHNULVHGKJHS-UHFFFAOYSA-N 0.000 description 8
- 229940116269 uric acid Drugs 0.000 description 8
- 238000004590 computer program Methods 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 7
- 210000002700 urine Anatomy 0.000 description 7
- WQZGKKKJIJFFOK-GASJEMHNSA-N Glucose Natural products OC[C@H]1OC(O)[C@H](O)[C@@H](O)[C@@H]1O WQZGKKKJIJFFOK-GASJEMHNSA-N 0.000 description 6
- 238000012790 confirmation Methods 0.000 description 6
- 239000008103 glucose Substances 0.000 description 6
- 230000003287 optical effect Effects 0.000 description 6
- 208000024891 symptom Diseases 0.000 description 6
- 238000013473 artificial intelligence Methods 0.000 description 3
- WQZGKKKJIJFFOK-VFUOTHLCSA-N beta-D-glucose Chemical compound OC[C@H]1O[C@@H](O)[C@H](O)[C@@H](O)[C@@H]1O WQZGKKKJIJFFOK-VFUOTHLCSA-N 0.000 description 3
- 201000010099 disease Diseases 0.000 description 3
- 208000037265 diseases, disorders, signs and symptoms Diseases 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 206010020772 Hypertension Diseases 0.000 description 2
- 210000000577 adipose tissue Anatomy 0.000 description 2
- 239000000919 ceramic Substances 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 2
- HVYWMOMLDIMFJA-DPAQBDIFSA-N cholesterol Chemical compound C1C=C2C[C@@H](O)CC[C@]2(C)[C@@H]2[C@@H]1[C@@H]1CC[C@H]([C@H](C)CCCC(C)C)[C@@]1(C)CC2 HVYWMOMLDIMFJA-DPAQBDIFSA-N 0.000 description 2
- 230000006835 compression Effects 0.000 description 2
- 238000007906 compression Methods 0.000 description 2
- 238000002591 computed tomography Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000033228 biological regulation Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000036760 body temperature Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 235000012000 cholesterol Nutrition 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 238000000586 desensitisation Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000003745 diagnosis Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000001788 irregular Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000007781 pre-processing Methods 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000006641 stabilisation Effects 0.000 description 1
- 238000011105 stabilization Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 239000010409 thin film Substances 0.000 description 1
- 238000012549 training Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Medical Informatics (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Medical Treatment And Welfare Office Work (AREA)
Abstract
The application discloses a data access method and a server, and belongs to the technical field of communication. The method comprises the following steps: receiving a data access request sent by a first user terminal, sending an access authorization request to a second user terminal, receiving an access authorization response sent by the second user terminal, encrypting the target health data by using encryption parameters of the second user according to the encryption grade of the target health data under the condition that the second user indicates that the second user has granted the authority of the first user terminal to access the target health data, sending ciphertext of the target health data and decryption parameters of the second user to the first user terminal, and decrypting and displaying the ciphertext of the target health data by the first user terminal through the decryption parameters. And when the first user terminal requests to access the target health data of the second user, sending the ciphertext of the target health data to the first user terminal through the authorization of the second user, wherein the ciphertext is not the plaintext of the target health data.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to a data access method and a server.
Background
The Internet has entered the big data era, and online education technology, online training technology and online consultation technology have been layered endlessly. In the on-line inquiry technique, a user transmits health data to a doctor, who makes a diagnosis based on the health data of the user. In addition to the doctor, other users may also view the user's health data. However, in transmitting the user's health data to a doctor or other user, the health data may be intercepted, maliciously forwarded, tampered with, etc., thereby causing the privacy of the user's health data to be exposed. Therefore, how to protect the privacy and security of the health data of the user during the data access process is a current urgent problem to be solved.
Disclosure of Invention
The application provides a data access method and a server, which can protect the privacy and safety of health data of a user in the data access process. The technical scheme is as follows:
in one aspect, a data access method is provided, the method including:
Receiving a data access request sent by a first user terminal, wherein the data access request is used for accessing target health data of a second user, the target health data is one type of health data in multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is positioned in the visible range of the target health data;
sending an access authorization request to a second user terminal, wherein the access authorization request is used for requesting the access authority of the target health data;
Receiving an access authorization response sent by the second user terminal, wherein the access authorization response is used for indicating whether the second user grants the first user terminal access to the target health data;
Encrypting the target health data by using the encryption parameters of the second user according to the encryption level of the target health data under the condition that the access authorization response indicates that the second user has granted the first user terminal access to the target health data;
And sending the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal, wherein the first user terminal is used for decrypting and displaying the ciphertext of the target health data through the decryption parameter.
In another aspect, there is provided a data access apparatus, the apparatus comprising:
the system comprises a first receiving module, a second receiving module and a first user terminal, wherein the first receiving module is used for receiving a data access request sent by the first user terminal, the data access request is used for accessing target health data of a second user, the target health data are one type of health data in multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data have a corresponding visible range, and the first user terminal is located in the visible range of the target health data;
the first sending module is used for sending an access authorization request to the second user terminal, wherein the access authorization request is used for requesting the access authority of the target health data;
The second receiving module is used for receiving an access authorization response sent by the second user terminal, wherein the access authorization response is used for indicating whether the second user grants the first user terminal access to the target health data;
The encryption module is used for encrypting the target health data according to the encryption grade of the target health data under the condition that the access authorization response indicates that the second user has granted the first user terminal access to the target health data;
And the second sending module is used for sending the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal, and the first user terminal is used for decrypting and displaying the ciphertext of the target health data through the decryption parameter.
In another aspect, a server is provided, the server comprising a receiver, a transmitter, and a processor;
The receiver is used for receiving a data access request sent by a first user terminal, the data access request is used for accessing target health data of a second user, the target health data is one type of health data in multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data;
The transmitter is used for transmitting an access authorization request to a second user terminal, wherein the access authorization request is used for requesting the access authority of the target health data;
The receiver is further configured to receive an access grant response sent by the second user terminal, where the access grant response is used to indicate whether the second user grants the first user terminal permission to access the target health data;
the processor is configured to encrypt the target health data using an encryption parameter of the second user according to an encryption level of the target health data if the access authorization response indicates that the second user has granted the first user terminal access to the target health data;
the transmitter is further configured to send the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal, where the first user terminal is configured to decrypt and display the ciphertext of the target health data according to the decryption parameter.
In another aspect, a first user terminal is provided that includes a transmitter, a receiver, a processor, and a display;
The transmitter is used for transmitting a data access request to a server, the data access request is used for accessing target health data of a second user, the target health data is one type of health data in multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data;
The receiver is configured to receive a ciphertext of the target health data and a decryption parameter of the second user, where the ciphertext of the target health data is obtained by encrypting, by the server, the target health data according to an encryption level of the target health data and using the encryption parameter of the second user when the second user has granted the first user terminal access to the target health data;
the processor is used for decrypting the ciphertext of the target health data through the decryption parameters;
the display is used for displaying the decrypted target health data.
In another aspect, a second user terminal is provided, the second user terminal comprising a receiver and a transmitter;
The receiver is configured to receive an access authorization request sent by a server, where the access authorization request is sent by the server when receiving a data access request sent by a first user terminal, the data access request is used to access target health data of a second user, the access authorization request is used to request access rights of the target health data, the target health data is one type of health data in multiple types of health data, the multiple types of health data is remote inquiry data of the second user, and the first user terminal is located in a visible range of the target health data;
The transmitter is configured to send an access grant response to the server, the access grant response being configured to indicate whether the second user grants the first user terminal permission to access the target health data.
In another aspect, a computer readable storage medium is provided, in which a computer program is stored, which computer program, when being executed by a processor, implements the steps of the data access method described above.
In another aspect, there is provided a computer program product comprising instructions which, when run on a computer, cause the computer to perform the steps of the data access method described above.
The technical scheme provided by the application has at least the following beneficial effects:
And when the first user terminal requests to access the target health data of the second user, sending the ciphertext of the target health data to the first user terminal through the authorization of the second user, wherein the ciphertext is not the plaintext of the target health data. In this way, target health data of the second user can be prevented from being intercepted, maliciously forwarded, tampered and the like. Moreover, different types of health data correspond to different encryption levels and different visible ranges, and only user terminals in the visible ranges can access the corresponding health data, so that encryption is performed according to the encryption levels of various types of health data, and encryption is not uniformly performed according to the highest encryption level, unnecessary encryption processes can be reduced, and data access performance is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a system architecture according to an embodiment of the present application;
FIG. 2 is a flow chart of a method for accessing data according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a fourth user interface provided by an embodiment of the present application;
FIG. 4 is a schematic illustration of a fifth user interface provided by an embodiment of the present application;
FIG. 5 is a schematic illustration of a sixth user interface provided by an embodiment of the present application;
FIG. 6 is a schematic diagram of a seventh user interface provided by an embodiment of the present application;
FIG. 7 is a schematic diagram of a data access flow provided by an embodiment of the present application;
Fig. 8 is a schematic structural diagram of a data access device according to an embodiment of the present application;
Fig. 9 is a schematic structural diagram of a user terminal according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of a server according to an embodiment of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the following detailed description of the embodiments of the present application will be given with reference to the accompanying drawings.
Before explaining the data access method provided by the embodiment of the present application in detail, the system architecture provided by the embodiment of the present application is described.
Referring to fig. 1, fig. 1 is a schematic diagram illustrating an architecture of a data access system according to an exemplary embodiment. The system comprises a first user terminal 101, a server 102 and a second user terminal 103, the first user terminal 101, the second user terminal 103 being communicatively connectable to the server 102. The communication connection may be a wired or wireless connection, which is not limited by the embodiments of the present application.
When the first user needs to access the target health data of the second user, the first user terminal 101 transmits a data access request to the server 102. After receiving the data access request sent by the first user terminal 101, the server 102 sends an access authorization request to the second user terminal 103, where the access authorization request is used to request access rights of the target health data. After receiving the access grant request sent by the server 102, the second user terminal 103 sends an access grant response to the server 102, where the access grant response is used to indicate whether the second user grants the first user terminal 101 access to the target health data. The server 102 receives the access authorization response sent by the second user terminal 103, and encrypts the target health data according to the encryption level of the target health data and using the encryption parameters of the second user to obtain the ciphertext of the target health data when the second user has granted the first user terminal 101 access to the target health data. Then, the server 102 transmits the ciphertext of the target health data and the decryption parameters of the second user to the first user terminal 101. After receiving the ciphertext of the target health data and the decryption parameter of the second user sent by the server 102, the first user terminal 101 decrypts the ciphertext of the target health data according to the decryption parameter, and displays the decrypted target health data.
The first user terminal 101 and the second user terminal 103 may be any electronic product that can perform man-machine interaction with a user through one or more manners such as a keyboard, a touch pad, a touch screen, a remote controller, a voice interaction or a handwriting device, for example, a PC (Personal Computer ), a mobile phone, a smart phone, a PDA (Personal digital assistant), a wearable device, a palm computer PPC (Pocket PC), a tablet computer, a smart car machine, a smart television, a smart speaker, etc.
The server 102 may be an independent server, a server cluster or a distributed system formed by a plurality of physical servers, a cloud server for providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs (Content Delivery Network, content delivery networks), basic cloud computing services such as big data and artificial intelligence platforms, or a cloud computing service center.
It should be understood by those skilled in the art that the above-mentioned first user terminal 101, server 102 and second user terminal 103 are only examples, and other user terminals or servers that are currently available or may be available in the future are also included in the scope of the embodiments of the present application and are incorporated herein by reference.
It should be noted that, the system architecture described in the embodiments of the present application is for more clearly describing the technical solution of the embodiments of the present application, and does not constitute a limitation on the technical solution provided by the embodiments of the present application, and those skilled in the art can know that, along with the evolution of the system architecture, the technical solution provided by the embodiments of the present application is equally applicable to similar technical problems.
The data access method provided by the embodiment of the application is explained in detail below.
Fig. 2 is a flowchart of a data access method according to an embodiment of the present application, please refer to fig. 2, and the method includes the following steps.
Step 201: the first user terminal sends a data access request to the server, wherein the data access request is used for accessing target health data of the second user, the target health data is one type of health data in multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data.
In some embodiments, the first user may access the target health data of the second user through the first user terminal. When the first user terminal detects the data access operation of the first user, a data access request is sent to the server, wherein the data access request carries the user identification of the first user, the user identification of the second user and the data identification of the target health data.
Since each type of health data has a corresponding visible range, only users within the visible range can view the health data, the server needs to determine whether the first user terminal is within the visible range of the target health data before the first user terminal accesses the target health data. If the first user terminal is within the visible range of the target health data, the server may provide the first user terminal with an access portal for the target health data such that the first user terminal may send a data access request for the target health data to the server through the access portal. If the first user terminal is not within the visible range of the target health data, the server does not provide the first user terminal with access to the target health data.
In some embodiments, when the first user terminal detects the data query operation of the first user, a data query request may be sent to the server, where the data query request carries a user identifier and a query keyword of the first user. After receiving the data query request sent by the first user terminal, the server queries based on the query keyword to obtain a plurality of health data. Then, based on the visible range of the plurality of health data and the user identification of the first user, at least one health data is determined, the at least one health data is all visible to the first user, and the at least one health data includes target health data. The server then provides the access entry for the at least one health data to the first user terminal. In this way, the first user terminal may send a data access request to the server through the access portal of the target health data.
The data query operation of the first user can be triggered by means of voice interaction, and can also be triggered by clicking operation of a data query button. For example, the first user triggers a data query operation by entering "query XX data" via voice.
The user identification is used to uniquely identify the user, and may be the user's number, nickname, avatar, etc., or a combination of these information. The data identification is used for uniquely identifying the data, and the data identification can be the number, the type and the like of the data, or can be obtained by combining the information.
The remote inquiry data of the second user includes basic data, inquiry data, home sign data, and medical examination data, that is, the above-mentioned multiple types of health data include basic data, inquiry data, home sign data, and medical examination data. The basic data refers to current basic information of the second user, such as age, sex, height, weight, BMI (Body Mass Index), location area, disease history, etc. of the second user. The inquiry data refers to data generated by the second user during the inquiry process, such as inquiry time, inquiry symptoms, inquiry conclusions, and the like. Of course, in practical applications, the inquiry data may also include other contents, which are not limited in this embodiment of the present application. The home sign data refers to sign data measured by the second user at home, such as blood pressure, blood glucose, uric acid, blood index, and the like. Medical test data refers to body data that a second user tests at a medical facility, such as blood norms, urine norms, brain CT (Computed Tomography, X-ray computed tomography), lung CT, and the like.
In some embodiments, the second user's base data, inquiry data, home sign data, and medical test data are obtained and stored locally for the server in advance. For example, the second user terminal may display a first user interface in which the second user inputs basic data, inquiry data, home sign data, and medical test data. The second user terminal acquires basic data, inquiry data, household sign data and medical examination data input by the second user, and sends the basic data, the inquiry data, the household sign data and the medical examination data of the second user to the server.
The multiple types of health data input by the second user in the first user interface can be in a text format or a chart format. When the multiple types of health data input by the second user in the first user interface are in the chart format, the second user terminal acquires the multiple types of health data input by the second user in the chart format and sends the multiple types of health data to the server. The server can analyze the received multi-type health data in the chart format to obtain the multi-type health data in the text format.
Since the home sign data refers to sign data measured by the second user at home, the server acquires home sign data in the above manner as an example. In other embodiments, the server may also obtain the home sign data in other ways. For example, after the user measures the home sign data by the instruments, the instruments may send the home sign data of the second user directly to the server. At the same time, these instruments may also send a prompt message to the second user terminal indicating that the instruments have sent the home sign data to the server. For example, the prompt message is "the data measured by the instrument belongs to the household sign data, and has been uploaded". That is, the second user's home is equipped with commonly used instruments such as a noninvasive blood meter, a body fat scale, a blood pressure meter, a three-in-one analyzer, a thermometer, etc., for measuring data of blood physiological parameters, body fat rate, blood pressure/heart rate, blood sugar/uric acid/total cholesterol, body temperature, etc., respectively. The second user measures the vital sign data using the instruments, and when the instruments detect that the measurement of the second user is completed, the home vital sign data is transmitted to the server.
Since the medical examination data refers to body data that the second user examines at the medical institution, the server acquires the medical examination data in the above-described manner is an example. In other embodiments, the server may also obtain medical test data in other ways. For example, the server may obtain medical verification data from a medical institution server. That is, the second user terminal displays the second user interface, the second user inputs basic information such as name, medical institution, hospital area, department, etc. in the second user interface, and the second user terminal transmits the basic information to the server. After receiving the basic information, the server transmits the basic information to the medical institution server, and the medical institution server acquires medical examination data corresponding to the basic information from the corresponding relation between the stored basic information and the medical examination data. The medical test data is then sent to a server.
Step 202: the server receives a data access request sent by the first user terminal and sends an access authorization request to the second user terminal, wherein the access authorization request is used for requesting access rights of target health data.
Although the target health data has a corresponding visible range, in order to improve the privacy and the security of the health data, after the server receives the data access request sent by the first user terminal, the server may further send an access authorization request to the second user terminal based on the user identifier of the second user carried by the data access request, where the access authorization request carries the user identifier of the first user, the role information of the first user, and the data identifier of the target health data. In this way, the second user may determine whether to grant the first user terminal access to the target health data. The role information of the first user is used for indicating whether the first user is a doctor, a family member of the second user or a stranger.
In some embodiments, for doctors, user identities of respective doctors are stored in the server, and for non-doctor users, associations between respective users are stored in the server. Therefore, after the server acquires the user identification of the first user, it may be determined whether the first user is a doctor. In the case where the first user is not a doctor, the association relationship between the first user and the second user may also be determined, thereby determining whether the first user is a family member or a stranger of the second user. In this way, the role information of the first user can be determined.
Step 203: the second user terminal receives the access authorization request sent by the server and sends an access authorization response to the server, wherein the access authorization response is used for indicating whether the second user grants the first user terminal access to the target health data.
In some embodiments, after the second user terminal receives the access authorization request sent by the server, the second user terminal may generate a prompt message based on the user identifier of the first user and the role information of the first user carried by the access authorization request, where the prompt message is used to prompt whether the second user grants the first user terminal access to the target health data. And when the second user terminal detects the confirmation operation of the second user, indicating that the second user grants the first user terminal permission to access the target health data. When the second user terminal detects the cancel operation of the second user, the second user terminal is indicated not to grant the first user terminal the right to access the target health data.
For example, the prompt message is "doctor a wishes to access your inquiry data, whether authorized", and when the second user terminal detects a confirmation operation of the second user, it indicates that the second user grants the first user terminal the right to access the target health data. When the second user terminal detects the cancel operation of the second user, the second user terminal is indicated not to grant the first user terminal the right to access the target health data.
The second user terminal may indicate whether the first user terminal is authorized to access the target health data by means of the access authorization response. For example, the access grant response includes a grant signal bit that is set indicating that the second user grants the first user terminal permission to access the target health data. Of course, it may also be indicated in other ways whether the first user terminal is authorized to access the rights of the target health data. Wherein the grant signal bit being set refers to setting the grant signal bit to a particular value. For example, the grant signal is set to 1.
Step 204: and the server receives an access authorization response sent by the second user terminal, and encrypts the target health data by using the encryption parameters of the second user according to the encryption grade of the target health data under the condition that the access authorization response indicates that the second user has granted the first user terminal access to the target health data.
The encryption parameters of the second user may include public parameters, an encryption private key and an encryption public key, but may also include other parameters. The encryption level of the target health data is used to indicate the number of times the target health data is encrypted, for example, when the encryption level of the target health data is the lowest level, the encryption level is used to indicate one time the target health data is encrypted. The encryption level is used to indicate that the target health data is encrypted twice when the encryption level of the target health data is one more level higher.
For example, the encryption parameters of the second user include a public parameter, an encryption private key, and an encryption public key, and the order of the encryption level from low to high is: a four-level encryption level, a three-level encryption level, a two-level encryption level, and a one-level encryption level. For convenience of description, the public parameter is denoted as PP, the encrypted private key is denoted as sk, the encrypted public key is denoted as pk, and the plaintext of the target health data is denoted as Info. Assuming that the encryption level of the target health data is a four-level encryption level, the ciphertext of the target health data may be represented by info_enc=enc (PP, sk, pk, info), that is, the plaintext of the target health data is encrypted once by the public parameter, the encryption private key, and the encryption public key. Assuming that the encryption level of the target health data is three-level encryption level, the ciphertext of the target health data may be represented by info_ ReEnc = ReEnc (PP, sk, pk, info_enc), that is, the target health data is encrypted once and then re-encrypted by the public parameter, the encryption private key, and the encryption public key. Assuming that the encryption level of the target health data is a secondary encryption level, the ciphertext of the target health data may be represented by info_ ReReEnc = ReReEnc (PP, sk, pk, info_ ReEnc), that is, the target health data is encrypted twice by the public parameter, the encryption private key, and the encryption public key and then re-encrypted. Assuming that the encryption level of the target health data is the primary encryption level, the ciphertext of the target health data may be represented by info_ REREREENC = REREREENC (PP, sk, pk, info_ ReReEnc), that is, the target health data is encrypted three times by the public parameter, the encryption private key, and the encryption public key and then re-encrypted.
In some embodiments, the server obtains a security parameter and an encrypted private key input by the second user, generates a public parameter of the second user based on the security parameter by using a hash algorithm, generates an encrypted public key of the second user based on the encrypted private key, and determines the public parameter, the encrypted private key and the encrypted public key as the encrypted parameter of the second user.
That is, when the second user terminal detects the setting operation of the second user, the second user terminal displays a third user interface, and the third user interface includes an input box corresponding to the security parameter and the encryption private key. The second user may enter the security parameters and the encrypted private key in an input box. And when the second user terminal detects the confirmation operation of the second user, the security parameters and the encryption private key input by the second user are sent to the server. Of course, in practical application, the security parameters and the encryption private key may also be input in different user interfaces, which is not limited in the embodiment of the present application.
The server adopts a hash algorithm, and common parameters of the second user are generated as an example. In other embodiments, the server may also generate the public parameters of the second user according to other algorithms. The public parameters of the second user include a security parameter, a primary encryption level, a secondary encryption level, a tertiary encryption level, and a quaternary encryption level. For convenience of description, the common parameter is denoted as PP, the security parameter is denoted as S, the primary encryption level is denoted as SL 1, the secondary encryption level is denoted as SL 2, the tertiary encryption level is denoted as SL 3, and the quaternary encryption level is denoted as SL 4. Namely pp= (S, SL 1,SL2,SL3,SL4). Of course, the common parameters may also include other parameters, which are not limited in this embodiment of the present application.
In addition, the server may generate the encrypted public key of the second user according to the related algorithm based on the encrypted private key, which is not limited in the embodiment of the present application.
In some embodiments, the server further needs to determine the encryption level of the target health data before encrypting the target health data using the encryption parameters of the second user according to the encryption level of the target health data. That is, the server converts the target health data of the second user into the corresponding feature vector to obtain a target health data vector of the second user, and determines a similarity of the second user and each of the plurality of reference users with respect to the target health data based on the target health data vector of the second user and the target health data vectors of the plurality of reference users to obtain a plurality of similarities. And then, the server ranks the plurality of similarities according to the sequence of the similarities from large to small to obtain a ranking result, determines the reference users corresponding to the first N similarities in the ranking result as candidate reference users, and acquires the encryption grade of the target health data of the candidate reference users to obtain N encryption grades. The server counts the number of each encryption level in the N encryption levels, and determines the encryption level with the largest number as the encryption level of the target health data of the second user.
For example, N is 20. At this time, the server determines the reference users corresponding to the first 20 similarities in the ranking result as candidate reference users, and acquires the encryption levels of the target health data of the candidate reference users, so as to obtain 20 encryption levels. The server counts the number of each of the 20 encryption levels (i.e., the frequency of occurrence of each encryption level), and determines the encryption level with the largest number as the encryption level of the target health data of the second user.
Based on the above description, the multiple types of health data of the second user include basic data, inquiry data, home sign data, and medical test data, and the target health data is one type of health data among the multiple types of health data. The target health data may therefore be basic data of the second user, may also be interview data of the second user, or may also be household sign data of the second user, and may of course also be medical examination data of the second user. The detailed implementation procedure of determining the encryption level of the target health data by the server in the above manner is different in different cases, and thus the following four cases will be divided into the following, and the above procedures will be described in detail, respectively.
In the first case, the target health data is the base data of the second user. The server may determine the encryption level of the base data of the second user according to the following steps (11) - (14).
(11) And the server converts the basic data of the second user into the corresponding feature vector so as to obtain the basic data vector of the second user.
Based on the above description, the second user's basic data includes age, gender, height, weight, BMI, location, history of disease, etc. For attribute information such as gender, region and disease history, the server stores the corresponding relation between the attribute information and the numerical value, so the server can acquire the numerical value corresponding to the attribute information from the corresponding relation between the stored attribute information and the numerical value based on the attribute information. Then, the basic data of the second user is converted into corresponding feature vectors.
For example, the value corresponding to sex male is 0, the value corresponding to sex female is1, and the value corresponding to sex unknown is 2; the corresponding value of the history of the hypertension is1, and the corresponding value of the history of the non-hypertension is 0; the number corresponding to the heart operation history is1, and the number corresponding to the heart operation history is 0.
(12) The server determines a distance between the base data vector of the second user and the base data vector of each of the plurality of reference users.
As an example, the server may determine a distance between the base data vector of the second user and the base data vector of each reference user according to the following formula (1).
Wherein in the above formula (1), d 2i represents a distance between the base data vector of the second user and the base data vector of the i-th reference user of the plurality of reference users, x 2j represents a j-th element in the base data vector of the second user, x ij represents a j-th element in the base data vector of the i-th reference user, and n represents the number of elements included in the base data vector.
The basic data vector of the reference user can be obtained by real-time preprocessing of the server. That is, when the server receives the base data uploaded by the reference user, the server directly converts the base data of the reference user into the corresponding feature vector to obtain the base data vector of the reference user. Or the basic data vector of the reference user can also be preprocessed by the server at fixed intervals. That is, the server stores the basic data of the reference user, and the server converts the stored basic data of the reference user into corresponding feature vectors at intervals to obtain basic data vectors of the reference user. Thus, the operation efficiency of the server can be improved.
It should be noted that the server should convert the basic data of the reference user into the corresponding feature vector before determining the encryption level of the basic data of the second user, so as to avoid that the time taken to process the basic data of the reference user is too long, which affects the efficiency of the server to determine the encryption level of the basic data of the second user. Moreover, before the server determines the encryption level of the basic data of the second user, the basic data of the reference user is converted into the corresponding feature vector, so that the similarity of the basic data between the second user and the reference user is conveniently determined.
(13) The server converts the distance between the base data vector of the second user and the base data vector of each reference user into the base data similarity between the second user and each reference user.
As an example, the server may convert the distance between the base data vector of the second user and the base data vector of each reference user into the base data similarity between the second user and each reference user according to the following formula (2).
SJ=1/(1+d2i) (2)
In the above formula (2), S J represents the basic data similarity between the second user and the i-th reference user, and d 2i represents the distance between the basic data vector of the second user and the basic data vector of the i-th reference user.
(14) The server determines the encryption level of the base data of the second user based on the similarity of the base data between the second user and each reference user and the encryption level of the base data of each reference user.
And the server sorts the plurality of basic data similarities according to the order of the basic data similarities from large to small so as to obtain a sorting result, and the reference users corresponding to the first N basic data similarities in the sorting result are determined as candidate reference users. Then, the server acquires the encryption levels of the basic data of the candidate reference users to obtain N encryption levels, counts the number of each encryption level in the N encryption levels, and determines the encryption level with the largest number as the encryption level of the basic data of the second user.
Of course, in practical applications, there may be a plurality of the maximum number of encryption levels. At this time, the highest encryption level among the plurality of highest encryption levels is determined as the encryption level of the base data of the second user. For example, N is 13, the number of primary encryptions in the 13 encryption levels is 5, the number of secondary encryptions is 3, and the number of tertiary encryptions is 5. The number of primary encryption is the same as and the maximum of the number of tertiary encryption, and the level of primary encryption is higher than the level of tertiary encryption, so that the encryption level of the basic data of the second user is determined to be primary encryption.
The server stores the corresponding relation between the user identification and the encryption level of the basic data, so after the server determines the candidate reference user, the server can acquire the encryption level of the basic data corresponding to the candidate reference user from the corresponding relation between the stored user identification and the encryption level of the basic data based on the user identification of the candidate reference user.
Since the base data of the second user represents the basic attribute of the second user, and the base data of the second user are all integers, the above manner is used for determining the greatest common divisor between the base data of the second user and the base data of the reference user. Therefore, the server can accurately determine the similarity of the basic data between the second user and each reference user in the above manner, and thus accurately determine the encryption level of the basic data of the second user.
In the second case, the target health data is the second user's inquiry data. The server may determine the encryption level of the second user's inquiry data according to the following steps (21) - (23).
(21) And the server converts the inquiry data of the second user into corresponding feature vectors so as to obtain inquiry data vectors of the second user.
Based on the above description, the second user's inquiry data includes inquiry time, inquiry symptoms, and inquiry conclusions. The server stores the correspondence between the inquiry symptoms, the inquiry conclusions and the numerical values, so the server can acquire the numerical values corresponding to the inquiry symptoms and the inquiry conclusions from the correspondence between the stored inquiry symptoms, inquiry conclusions and the numerical values based on the inquiry symptoms and the inquiry conclusions. Then, the inquiry data of the second user is converted into corresponding feature vectors.
(22) The server determines a query similarity between the second user and each of the reference users based on the query data vector of the second user and the query data vectors of the plurality of reference users.
As one example, the server may determine the query similarity between the second user and each reference user according to the following equation (3).
In the above formula (3), S W represents the similarity of the query between the second user and the i-th reference user, x 2j represents the j-th element in the query data vector of the second user, x ij represents the j-th element in the query data vector of the i-th reference user, and n represents the number of elements included in the query data vector.
The acquiring manner of the query data vector of the reference user is similar to that of the basic data vector of the reference user in the first case, so the relevant content of the first case may be referred to, and will not be described herein.
(23) The server determines an encryption level of the second user's inquiry data based on the inquiry similarity between the second user and each reference user and the encryption level of the inquiry data of each reference user.
The process of determining the encryption level of the query data of the second user by the server is similar to the process of determining the encryption level of the basic data of the second user in the first case, so the relevant content of the first case may be referred to and will not be described herein.
Since the query data of the second user is sparse, the similarity between the two vectors is determined by the cosine value of the included angle between the query data vector of the second user and the query data vector of the reference user. Therefore, the server can accurately determine the similarity of the inquiry between the second user and each reference user in the above manner, and thus accurately determine the encryption level of the inquiry data of the second user.
In a third case, the target health data is household sign data of the second user. The server may determine the encryption level of the second user's home sign data according to the following steps (31) - (34).
(31) And the server converts the household sign data of the second user into corresponding feature vectors so as to obtain household sign vectors of the second user.
Based on the above description, the household sign data of the second user includes blood pressure, blood glucose, uric acid, blood index, and the like. The home sign data correspond to specific values, so that the server can directly convert the home sign data of the second user into corresponding feature vectors to obtain home sign vectors of the second user.
(32) The server determines the similarity of the second user and each reference user with respect to the same category of sign data based on the home sign vector of the second user and the home sign vectors of the plurality of reference users.
In some embodiments, the server selects one reference user from the plurality of reference users, and determines the similarity of the second user to the selected reference user with respect to the same category of sign data according to steps (a 1) - (c 1) below until the similarity of the second user to each reference user with respect to the same category of sign data is determined.
(A1) The server acquires data elements measured by the first type of instrument and data elements measured by the second type of instrument from the home sign vector of the second user and the home sign vectors of the plurality of reference users to obtain a first group of sample data and a second group of sample data.
In some embodiments, the number of data elements measured with the first model of instrument and the number of data elements measured with the second model of instrument may be the same or different in the home sign vector of the second user and the home sign vectors of the plurality of reference users. In the same case, the first set of sample data and the second set of sample data may be obtained directly. In the case of non-uniformity, the number of data elements measured with the first model of instrument and the number of data elements measured with the second model of instrument may be determined to obtain the first number and the second number. And if the first number is smaller than the second number, determining the acquired data elements measured by the first type of instrument as a first group of sample data, and screening the first number of data elements from the acquired data elements measured by the second type of instrument to obtain a second group of sample data. At this time, the number of samples of the first set of sample data is the same as the number of samples of the second set of sample data.
The first model refers to an instrument model used when the second user measures the target sign data, the second model refers to an instrument model used when the selected reference user measures the target sign data, and the target sign data is any one sign data.
That is, any one of the vital sign data is selected as the target vital sign data from the family vital sign data. For example, the target sign data is blood pressure. The second user measures blood pressure using the first model of instrument and the selected reference user measures blood pressure using the second model of instrument. The server acquires blood pressure data measured by the first type of instrument from the stored plurality of home sign vectors as a first group of sample data, and acquires blood pressure data measured by the second type of instrument as a second group of sample data.
The first model and the second model may be the same or different. That is, the instrument model used by the second user to measure blood pressure data and the selected instrument model used by the reference user to measure blood pressure data may be the same or different. In the case where the first model and the second model are the same, the first set of sample data and the second set of sample data are the same. In the case where the first model and the second model are different, the first set of sample data and the second set of sample data may be the same or different.
(B1) The server determines a sample standard deviation of the first set of sample data, a sample standard deviation of the second set of sample data, and a sample covariance between the first set of sample data and the second set of sample data.
As one example, the server may determine the sample standard deviation of the first set of sample data and the sample standard deviation of the second set of sample data according to the following equation (4).
Wherein in the above formula (4), S 1、S2 represents the sample standard deviation of the first set of sample data and the sample standard deviation of the second set of sample data, respectively, X 1P represents the p-th sample data in the first set of sample data, X 2P represents the p-th sample data in the second set of sample data,Sample mean representing a first set of sample data,/>Representing the sample mean of the second set of sample data, and m represents the number of samples of the first set of sample data.
As one example, the server may determine a sample covariance between the first set of sample data and the second set of sample data according to equation (5) below.
Wherein in the above formula (5), cov (X 1,X2) represents the sample covariance between the first set of sample data and the second set of sample data, X 1P represents the p-th sample data in the first set of sample data, X 2P represents the p-th sample data in the second set of sample data,Sample mean representing a first set of sample data,/>Representing the sample mean of the second set of sample data, and m represents the number of samples of the first set of sample data.
(C1) The server determines a similarity of the second user with respect to the selected reference user with respect to the target sign data based on the sample standard deviation of the first set of sample data, the sample standard deviation of the second set of sample data, and the sample covariance between the first set of sample data and the second set of sample data.
As one example, the server may determine the similarity of the second user to the selected reference user with respect to the target sign data according to the following equation (6). That is, the server uses a pearson correlation coefficient algorithm to determine the similarity of the second user to the selected reference user with respect to the target sign data.
Wherein, in the above formula (6), r Order of (A) represents the similarity of the second user and the selected reference user with respect to the target sign data, cov (X 1,X2) represents the sample covariance between the first set of sample data and the second set of sample data, S 1 represents the sample standard deviation of the first set of sample data, and S 2 represents the sample standard deviation of the second set of sample data.
The acquisition manner of the home sign data vector of the reference user is similar to that of the basic data vector of the reference user in the first case, so the relevant content of the first case may be referred to, and will not be described herein.
(33) And the server determines the average value of the similarity of the second user and each reference user about various types of sign data as the family sign similarity between the second user and each reference user.
Based on the above description, the household sign data of the second user includes blood pressure, blood glucose, uric acid, blood index, and the like. And the server determines the similarity of the second user and each reference user about various types of sign data according to the method, and further determines the average value of the similarity of the second user and each reference user about various types of sign data as the family sign similarity between the second user and each reference user.
For example, the server determines the similarity r blood pressure of the second user with the reference user a with respect to blood pressure data, the similarity r Blood sugar with respect to blood glucose data, the similarity r uric acid with respect to uric acid data, and the similarity r Blood index with respect to blood index data according to the above-described method. The server then determines the average of r blood pressure 、r Blood sugar 、r uric acid and r Blood index as the home sign similarity between the second user and reference user a.
(34) The server determines an encryption level of the home sign data of the second user based on the similarity of the home sign between the second user and each reference user and the encryption level of the home sign data of each reference user.
The process of determining the encryption level of the home sign data of the second user by the server is similar to the process of determining the encryption level of the basic data of the second user in the first case, so the relevant content of the first case may be referred to, and will not be repeated here.
Since the household sign data of the second user is related to the instrument used by the second user, the similarity of the two vectors in each dimension is determined first, and then the similarity between the two vectors is determined. Therefore, the server can accurately determine the similarity of the home sign between the second user and each reference user in the above manner, and further accurately determine the encryption level of the home sign data of the second user.
In a fourth case, the target health data is medical test data of the second user. The server may determine the encryption level of the medical test data of the second user according to steps (41) - (44) below.
(41) The server converts the medical examination data of the second user into corresponding feature vectors to obtain medical examination vectors of the second user.
Based on the above description, the medical test data of the second user includes blood routine, urine routine, brain CT, lung CT, and the like. The medical test data correspond to specific numerical values, so the server can directly convert the medical test data of the second user into corresponding feature vectors to obtain medical test vectors of the second user.
(42) The server determines a similarity of the second user to each reference user with respect to the same type of test data based on the medical test vector of the second user and the medical test vectors of the plurality of reference users.
In some embodiments, the server selects one reference user from the plurality of reference users, and determines the similarity of the second user to the selected reference user with respect to the same type of test data according to steps (a 2) - (c 2) below until the similarity of the second user to each reference user with respect to the same type of test data is determined.
(A2) The server acquires data elements of a first department examination of a first hospital area of a first medical institution and data elements of a second department examination of a second hospital area of the second medical institution from the medical examination vectors of the second user and the medical examination vectors of the plurality of reference users to obtain a third set of sample data and a fourth set of sample data.
The first department of the first hospital area of the first medical institution refers to a checking mechanism of target checking data of a second user, the second department of the second hospital area of the second medical institution refers to a checking mechanism of target checking data of a selected reference user, and the target checking data is any one checking data.
The implementation process of step (a 2) is similar to that of step (a 1) in step (32), so the detailed implementation process of step (a 2) is referred to the relevant content of step (a 1) in step (32), and will not be repeated here.
(B2) The server determines a sample standard deviation of the third set of sample data, a sample standard deviation of the fourth set of sample data, and a sample covariance between the third set of sample data and the fourth set of sample data.
The implementation process of step (b 2) is similar to that of step (b 1) in step (32), so the detailed implementation process of step (b 2) is referred to the relevant content of step (b 1) in step (32), and will not be repeated here.
(C2) The server determines a similarity of the second user with respect to the selected reference user with respect to the target test data based on the sample standard deviation of the third set of sample data, the sample standard deviation of the fourth set of sample data, and the sample covariance between the third set of sample data and the fourth set of sample data.
The implementation process of step (c 2) is similar to that of step (c 1) in step (32), so the detailed implementation process of step (c 2) is referred to the relevant content of step (c 1) in step (32), and will not be repeated here.
(43) The server determines an average value of the similarity of the second user and each reference user with respect to the various types of test data as a medical test similarity between the second user and each reference user.
Based on the above description, the medical test data of the second user includes blood routine, urine routine, brain CT, lung CT, and the like. The server determines the similarity of the second user and each reference user about various types of test data according to the method, and further determines the average value of the similarity of the second user and each reference user about various types of test data as the medical test similarity between the second user and each reference user.
For example, the server determines the similarity r Blood routine of the second user to the reference user a with respect to blood routine data, the similarity r Routine urine with respect to urine routine data, the similarity r Brain CT with respect to brain CT data, and the similarity r Lung (lung) CT with respect to lung CT data as described above. The server then determines the average of r Blood routine 、r Routine urine 、r Brain CT and r Lung (lung) CT as the home sign similarity between the second user and reference user a.
(44) The server determines an encryption level of the medical test data of the second user based on the medical test similarity between the second user and each of the reference users and the encryption level of the medical test data of each of the reference users.
The detailed implementation process is referred to the relevant content of the above (34), and will not be repeated here.
Since the second user's medical test data is related to the instrument used by the medical facility, the above-described manner is to determine the similarity of the two vectors in each dimension first, and then determine the similarity between the two vectors. Therefore, the server can accurately determine the medical test similarity between the second user and each reference user in the above manner, and thus accurately determine the encryption level of the medical test data of the second user.
Because the characteristics of the health data of different types are different, when the server determines the encryption level of the health data of each type, different algorithms are adopted to respectively determine the similarity of the health data between the second user and each reference user, and then determine the encryption level of the health data of each type. In this way, the encryption level of each type of health data can be accurately determined. Moreover, the server can automatically determine the encryption grade of each type of health data according to the method, and the determination efficiency of the encryption grade is improved.
The above description is made taking, as an example, the server determining the encryption level of the target health data. Of course, in practical application, after the server recommends the encryption level of the target health data to the second user, if the second user is not satisfied with the encryption level determined by the server, the encryption level of the target health data can be adjusted through the second user terminal, so that personalized privacy protection is provided for the second user. That is, after determining the encryption level of the target health data, the server sends a prompting message to the second user terminal, where the prompting message is used to prompt the second user to confirm the encryption level. And when the second user terminal detects the confirmation operation of the second user, sending an encryption grade confirmation message to the server. And when the server receives the encryption level confirmation message sent by the second user terminal, determining the encryption level of the target health data as the encryption level determined by the server. When the second user terminal detects the change operation of the second user, the second user terminal displays a fourth user interface, wherein the fourth user interface comprises the data identification of the target health data and each encryption level. The second user may select the encryption level of the target health data in the fourth user interface. And when the second user terminal detects the selection operation of the second user, determining the encryption level selected by the second user as the encryption level of the target health data.
Optionally, when the second user selects the encryption level of the target health data, the fourth user interface may display a hint message, where the hint message includes a visible range corresponding to each encryption level, and the second user may be enabled to specify a specific meaning of each encryption level through the visible range. For example, the visible range corresponding to the primary encryption is visible only by oneself, the visible range corresponding to the secondary encryption is visible only by oneself and family members, the visible range corresponding to the tertiary encryption is visible only by oneself and doctors, and the visible range corresponding to the quaternary encryption is visible to all people. Of course, in practical applications, the prompting message may also include other contents, which are not limited in this embodiment of the present application.
Since the second user can select only one encryption level from the plurality of encryption levels, it is the encryption level of the target health data. Therefore, when the second user clicks a button of a certain encryption level in the fourth user interface, the encryption level is selected on behalf of the second user, and when the second user clicks the button of the encryption level again, the currently selected encryption level cannot be canceled, and only when the second user clicks the button of the other encryption level, the currently selected encryption level cannot be canceled.
Referring to fig. 3, fig. 3 is a schematic diagram of a fourth user interface according to an embodiment of the application. In fig. 3, the target health data is basic data, and the encryption level of the basic data selected by the second user is secondary encryption.
For the inquiry data, after determining the encryption level of the inquiry data, the second user may also select a time range for sharing the inquiry data to other users through the second user terminal. That is, the second user chooses to share the inquiry data for a specific period of time to other users. The second user terminal displays a fifth user interface including a data identifier of the inquiry data, an encryption level of the inquiry data, and a time range of the inquiry data. The second user may select a time range of the inquiry data in the fifth user interface. And when the second user terminal detects the selection operation of the second user, determining the time range selected by the second user as the time range of the second user sharing the inquiry data with other users.
Referring to fig. 4, fig. 4 is a schematic diagram of a fifth user interface according to an embodiment of the present application. In fig. 4, the target health data is the inquiry data, the encryption level of the inquiry data selected by the second user is the second level encryption, and the second user selects the time range of the inquiry data from all 4 options in one week, one month, one year. For example, the second user selects a time range within one month, indicating that the second user selects to share the inquiry data to other users within one month.
For the household sign data, after determining the encryption level of the household sign data, the second user can also select the type of sign data shared to other users through the second user terminal. The second user terminal displays a sixth user interface, where the sixth user interface includes a data identifier of the home sign data, an encryption level of the home sign data, and a type of the home sign data. The second user may select the type of household sign data shared to other users in the sixth user interface. And when the second user terminal detects the selection operation of the second user, determining the type selected by the second user as the type of the household sign data shared by the second user to other users.
Since the second user can select at least one of the plurality of sign data as the sign data shared to other users. Therefore, when the second user clicks a certain vital data button in the sixth user interface, the representative second user selects the vital data, and when the second user clicks the vital data button again, the representative second user cancels the currently selected vital data.
For example, referring to fig. 5, fig. 5 is a schematic diagram of a sixth user interface according to an embodiment of the present application. In fig. 5, the target health data is home sign data, the encryption level of the home sign data selected by the second user is two-level encryption, and the second user selects at least one sign data from 4 options of blood pressure, blood sugar, uric acid and blood index. For example, the sign data selected by the second user is blood pressure and blood glucose, indicating that the second user chooses to share the blood pressure data and blood glucose data with other users.
For medical test data, after determining the encryption level of the medical test data, the second user may also select the type of medical test data to be shared with other users through the second user terminal. The second user terminal displays, for example, a seventh user interface including a data identification of the medical test data, an encryption level of the medical test data, and a type of the medical test data. The second user may select the type of medical test data shared with other users in a seventh user interface. And when the second user terminal detects the selection operation of the second user, determining the type selected by the second user as the type of medical examination data shared by the second user to other users.
For example, referring to fig. 6, fig. 6 is a schematic diagram of a seventh user interface according to an embodiment of the present application. In fig. 6, the target health data is medical test data, the encryption level of the medical test data selected by the second user is two-level encryption, and the second user selects at least one test data from 4 options of blood routine, urine routine, brain CT, lung CT. For example, the second user selected test data is blood convention and brain CT, indicating that the second user selected to share blood convention data and brain CT data to other users.
Step 205: and the server sends the ciphertext of the target health data and the decryption parameters of the second user to the first user terminal.
In some embodiments, the server may send the ciphertext of the target health data to the first user terminal along with the decryption parameters of the second user at the same time. Of course, in practical application, in order to further protect the privacy and security of the health data of the user, the server may also send the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal in a time-sharing manner. For example, when the second user grants the first user terminal access to the target health data, the server sends the second user's decryption parameters to the first user terminal. And after encrypting the target health data by using the encryption parameters of the second user according to the encryption level of the target health data, the server sends the ciphertext of the target health data to the first user terminal.
The decryption parameters of the second user include public parameters of the second user, an encrypted private key, and an encrypted public key.
Step 206: the first user terminal receives the ciphertext of the target health data and the decryption parameter sent by the server, decrypts the ciphertext of the target health data through the decryption parameter and displays the ciphertext.
Based on the above description, the encryption level of the target health data may be primary encryption, secondary encryption, tertiary encryption, or quaternary encryption. Under the condition that the encryption levels of the target health data are different, the process of decrypting the ciphertext of the target health data by the first user terminal is different. For example, when the encryption level of the target health data is four-level encryption, the first user terminal only needs to decrypt the ciphertext of the target health data once. When the encryption level of the target health data is three-level encryption, the first user terminal needs to decrypt the ciphertext of the target health data twice. When the encryption level of the target health data is two-level encryption, the first user terminal needs to decrypt the ciphertext of the target health data for three times. When the encryption level of the target health data is primary encryption, the first user terminal needs to decrypt the ciphertext of the target health data four times.
In some embodiments, the first user terminal decrypts the ciphertext of the target health data to obtain plaintext of the target health data. Since the plaintext of the target health data may include sensitive information such as the identification number, phone number, birthday of the second user, in order to better protect the privacy and security of the health data of the second user, AES (Advanced Encryption Standard, advanced encryption algorithm) may be further adopted by the server to desensitize the sensitive information in the plaintext of the target health data. That is, info_ DecDes =des (info_dec, ID, tel, birth).
Wherein info_ DecDes represents the target health data after desensitization, info_Dec represents the plaintext of the target health data, ID represents the ID number of the second user, tel represents the phone of the second user, birth represents the birthday of the second user.
The server desensitizes the plaintext of the target health data by AES algorithm as an example. In other embodiments, the server may be desensitized by other algorithms, which embodiments of the present application do not limit.
It should be noted that, the above-mentioned related contents of step 201 to step 206 are described by taking as an example that the second user has granted the first user terminal the right to access the target health data. Of course, in practical applications, the second user may not grant the first user terminal the right to access the target health data. For example, the server receives an access authorization response sent by the second user terminal, and if the access authorization response indicates that the second user does not grant the authority of the first user terminal to access the target health data, the server sends a prompt message to the first user terminal, where the prompt message is used to prompt that the first user cannot access the target health data of the second user. For example, the hint message is "data encrypted, cannot be viewed".
Next, taking fig. 7 as an example, a complete description of a data access procedure provided in an embodiment of the present application will be described. In fig. 7, taking doctor as an example, the doctor terminal transmits a data access request to the server, and in case the second user has granted the doctor the right to access the target health data, the server transmits the decryption parameters of the second user to the doctor terminal. Then, the server encrypts the target health data and sends ciphertext of the target health data to the doctor terminal. And the doctor terminal decrypts and desensitizes the ciphertext of the target health data through the decryption parameters. To obtain desensitized target health data info_ DecDes.
It should be noted that different roles may view different information. For example, the second user may view the plain text info_Dec of the target health data, the family member of the second user may view the plain text info_Dec of the target health data, the doctor may view only the desensitized target health data info_ DecDes, and other authorized users may view only the desensitized target health data info_ DecDes.
In the embodiment of the application, when the first user terminal requests to access the target health data of the second user, the ciphertext of the target health data is sent to the first user terminal through the authorization of the second user, and the ciphertext is not the plaintext of the target health data. In this way, the health data of the second user can be prevented from being intercepted, maliciously forwarded, tampered and the like. Moreover, different types of health data correspond to different encryption levels and different visible ranges, and only user terminals in the visible ranges can access the corresponding health data, so that encryption is performed according to the encryption levels of various types of health data, and encryption is not uniformly performed according to the highest encryption level, unnecessary encryption processes can be reduced, and data access performance is improved. In addition, when the server determines the encryption level of each type of health data, based on the characteristics of each type of health data, different algorithms are adopted to determine the similarity between the second user and each reference user respectively, so as to determine the encryption level of each type of health data. In this way, the encryption level of each type of health data can be accurately determined. And under the condition that the second user is not satisfied with the encryption level determined by the server, the second user can also autonomously select the encryption level and the healthy data sharing range to provide personalized privacy protection for the second user.
Fig. 8 is a schematic structural diagram of a data access device according to an embodiment of the present application, where the data access device may be implemented as part or all of a server by software, hardware, or a combination of both. Referring to fig. 8, the apparatus includes: a first receiving module 801, a first transmitting module 802, a second receiving module 803, an encrypting module 804 and a second transmitting module 805.
The first receiving module 801 is configured to receive a data access request sent by a first user terminal, where the data access request is used to access target health data of a second user, the target health data is one type of health data in multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data. The detailed implementation process refers to the corresponding content in each embodiment, and will not be repeated here.
A first sending module 802, configured to send an access authorization request to the second user terminal, where the access authorization request is used to request access rights of the target health data. The detailed implementation process refers to the corresponding content in each embodiment, and will not be repeated here.
A second receiving module 803 is configured to receive an access grant response sent by the second user terminal, where the access grant response is used to indicate whether the second user grants the first user terminal permission to access the target health data. The detailed implementation process refers to the corresponding content in each embodiment, and will not be repeated here.
And the encryption module 804 is configured to encrypt the target health data according to the encryption level of the target health data by using the encryption parameter of the second user if the access authorization response indicates that the second user has granted the first user terminal access to the target health data. The detailed implementation process refers to the corresponding content in each embodiment, and will not be repeated here.
The second sending module 805 is configured to send the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal, where the first user terminal is configured to decrypt and display the ciphertext of the target health data according to the decryption parameter. The detailed implementation process refers to the corresponding content in each embodiment, and will not be repeated here.
Optionally, the target health data is basic data of the second user, where the basic data refers to current basic information of the second user;
The device is also specifically used for:
Converting the basic data of the second user into corresponding feature vectors to obtain basic data vectors of the second user;
determining a distance between the base data vector of the second user and the base data vector of each of the plurality of reference users;
converting the distance between the basic data vector of the second user and the basic data vector of each reference user into basic data similarity between the second user and each reference user;
The encryption level of the base data of the second user is determined based on the similarity of the base data between the second user and each reference user and the encryption level of the base data of each reference user.
Optionally, the target health data is the second user's inquiry data, and the inquiry data refers to the data generated by the second user in the inquiry process;
The apparatus further comprises:
The first conversion module is used for converting the inquiry data of the second user into corresponding feature vectors so as to obtain inquiry data vectors of the second user;
The first determining module is used for determining the inquiry similarity between the second user and each reference user based on the inquiry data vector of the second user and the inquiry data vectors of the plurality of reference users;
And the second determining module is used for determining the encryption level of the inquiry data of the second user based on the inquiry similarity between the second user and each reference user and the encryption level of the inquiry data of each reference user.
Optionally, the first determining module is specifically configured to:
determining the inquiry similarity between the second user and each reference user according to the following formula based on the inquiry data vector of the second user and the inquiry data vectors of the plurality of reference users;
Wherein in the above formula, S W represents the similarity of the query between the second user and the i-th reference user of the plurality of reference users, x 2j represents the j-th element in the query data vector of the second user, x ij represents the j-th element in the query data vector of the i-th reference user, and n represents the number of elements included in the query data vector.
Optionally, the target health data is home sign data of the second user, where the home sign data is sign data measured by the second user at home;
The apparatus further comprises:
The second conversion module is used for converting the household sign data of the second user into corresponding feature vectors so as to obtain household sign vectors of the second user;
The third determining module is used for determining the similarity of the second user and each reference user about the same type of sign data based on the home sign vector of the second user and the home sign vectors of the plurality of reference users;
The fourth determining module is used for determining an average value of the similarity of the second user and each reference user with respect to various types of sign data as the family sign similarity between the second user and each reference user;
And a fifth determining module, configured to determine an encryption level of the home sign data of the second user based on the similarity of the home sign between the second user and each reference user and the encryption level of the home sign data of each reference user.
Optionally, the third determining module includes:
The selection unit is used for selecting one reference user from the plurality of reference users, and determining the similarity of the second user and the selected reference user about the same type of sign data according to the following operation until the similarity of the second user and each reference user about the same type of sign data is determined:
An obtaining unit, configured to obtain, from the home sign vector of the second user and the home sign vectors of the plurality of reference users, data elements measured by using a first type of instrument, and data elements measured by using a second type of instrument, so as to obtain a first set of sample data and a second set of sample data;
The first model refers to an instrument model used when a second user measures target sign data, the second model refers to an instrument model used when a selected reference user measures the target sign data, and the target sign data is any sign data;
a first determination unit configured to determine a sample standard deviation of the first set of sample data, a sample standard deviation of the second set of sample data, and a sample covariance between the first set of sample data and the second set of sample data;
And a second determining unit for determining a similarity of the second user with respect to the target sign data with respect to the selected reference user based on the sample standard deviation of the first set of sample data, the sample standard deviation of the second set of sample data, and the sample covariance between the first set of sample data and the second set of sample data.
Optionally, the second determining unit is specifically configured to:
Determining a similarity of the second user to the selected reference user with respect to the target sign data based on the sample standard deviation of the first set of sample data, the sample standard deviation of the second set of sample data, and the sample covariance between the first set of sample data and the second set of sample data, according to the following formula;
Wherein in the above formula, r Order of (A) represents the similarity of the second user and the selected reference user with respect to the target sign data, cov (X 1,X2) represents the sample covariance between the first set of sample data and the second set of sample data, S 1 represents the sample standard deviation of the first set of sample data, and S 2 represents the sample standard deviation of the second set of sample data.
Optionally, the target health data is medical test data of the second user, the medical test data being body data of the second user tested at a medical institution;
The device is also specifically used for:
Converting the medical examination data of the second user into corresponding feature vectors to obtain medical examination vectors of the second user;
determining a similarity of the second user to each reference user with respect to the same type of test data based on the medical test vector of the second user and the medical test vectors of the plurality of reference users;
Determining an average value of the similarity of the second user and each reference user about various types of test data as the medical test similarity between the second user and each reference user;
the encryption level of the medical test data of the second user is determined based on the medical test similarity between the second user and each of the reference users and the encryption level of the medical test data of each of the reference users.
Optionally, the apparatus further comprises:
The acquisition module is used for acquiring the security parameters and the encryption private key input by the second user;
the first generation module is used for generating public parameters of the second user by adopting a hash algorithm based on the security parameters;
the second generation module is used for generating an encrypted public key of a second user based on the encrypted private key;
and a sixth determining module, configured to determine the public parameter, the encrypted private key, and the encrypted public key as encryption parameters of the second user.
In the embodiment of the application, when the first user terminal requests to access the target health data of the second user, the ciphertext of the target health data is sent to the first user terminal through the authorization of the second user, and the ciphertext is not the plaintext of the target health data. In this way, the health data of the second user can be prevented from being intercepted, maliciously forwarded, tampered and the like. Moreover, different types of health data correspond to different encryption levels and different visible ranges, and only user terminals in the visible ranges can access the corresponding health data, so that encryption is performed according to the encryption levels of various types of health data, and encryption is not uniformly performed according to the highest encryption level, unnecessary encryption processes can be reduced, and data access performance is improved. In addition, when the server determines the encryption level of each type of health data, based on the characteristics of each type of health data, different algorithms are adopted to determine the similarity between the second user and each reference user respectively, so as to determine the encryption level of each type of health data. In this way, the encryption level of each type of health data can be accurately determined. And under the condition that the second user is not satisfied with the encryption level determined by the server, the second user can also autonomously select the encryption level and the healthy data sharing range to provide personalized privacy protection for the second user.
It should be noted that: in the data access device provided in the above embodiment, only the division of the above functional modules is used for illustration, and in practical application, the above functional allocation may be performed by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules, so as to complete all or part of the functions described above. In addition, the data access device and the data access method provided in the foregoing embodiments belong to the same concept, and specific implementation processes of the data access device and the data access method are detailed in the method embodiments and are not repeated herein.
Fig. 9 is a block diagram of a user terminal 900 according to an embodiment of the present application. The user terminal 900 may be a portable mobile terminal such as: a smart phone, a tablet computer, an MP3 player (Moving Picture Experts Group Audio Layer III, motion picture expert compression standard audio plane 3), an MP4 (Moving Picture Experts Group Audio Layer IV, motion picture expert compression standard audio plane 4) player, a notebook computer, or a desktop computer. User terminal 900 may also be referred to by other names of user devices, portable terminals, laptop terminals, desktop terminals, etc.
In general, the user terminal 900 includes: a processor 901 and a memory 902.
Processor 901 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and the like. The processor 901 may be implemented in at least one hardware form of DSP (DIGITAL SIGNAL Processing), FPGA (Field-Programmable gate array), PLA (Programmable Logic Array ). Processor 901 may also include a main processor, which is a processor for processing data in an awake state, also referred to as a CPU (Central Processing Unit ), and a coprocessor; a coprocessor is a low-power processor for processing data in a standby state. In some embodiments, the processor 901 may integrate a GPU (Graphics Processing Unit, image processor) for rendering and drawing of content required to be displayed by the display screen. In some embodiments, the processor 901 may also include an AI (ARTIFICIAL INTELLIGENCE ) processor for processing computing operations related to machine learning.
The memory 902 may include one or more computer-readable storage media, which may be non-transitory. The memory 902 may also include high-speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In some embodiments, a non-transitory computer readable storage medium in memory 902 is used to store at least one instruction for execution by processor 901 to implement the data access methods provided by the method embodiments of the present application.
In some embodiments, the user terminal 900 may further optionally include: a peripheral interface 903, and at least one peripheral. The processor 901, memory 902, and peripheral interface 903 may be connected by a bus or signal line. The individual peripheral devices may be connected to the peripheral device interface 903 via buses, signal lines, or circuit boards. Specifically, the peripheral device includes: at least one of radio frequency circuitry 904, a touch display 905, a camera 906, audio circuitry 907, positioning components 908, and a power source 909.
The peripheral interface 903 may be used to connect at least one peripheral device associated with an I/O (Input/Output) to the processor 901 and the memory 902. In some embodiments, the processor 901, memory 902, and peripheral interface 903 are integrated on the same chip or circuit board; in some other embodiments, either or both of the processor 901, the memory 902, and the peripheral interface 903 may be implemented on separate chips or circuit boards, which is not limited in this embodiment.
The Radio Frequency circuit 904 is configured to receive and transmit RF (Radio Frequency) signals, also known as electromagnetic signals. The radio frequency circuit 904 communicates with a communication network and other communication devices via electromagnetic signals. The radio frequency circuit 904 converts an electrical signal into an electromagnetic signal for transmission, or converts a received electromagnetic signal into an electrical signal. Optionally, the radio frequency circuit 904 includes: antenna systems, RF transceivers, one or more amplifiers, tuners, oscillators, digital signal processors, codec chipsets, subscriber identity module cards, and so forth. The radio frequency circuit 904 may communicate with other terminals via at least one wireless communication protocol. The wireless communication protocol includes, but is not limited to: the world wide web, metropolitan area networks, intranets, generation mobile communication networks (2G, 3G, 4G, and 5G), wireless local area networks, and/or WiFi (WIRELESS FIDELITY ) networks. In some embodiments, the radio frequency circuit 904 may further include NFC (NEAR FIELD Communication) related circuits, which embodiments of the present application are not limited in this respect.
The display 905 is used to display a UI (User Interface). The UI may include graphics, text, icons, video, and any combination thereof. When the display 905 is a touch display, the display 905 also has the ability to capture touch signals at or above the surface of the display 905. The touch signal may be input as a control signal to the processor 901 for processing. At this time, the display 905 may also be used to provide virtual buttons and/or a virtual keyboard, also referred to as soft buttons and/or a soft keyboard. In some embodiments, the display 905 may be one, providing a front panel of the user terminal 900; in other embodiments, the display 905 may be at least two, respectively disposed on different surfaces of the user terminal 900 or in a folded design; in still other embodiments, the display 905 may be a flexible display disposed on a curved surface or a folded surface of the user terminal 900. Even more, the display 905 may be arranged in an irregular pattern other than rectangular, i.e., a shaped screen. The display 905 may be made of LCD (Liquid CRYSTAL DISPLAY), OLED (Organic Light-Emitting Diode) or other materials.
The camera assembly 906 is used to capture images or video. Optionally, the camera assembly 906 includes a front camera and a rear camera. Typically, the front camera is disposed on a front panel of the user terminal, and the rear camera is disposed on a rear surface of the user terminal. In some embodiments, the at least two rear cameras are any one of a main camera, a depth camera, a wide-angle camera and a tele camera, so as to realize that the main camera and the depth camera are fused to realize a background blurring function, and the main camera and the wide-angle camera are fused to realize a panoramic shooting and Virtual Reality (VR) shooting function or other fusion shooting functions. In some embodiments, camera assembly 906 may also include a flash. The flash lamp can be a single-color temperature flash lamp or a double-color temperature flash lamp. The dual-color temperature flash lamp refers to a combination of a warm light flash lamp and a cold light flash lamp, and can be used for light compensation under different color temperatures.
The audio circuit 907 may include a microphone and a speaker. The microphone is used for collecting sound waves of users and the environment, converting the sound waves into electric signals, and inputting the electric signals to the processor 901 for processing, or inputting the electric signals to the radio frequency circuit 904 for voice communication. For purposes of stereo acquisition or noise reduction, a plurality of microphones may be respectively disposed at different locations of the user terminal 900. The microphone may also be an array microphone or an omni-directional pickup microphone. The speaker is used to convert electrical signals from the processor 901 or the radio frequency circuit 904 into sound waves. The speaker may be a conventional thin film speaker or a piezoelectric ceramic speaker. When the speaker is a piezoelectric ceramic speaker, not only the electric signal can be converted into a sound wave audible to humans, but also the electric signal can be converted into a sound wave inaudible to humans for ranging and other purposes. In some embodiments, the audio circuit 907 may also include a headphone jack.
The location component 908 is used to locate the current geographic location of the user terminal 900 to enable navigation or LBS (Location Based Service, location-based services). The positioning component 908 may be a positioning component based on the United states GPS (Global Positioning System ), the Beidou system of China, or the Galileo system of Russia.
The power supply 909 is used to supply power to the various components in the user terminal 900. The power supply 909 may be an alternating current, a direct current, a disposable battery, or a rechargeable battery. When the power source 909 includes a rechargeable battery, the rechargeable battery may be a wired rechargeable battery or a wireless rechargeable battery. The wired rechargeable battery is a battery charged through a wired line, and the wireless rechargeable battery is a battery charged through a wireless coil. The rechargeable battery may also be used to support fast charge technology.
In some embodiments, the user terminal 900 also includes one or more sensors 910. The one or more sensors 910 include, but are not limited to: acceleration sensor 911, gyroscope sensor 912, pressure sensor 913, fingerprint sensor 914, optical sensor 915, and proximity sensor 916.
The acceleration sensor 911 may detect the magnitudes of accelerations on three coordinate axes of the coordinate system established with the user terminal 900. For example, the acceleration sensor 911 may be used to detect components of gravitational acceleration in three coordinate axes. The processor 901 may control the touch display 905 to display a user interface in a landscape view or a portrait view according to the gravitational acceleration signal acquired by the acceleration sensor 911. The acceleration sensor 911 may also be used for the acquisition of motion data of a game or a user.
The gyro sensor 912 may detect a body direction and a rotation angle of the user terminal 900, and the gyro sensor 912 may collect a 3D motion of the user to the user terminal 900 in cooperation with the acceleration sensor 911. The processor 901 may implement the following functions according to the data collected by the gyro sensor 912: motion sensing (e.g., changing UI according to a tilting operation by a user), image stabilization at shooting, game control, and inertial navigation.
The pressure sensor 913 may be provided at a side frame of the user terminal 900 and/or at a lower layer of the touch display 905. When the pressure sensor 913 is disposed at a side frame of the user terminal 900, a grip signal of the user to the user terminal 900 may be detected, and the processor 901 performs a left-right hand recognition or a shortcut operation according to the grip signal collected by the pressure sensor 913. When the pressure sensor 913 is disposed at the lower layer of the touch display 905, the processor 901 performs control of the operability control on the UI interface according to the pressure operation of the user on the touch display 905. The operability controls include at least one of a button control, a scroll bar control, an icon control, and a menu control.
The fingerprint sensor 914 is used for collecting the fingerprint of the user, and the processor 901 identifies the identity of the user according to the fingerprint collected by the fingerprint sensor 914 or the fingerprint sensor 914 identifies the identity of the user according to the collected fingerprint. Upon recognizing that the user's identity is a trusted identity, the processor 901 authorizes the user to perform relevant sensitive operations including unlocking the screen, viewing encrypted information, downloading software, paying for and changing settings, etc. The fingerprint sensor 914 may be provided on the front, back, or side of the user terminal 900. When a physical key or vendor Logo is provided on the user terminal 900, the fingerprint sensor 914 may be integrated with the physical key or vendor Logo.
The optical sensor 915 is used to collect the intensity of ambient light. In one embodiment, the processor 901 may control the display brightness of the touch display 905 based on the intensity of ambient light collected by the optical sensor 915. Specifically, when the ambient light intensity is high, the display brightness of the touch display 905 is turned up; when the ambient light intensity is low, the display brightness of the touch display panel 905 is turned down. In another embodiment, the processor 901 may also dynamically adjust the shooting parameters of the camera assembly 906 based on the ambient light intensity collected by the optical sensor 915.
A proximity sensor 916, also referred to as a distance sensor, is typically provided on the front panel of the user terminal 900. The proximity sensor 916 is used to collect the distance between the user and the front of the user terminal 900. In one embodiment, when the proximity sensor 916 detects that the distance between the user and the front face of the user terminal 900 gradually decreases, the processor 901 controls the touch display 905 to switch from the bright screen state to the off screen state; when the proximity sensor 916 detects that the distance between the user and the front surface of the user terminal 900 gradually increases, the processor 901 controls the touch display 905 to switch from the off-screen state to the on-screen state.
Those skilled in the art will appreciate that the structure shown in fig. 9 is not limiting and that more or fewer components than shown may be included or certain components may be combined or a different arrangement of components may be employed.
Fig. 10 is a schematic structural diagram of a server according to an embodiment of the present application. The server 1000 includes a Central Processing Unit (CPU) 1001, a system memory 1004 including a Random Access Memory (RAM) 1002 and a Read Only Memory (ROM) 1003, and a system bus 1005 connecting the system memory 1004 and the central processing unit 1001. The server 1000 also includes a basic input/output system (I/O system) 1006 for supporting the transfer of information between various devices within the computer, and a mass storage device 1007 for storing an operating system 1013, application programs 1014, and other program modules 1015.
The basic input/output system 1006 includes a display 1008 for displaying information and an input device 1009, such as a mouse, keyboard, etc., for the user to enter information. Wherein the display 1008 and the input device 1009 are connected to the central processing unit 1001 through an input output controller 1010 connected to a system bus 1005. The basic input/output system 1006 may also include an input/output controller 1010 for receiving and processing input from a number of other devices, such as a keyboard, mouse, or electronic stylus. Similarly, the input output controller 1010 also provides output to a display screen, a printer, or other type of output device.
The mass storage device 1007 is connected to the central processing unit 1001 through a mass storage controller (not shown) connected to the system bus 1005. The mass storage device 1007 and its associated computer-readable media provide non-volatile storage for the server 1000. That is, the mass storage device 1007 may include a computer readable medium (not shown) such as a hard disk or CD-ROM drive.
Computer readable media may include computer storage media and communication media without loss of generality. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes RAM, ROM, EPROM, EEPROM, flash memory, or other solid state memory technology, CD-ROM, DVD, or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage, or other magnetic storage devices. Of course, those skilled in the art will recognize that computer storage media are not limited to the ones described above. The system memory 1004 and mass storage devices 1007 described above may be collectively referred to as memory.
According to various embodiments of the application, the server 1000 may also operate by a remote computer connected to the network through a network, such as the Internet. I.e., the server 1000 may be connected to the network 1012 through a network interface unit 1011 connected to the system bus 1005, or may be connected to other types of networks or remote computer systems (not shown) using the network interface unit 1011.
The memory also includes one or more programs, one or more programs stored in the memory and configured to be executed by the CPU.
In some embodiments, there is also provided a computer readable storage medium having stored therein a computer program which, when executed by a processor, implements the steps of the data access method of the above embodiments. For example, the computer readable storage medium may be ROM, RAM, CD-ROM, magnetic tape, floppy disk, optical data storage device, etc.
It is noted that the computer readable storage medium mentioned in the embodiments of the present application may be a non-volatile storage medium, in other words, may be a non-transitory storage medium.
It should be understood that all or part of the steps to implement the above-described embodiments may be implemented by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. The computer instructions may be stored in the computer-readable storage medium described above.
That is, in some embodiments, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform the steps of the data access method described above.
It should be understood that references herein to "at least one" mean one or more, and "a plurality" means two or more. In the description of the embodiments of the present application, unless otherwise indicated, "/" means or, for example, a/B may represent a or B; "and/or" herein is merely an association relationship describing an association object, and means that three relationships may exist, for example, a and/or B may mean: a exists alone, A and B exist together, and B exists alone. In addition, in order to facilitate the clear description of the technical solution of the embodiments of the present application, in the embodiments of the present application, the words "first", "second", etc. are used to distinguish the same item or similar items having substantially the same function and effect. It will be appreciated by those of skill in the art that the words "first," "second," and the like do not limit the amount and order of execution, and that the words "first," "second," and the like do not necessarily differ.
It should be noted that, the information (including but not limited to user equipment information, user personal information, etc.), data (including but not limited to data for analysis, stored data, presented data, etc.), and signals related to the embodiments of the present application are all authorized by the user or are fully authorized by the parties, and the collection, use, and processing of the related data is required to comply with the relevant laws and regulations and standards of the relevant countries and regions. For example, health data, encryption parameters, user identification, etc. involved in the embodiments of the present application are obtained under the condition of sufficient authorization.
The above embodiments are not intended to limit the present application, and any modifications, equivalent substitutions, improvements, etc. within the spirit and principle of the present application should be included in the scope of the present application.
Claims (10)
1. A method of data access, the method comprising:
Receiving a data access request sent by a first user terminal, wherein the data access request is used for accessing target health data of a second user, the target health data is one type of health data in multiple types of health data, the multiple types of health data are remote inquiry data, each type of health data has a corresponding visible range, and the first user terminal is positioned in the visible range of the target health data of the second user;
Sending an access authorization request to a second user terminal, wherein the access authorization request is used for requesting the access right of target health data of the second user;
receiving an access authorization response sent by the second user terminal, wherein the access authorization response is used for indicating whether the second user grants the first user terminal permission to access the target health data of the second user;
Under the condition that the access authorization response indicates that the second user terminal has granted the authority of accessing the target health data of the second user, the target health data of the second user is converted into a corresponding feature vector, and a target health data vector of the second user is obtained; determining the similarity of the target health data of each reference user in the second user and the plurality of reference users based on the target health data vector of the second user and the target health data vector of the plurality of reference users, so as to obtain a plurality of similarities; determining an encryption level of the target health data of the second user based on the plurality of similarities and the encryption level of the target health data of each reference user;
Encrypting the target health data of the second user by using the encryption parameters of the second user according to the encryption level of the target health data of the second user;
And sending the ciphertext of the target health data of the second user and the decryption parameter of the second user to the first user terminal, wherein the first user terminal is used for decrypting and displaying the ciphertext of the target health data of the second user through the decryption parameter.
2. The method of claim 1, wherein the target health data is base data, the base data being basic information of the user's current;
converting the target health data of the second user into corresponding feature vectors to obtain target health data vectors of the second user; determining the similarity of the target health data of each reference user in the second user and the plurality of reference users based on the target health data vector of the second user and the target health data vector of the plurality of reference users, so as to obtain a plurality of similarities; determining the encryption level of the target health data of the second user based on the plurality of similarities and the encryption level of the target health data of each reference user, comprising:
converting the basic data of the second user into corresponding feature vectors to obtain basic data vectors of the second user;
determining a distance between the base data vector of the second user and the base data vector of each of a plurality of reference users;
converting the distance between the basic data vector of the second user and the basic data vector of each reference user into basic data similarity between the second user and each reference user;
and determining the encryption level of the basic data of the second user based on the similarity of the basic data between the second user and each reference user and the encryption level of the basic data of each reference user.
3. The method of claim 1, wherein the target health data is interview data, the interview data being data generated by the user during an interview;
converting the target health data of the second user into corresponding feature vectors to obtain target health data vectors of the second user; determining the similarity of the target health data of each reference user in the second user and the plurality of reference users based on the target health data vector of the second user and the target health data vector of the plurality of reference users, so as to obtain a plurality of similarities; determining the encryption level of the target health data of the second user based on the plurality of similarities and the encryption level of the target health data of each reference user, comprising:
Converting the inquiry data of the second user into corresponding feature vectors to obtain inquiry data vectors of the second user;
determining a query similarity between the second user and each of the reference users based on the query data vector of the second user and the query data vectors of the plurality of reference users;
And determining the encryption level of the inquiry data of the second user based on the inquiry similarity between the second user and each reference user and the encryption level of the inquiry data of each reference user.
4. The method of claim 3, wherein the determining the query similarity between the second user and each of the reference users based on the query data vector of the second user and the query data vectors of the plurality of reference users comprises:
Determining the inquiry similarity between the second user and each reference user according to the following formula based on the inquiry data vector of the second user and the inquiry data vectors of the plurality of reference users;
wherein in the above formula, S W represents a query similarity between the second user and an i-th reference user of the plurality of reference users, x 2j represents a j-th element in a query data vector of the second user, x ij represents a j-th element in a query data vector of the i-th reference user, and n represents a number of elements included in the query data vector.
5. The method of claim 1, wherein the target health data is home sign data, the home sign data being sign data measured by the user at home;
converting the target health data of the second user into corresponding feature vectors to obtain target health data vectors of the second user; determining the similarity of the target health data of each reference user in the second user and the plurality of reference users based on the target health data vector of the second user and the target health data vector of the plurality of reference users, so as to obtain a plurality of similarities; determining the encryption level of the target health data of the second user based on the plurality of similarities and the encryption level of the target health data of each reference user, comprising:
converting the household sign data of the second user into corresponding feature vectors to obtain household sign vectors of the second user;
determining the similarity of the second user and each reference user about the same type of sign data based on the home sign vector of the second user and the home sign vectors of the plurality of reference users;
determining an average value of the similarity of the second user and each reference user about various types of sign data as the family sign similarity between the second user and each reference user;
And determining the encryption level of the household sign data of the second user based on the household sign similarity between the second user and each reference user and the encryption level of the household sign data of each reference user.
6. The method of claim 5, wherein the determining the similarity of the second user to each reference user with respect to the same category of sign data based on the home sign vector of the second user and the home sign vectors of the plurality of reference users comprises:
Selecting one reference user from the plurality of reference users, and determining the similarity of the second user and the selected reference user about the same type of sign data according to the following operation until the similarity of the second user and each reference user about the same type of sign data is determined:
Acquiring data elements measured by an instrument of a first model and data elements measured by an instrument of a second model from the home sign vector of the second user and the home sign vectors of the plurality of reference users to obtain a first group of sample data and a second group of sample data;
The first model is an instrument model used when the second user measures target sign data, the second model is an instrument model used when the selected reference user measures the target sign data, and the target sign data is any sign data;
determining a sample standard deviation of the first set of sample data, a sample standard deviation of the second set of sample data, and a sample covariance between the first set of sample data and the second set of sample data;
a similarity of the second user to the selected reference user with respect to the target sign data is determined based on a sample standard deviation of the first set of sample data, a sample standard deviation of the second set of sample data, and a sample covariance between the first set of sample data and the second set of sample data.
7. The method of claim 6, wherein the determining the similarity of the second user with the selected reference user with respect to the target sign data based on the sample standard deviation of the first set of sample data, the sample standard deviation of the second set of sample data, and the sample covariance between the first set of sample data and the second set of sample data comprises:
Determining a similarity of the second user to the selected reference user with respect to the target sign data according to the following formula based on the sample standard deviation of the first set of sample data, the sample standard deviation of the second set of sample data, and the sample covariance between the first set of sample data and the second set of sample data;
Wherein in the above formula, r Order of (A) represents the similarity of the second user and the selected reference user with respect to the target sign data, cov (X 1,X2) represents the sample covariance between the first set of sample data and the second set of sample data, S 1 represents the sample standard deviation of the first set of sample data, and S 2 represents the sample standard deviation of the second set of sample data.
8. The method of claim 1, wherein the target health data is medical test data, the medical test data being body data that the user tests at a medical facility;
converting the target health data of the second user into corresponding feature vectors to obtain target health data vectors of the second user; determining the similarity of the target health data of each reference user in the second user and the plurality of reference users based on the target health data vector of the second user and the target health data vector of the plurality of reference users, so as to obtain a plurality of similarities; determining the encryption level of the target health data of the second user based on the plurality of similarities and the encryption level of the target health data of each reference user, comprising:
Converting the medical examination data of the second user into corresponding feature vectors to obtain medical examination vectors of the second user;
Determining a similarity of the second user to each reference user with respect to the same type of test data based on the medical test vector of the second user and the medical test vectors of the plurality of reference users;
Determining an average value of the similarity of the second user and each reference user with respect to various types of test data as the medical test similarity between the second user and each reference user;
The encryption level of the medical test data of the second user is determined based on the medical test similarity between the second user and each of the reference users and the encryption level of the medical test data of each of the reference users.
9. The method of any one of claims 1-8, wherein the method further comprises:
acquiring the security parameters and the encryption private key input by the second user;
Based on the security parameters, a hash algorithm is adopted to generate public parameters of the second user;
generating an encrypted public key of the second user based on the encrypted private key;
and determining the public parameter, the encryption private key and the encryption public key as encryption parameters of the second user.
10. A server, wherein the server comprises a receiver, a transmitter, and a processor;
The receiver is used for receiving a data access request sent by a first user terminal, the data access request is used for accessing target health data of a second user, the target health data is one type of health data in multiple types of health data, the multiple types of health data are remote inquiry data, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data of the second user;
the transmitter is used for transmitting an access authorization request to a second user terminal, wherein the access authorization request is used for requesting the access right of the target health data of the second user;
the receiver is further configured to receive an access grant response sent by the second user terminal, where the access grant response is used to indicate whether the second user grants the first user terminal permission to access the target health data of the second user;
the processor is used for converting the target health data of the second user into a corresponding feature vector to obtain a target health data vector of the second user under the condition that the access authorization response indicates that the second user has granted the first user terminal access to the target health data of the second user; determining the similarity of the target health data of each reference user in the second user and the plurality of reference users based on the target health data vector of the second user and the target health data vector of the plurality of reference users, so as to obtain a plurality of similarities; determining an encryption level of the target health data of the second user based on the plurality of similarities and the encryption level of the target health data of each reference user; encrypting the target health data of the second user by using the encryption parameters of the second user according to the encryption level of the target health data of the second user;
the transmitter is further configured to send the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal, where the first user terminal is configured to decrypt and display the ciphertext of the target health data of the second user through the decryption parameter.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210185340.0A CN114422265B (en) | 2022-02-28 | 2022-02-28 | Data access method and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210185340.0A CN114422265B (en) | 2022-02-28 | 2022-02-28 | Data access method and server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114422265A CN114422265A (en) | 2022-04-29 |
| CN114422265B true CN114422265B (en) | 2024-05-03 |
Family
ID=81261767
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210185340.0A Active CN114422265B (en) | 2022-02-28 | 2022-02-28 | Data access method and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114422265B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116344010B (en) * | 2023-05-23 | 2023-08-25 | 广东名阳信息科技有限公司 | Household health management method and device, electronic equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105635082A (en) * | 2014-11-12 | 2016-06-01 | 北大方正集团有限公司 | Dynamic authorization method and system, authorization center, and authorization client |
| CN106027552A (en) * | 2016-06-30 | 2016-10-12 | 中经汇通电子商务有限公司 | Method and system for accessing cloud storage data by user |
| CN111049803A (en) * | 2019-11-20 | 2020-04-21 | 江苏物联网络科技发展有限公司 | Data encryption and platform security access method based on vehicle-mounted CAN bus communication system |
| CN112825520A (en) * | 2019-11-21 | 2021-05-21 | 中国移动通信有限公司研究院 | User privacy data processing method, device, system and storage medium |
| CN114003929A (en) * | 2021-10-27 | 2022-02-01 | 平安国际智慧城市科技股份有限公司 | Data processing method, device, server and storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102882885B (en) * | 2012-10-17 | 2015-07-01 | 北京卓微天成科技咨询有限公司 | Method and system for improving cloud computing data security |
-
2022
- 2022-02-28 CN CN202210185340.0A patent/CN114422265B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105635082A (en) * | 2014-11-12 | 2016-06-01 | 北大方正集团有限公司 | Dynamic authorization method and system, authorization center, and authorization client |
| CN106027552A (en) * | 2016-06-30 | 2016-10-12 | 中经汇通电子商务有限公司 | Method and system for accessing cloud storage data by user |
| CN111049803A (en) * | 2019-11-20 | 2020-04-21 | 江苏物联网络科技发展有限公司 | Data encryption and platform security access method based on vehicle-mounted CAN bus communication system |
| CN112825520A (en) * | 2019-11-21 | 2021-05-21 | 中国移动通信有限公司研究院 | User privacy data processing method, device, system and storage medium |
| CN114003929A (en) * | 2021-10-27 | 2022-02-01 | 平安国际智慧城市科技股份有限公司 | Data processing method, device, server and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 电子病历数据治理方法的研究;江心怡;陈敏;;中国医院管理(第08期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114422265A (en) | 2022-04-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110209952B (en) | Information recommendation method, device, equipment and storage medium | |
| CN110569909B (en) | Block chain-based fault early warning method, device, equipment and storage medium | |
| CN109284445B (en) | Network resource recommendation method and device, server and storage medium | |
| CN106471860B (en) | Mobile terminal and method for controlling the same | |
| CN110807325B (en) | Predicate identification method, predicate identification device and storage medium | |
| KR102482361B1 (en) | Direct input from remote device | |
| CN111104980B (en) | Method, device, equipment and storage medium for determining classification result | |
| CN110020880B (en) | Advertisement putting method, device and equipment | |
| CN111209313B (en) | Block chain-based medical project data query method and device | |
| CN109902089B (en) | Query method and device using heterogeneous index, electronic equipment and medium | |
| CN114422265B (en) | Data access method and server | |
| CN110597906B (en) | Entrance integral generation method, device and equipment based on blockchain and storage medium | |
| CN110675473B (en) | Method, device, electronic equipment and medium for generating GIF dynamic diagram | |
| KR102526959B1 (en) | Electronic device and method for operating the same | |
| CN111598896A (en) | Image detection method, device, equipment and storage medium | |
| CN110597840B (en) | Partner relationship establishment method, device, equipment and storage medium based on blockchain | |
| CN113987326B (en) | Resource recommendation method and device, computer equipment and medium | |
| CN112214115B (en) | Input mode identification method and device, electronic equipment and storage medium | |
| CN112070586B (en) | Item recommendation method and device based on semantic recognition, computer equipment and medium | |
| CN110968549B (en) | File storage method, device, electronic equipment and medium | |
| CN113222771B (en) | Method and device for determining target group based on knowledge graph and electronic equipment | |
| CN110197055B (en) | Method, device, equipment and storage medium for managing information | |
| CN114328948A (en) | Training method of text standardization model, text standardization method and device | |
| CN114153963A (en) | Document recommendation method and device, computer equipment and medium | |
| CN112560472B (en) | Method and device for identifying sensitive information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |