CN115225669A - Distributed private data processing system and method - Google Patents
Distributed private data processing system and method Download PDFInfo
- Publication number
- CN115225669A CN115225669A CN202210825275.3A CN202210825275A CN115225669A CN 115225669 A CN115225669 A CN 115225669A CN 202210825275 A CN202210825275 A CN 202210825275A CN 115225669 A CN115225669 A CN 115225669A
- Authority
- CN
- China
- Prior art keywords
- data
- server
- data server
- ciphertext
- distributed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012545 processing Methods 0.000 title claims abstract description 28
- 238000000034 method Methods 0.000 title description 17
- 238000003672 processing method Methods 0.000 claims abstract description 10
- 238000012795 verification Methods 0.000 claims abstract description 10
- 238000004590 computer program Methods 0.000 claims description 4
- 238000007405 data analysis Methods 0.000 abstract description 5
- 239000008186 active pharmaceutical agent Substances 0.000 description 11
- 238000004422 calculation algorithm Methods 0.000 description 3
- 238000013480 data collection Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000000354 decomposition reaction Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 101100356682 Caenorhabditis elegans rho-1 gene Proteins 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000036772 blood pressure Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0478—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a distributed privacy data processing system and a distributed privacy data processing method, which belong to the technical field of medical data processing, wherein the scheme is based on splitting of original data, so that access control is realized, and internal attack is effectively avoided; meanwhile, by adding the access result verification function, whether the final result is correct or not can be verified after the user receives the access result, the problem that the access result of the user is wrong due to the fact that malicious data server administrators provide wrong data is effectively avoided, and the correctness of data analysis is further effectively guaranteed.
Description
Technical Field
The disclosure belongs to the technical field of medical data processing, and particularly relates to a distributed privacy data processing system and method.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
A Wireless Sensor Network (WSN) is a distributed sensor network consisting of a set of distributed, dedicated sensors. Such networks are gradually beginning to penetrate into the medical field of doctors and patients. The device can remotely monitor physiological parameters of the heart rate, the blood pressure and the like of a patient, and collects and transmits information to a monitoring center.
Wireless medical sensor networks can provide medical services to patients while ensuring their comfort of life. However, patient sensitive physiological data transmitted through public channels and stored in backend systems presents a number of potential security threats. Examples of threats include eavesdropping, impersonation, data integrity, data leakage, collusion, and the like. These threats present new challenges such as privacy management of patient personal data, etc. Accordingly, various approaches are being attempted to protect patient data from various threats and attacks. Such as private key cryptography, public key cryptography, k-anonymity, etc. Most solutions focus on protecting data from external attacks during communication. However, internal attacks where the patient database proprietor reveals sensitive patient information may also have serious consequences. For example, a malicious patient database administrator may use patient data (e.g., patient identity) for medical fraud, fraudulent insurance claims, and sometimes even a life-threatening risk. Therefore, how to propose a data protection system capable of effectively preventing external and internal attacks is a research topic of attention.
In 2013, yi et al proposed a system based on private key encryption to protect data from internal attacks, where the shared system consists of three servers for storing data. The sensor divides the patient data into three parts, makes the sum equal to the raw data, and then sends them to three data servers, respectively. At this point, the patient data can be effectively protected as long as both servers are not attacked. Meanwhile, they propose a lightweight encryption algorithm to create a secure channel to protect the communication between the sensor nodes and the shared system. Then Yi and Bouguettaya et al propose a privacy data protection scheme based on Paillier and ElGamal cryptographic systems, as long as two servers are not attacked, the patient data can be effectively protected. In addition, they propose a SHA-3 based data acquisition protocol so that the sensor effectively randomly divides the raw data into three parts. In 2017, bhuiya et al proposed a new patient privacy preserving data collection framework and protected private data using a distributed database consisting of multiple edge servers. In 2018, luo et al considered a Slepian-Wolf code based data collection protocol for secret sharing and achieving access control to users through cooperation of multiple servers. Later, solomon et al incorporated attribute encryption to implement access control functionality based on distributed database systems. In such a distributed data system, if a malicious data server provides erroneous data, the results obtained by the user will be erroneous. However, the inventor finds that the distributed data scheme with the medical sensing network is mostly concerned about resisting internal and external attacks at present, but does not pay attention to the problem of data correctness, however, if a malicious data server provides wrong data, the result obtained by a user is wrong, and the correctness of data analysis is further influenced.
Disclosure of Invention
In order to solve the above problems, the present disclosure provides a distributed private data processing system and method, where the scheme is based on splitting of original data, and effectively avoids internal attack while implementing access control; meanwhile, by adding the access result verification function, whether the final result is correct or not can be verified after the user receives the access result, and the influence on the correctness of data analysis due to the fact that the user obtains wrong data is avoided.
According to a first aspect of embodiments of the present disclosure, there is provided a distributed privacy data processing system, comprising:
the sensor is used for collecting patient data and uploading the patient data to the distributed database; the method comprises the steps that any original data in patient data are split into first data and second data, and the sum of the first data and the second data is equal to the original data; respectively storing the first data and the second data;
the distributed database comprises a first data server and a second data server, wherein the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server; carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the verification center is used for receiving an access result verification request of an authorized user and verifying the access result based on a preset rule;
the authorized user is used for receiving the patient data ciphertext and decrypting the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
Further, the distributed privacy data processing system needs to perform initialization setting in advance, including performing key distribution for the first data server, the second data server, and the authorized user, where the key includes a public key and a private key.
Further, the obtaining intermediate data based on the first data and the public key specifically includes: the first data server, computingObtaining intermediate data A 1 And B 1 ;
Wherein g is a generator, g 1 = N +1 as another generator, r 1 Is derived fromIn a randomly selected intermediate parameter, whereinρ is a large integer not exceeding N, x 1 For the first data, pk is the public key and N is the product of two large prime numbers selected by the first data server and the second data server.
Further, the generating an original data cipher text based on the second data, the public key, and the intermediate data from the first data server specifically includes: the second data server computingAnd calculateGenerating ciphertext [ x ] of original data x]=(A,B);
Wherein x is 2 Is the second data, r 2 To be driven fromIn a randomly selected intermediate parameter, whereinρ is a large integer not exceeding N.
Further, the re-encrypting the original data cipher text by using the public key of the authorized user specifically includes: the second data server calculates based on the obtained raw data cryptograph (A, B)Andthen (A, B, A') is sent to the first data server, which calculatesObtaining the re-encrypted original data cipher text (A', b), where sk 1 Is a private key, sk, of the first data server 2 Is the private key of the second data server, m is the user identification, pk m Is the authorized user public key.
Further, the receiving and decrypting the patient data ciphertext specifically comprises:
Further, the access result is verified based on the preset rule, which specifically includes: judging whether the following formula is satisfied:
[y-x]=[(y 1 -x 1 )q 1 (y 1 ,y 2 )]·[(y 2 -x 2 )q 2 (y 1 ,y 2 )]
if yes, the access result is correct, and 1 is returned to the authorized user; otherwise, the access result is wrong, and 0 is returned, wherein y = y 1 +y 2 As intermediate data, y 1 For a random data stored in the first data server, y 2 For a random data stored in the second data server, q 1 (y 1 ),q 2 (y 1 ) Respectively transmitting random data y to the first data server 1 Are respectively introduced into polynomials q 1 (y),q 2 (y) the resulting intermediate parameter, q 1 (y 1 ,y 2 ),q 2 (y 1 ,y 2 ) Respectively for the second data server in the q obtained based on the first data server 1 (y 1 ),q 2 (y 1 ) Continue to bring in random data y on the basis 2 The resulting intermediate parameter.
According to a second aspect of the embodiments of the present disclosure, there is provided a distributed private data processing method, which is based on the foregoing distributed private data processing system, and includes:
patient data are collected and uploaded to a distributed database; the method comprises the steps that any original data in patient data are split into first data and second data, and the sum of the first data and the second data is equal to the original data; respectively transmitting the first data and the second data to a first data server and a second data server;
the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server;
carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the authorized user receives and decrypts the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
According to a third aspect of the embodiments of the present disclosure, there is provided an electronic device, including a memory, a processor, and a computer program stored in the memory and running on the memory, where the processor implements the distributed private data processing method when executing the program.
According to a fourth aspect of embodiments of the present disclosure, there is provided a non-transitory computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements a distributed privacy data processing method as described.
Compared with the prior art, this disclosed beneficial effect is:
the scheme is based on splitting of original data, access control is achieved, and meanwhile internal attack is effectively avoided; meanwhile, by adding the access result verification function, whether the final result is correct or not can be verified after the user receives the access result, the problem that the access result of the user is wrong due to the fact that malicious data server administrators provide wrong data is effectively avoided, and the correctness of data analysis is further effectively guaranteed.
Advantages of additional aspects of the disclosure will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the disclosure.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure, illustrate embodiments of the disclosure and together with the description serve to explain the disclosure and are not to limit the disclosure.
Fig. 1 is a flowchart illustrating the operation of a distributed privacy data processing system according to an embodiment of the present disclosure.
Detailed Description
The present disclosure is further described with reference to the following drawings and examples.
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments according to the present disclosure. As used herein, the singular forms "a", "an", and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
The first embodiment is as follows:
an object of the present embodiment is to provide a distributed privacy data processing system.
A distributed private data processing system, comprising:
the sensor is used for collecting patient data and uploading the patient data to the distributed database; the method comprises the steps that any original data in patient data are split into first data and second data, and the sum of the first data and the second data is equal to the original data; respectively storing the first data and the second data;
the distributed database comprises a first data server and a second data server, wherein the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server; carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the verification center is used for receiving an access result verification request of an authorized user and verifying the access result based on a preset rule;
the authorized user is used for receiving the patient data ciphertext and decrypting the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
Further, the distributed privacy data processing system needs to perform initialization setting in advance, including performing key distribution for the first data server, the second data server, and the authorized user, where the key includes a public key and a private key.
Further, the obtaining intermediate data based on the first data and the public key specifically includes: the first data server, computingObtaining intermediate data A 1 And B 1 ;
Wherein g is a generator, g 1 = N +1 for another generator, r 1 To be driven fromIn a randomly selected intermediate parameter (whereinρ is a large integer not exceeding N), x 1 For the first data, pk is the public key and N is the product of two large prime numbers selected by the first data server and the second data server.
Further, the generating an original data cipher text based on the second data, the public key, and the intermediate data from the first data server specifically includes: the second data server computingAnd calculateGenerating ciphertext [ x ] of original data x]=(A,B);
Wherein x is 2 Is the second data, r 2 Is derived fromIn a randomly selected intermediate parameter (whereinρ is a large integer not exceeding N).
Further, the re-encrypting the original data cipher text by using the public key of the authorized user specifically includes: the second data server calculates based on the obtained raw data cryptograms (A, B)Andthen (A, B, A') is sent to the first data server, which calculatesObtaining the re-encrypted original data cipher text (A', B), wherein sk 1 Is a private key, sk, of the first data server 2 Is the private key of the second data server, m is the user identification, pk m Is the authorized user public key.
Further, the receiving and decrypting the patient data ciphertext specifically includes:
Further, the verifying the access result based on the preset rule specifically includes: judging whether the following formula is satisfied:
[y-x]=[(y 1 -x 1 )q 1 (y 1 ,y 2 )]·[(y 2 -x 2 )q 2 (y 1 ,y 2 )]
if yes, the access result is correct, and 1 is returned to the authorized user; otherwise, the access result is wrong, and 0 is returned, wherein y = y 1 +y 2 As intermediate data, y 1 For a random data stored in the first data server, y 2 For a random data stored in the second data server, q 1 (y 1 ),q 2 (y 1 ) Respectively transmitting random data y to the first data server 1 Separately introduced polynomial q 1 (y),q 2 (y) the obtained intermediate parameter, q 1 (y 1 ,y 2 ),q 2 (y 1 ,y 2 ) Respectively for the second data server in the q obtained based on the first data server 1 (y),q 2 (y) continuing to carry in random data y on the basis of 2 The resulting polynomial (wherein q is 1 (y),q 2 (y) x = x for the sensor based on data obtained by authorized user 1 +x 2 Then f (y) = y 1 +y 2 Is a binary polynomial, f (x) = x).
Specifically, for the convenience of understanding, the scheme of the present embodiment is described in detail below with reference to the accompanying drawings:
based on the problems existing in the existing method, the embodiment provides a distributed privacy data processing system, and specifically, after a sensor collects patient data, a data collection protocol is adopted to split a piece of original data x into x 1 ,x 2 So that x = x 1 +x 2 And respectively transmitted to the two data servers through the secure channels. On this basis, the embodiment provides a verifiable distributed privacy data processing system which can be used by only authorized users and specifically comprises a sensor, a distributed database (comprising two data servers), a verification center and the authorized users. When a user wants to access data x = x 1 +x 2 Then, the system operation steps are as follows:
step 1: a key generation phase. For the security parameter k, two data serversTwo different large prime numbers p, q are selected and N = pq is calculated. Then randomly selecting an integer N E {2,3 2 Let generator g = (1 + npnnmodn2, satisfying that g-1/N is not an integer two servers DS1, DS2 select their own private key sk1, sk2 ∈ Z ρ = {1, 2., ρ -1}, where ρ is a large integer less than N, and calculate the public key pki = gski, respectively, where i =1,2g 1 =N+1。
Step 2: an encryption phase consisting of two data servers DS 1 、DS 2 And (4) performing cooperative operation.
Ciphertext [ x ] = E (x, pk) = (a, B) of original data x is generated through the above steps.
And step 3: and (5) a re-encryption stage. To achieve access control to users, we propose a re-encryption scheme. Suppose that an authorized user m has a key pair (sk) m ,pk m ) WhereinThe purpose of re-encryption is to convert the encrypted data into ciphertext under the public key of the authorized user, so that only the authorized user can obtain the mostFinal data results. The re-encryption process is as follows:
when DS is used 2 Obtaining encrypted data [ x ]]When = (A, B), calculationAndthen (A, b, A') is transmitted to the DS 1 。DS 1 Computing
Through the above process, DS 1 Finally obtaining cipher text under the public key of authorized userAnd sends (A', B) to the authorized user m.
And 4, step 4: and a decryption stage. After the authorized user receives the ciphertext, a final access result can be obtained through a decryption algorithm.
And 5: to prevent an untrusted cloud server from using the wrong data to disturb the results, the authorized user may request verification that the results are correct. The verification process is as follows:
upon receiving the request for verification, the sensor uses the polynomial decomposition theorem to decompose the polynomial f (y) -f (x) 1 ,x 2 ) Is converted into(wherein the polynomial f (y) = y) 1 +y 2 ,f(x 1 ,x 2 )=x 1 +x 2 = x, and q 1 (y),q 2 (y) can be obtained within polynomial time using the polynomial decomposition theorem), and q is calculated 1 (y),q 2 (y) to DS 1 。
DS 1 Randomly selecting data y 1 ∈Z N 、Then calculate And q is 1 (y 1 ),q 2 (y 1 ). Due to (A) 1 ,B 1 )=[x 1 ],DS 1 Can obtain [ y 1 -x 1 ]=[y 1 ]·[x 1 ] N-1 Then, DS 1 Sending,q 1 (y 1 )、q 2 (y 1 ) And [ y 1 -x 1 ]To DS 2 。
DS 2 Randomly selecting data y 2 ∈Z N 、Then calculate And q is 1 (y 1 ,y 2 ),q 2 (y 1 ,y 2 ). Similarly, by (A) 2 ,B 2 )=[x 2 ],DS 2 Can obtain [ y 2 -x 2 ]=[y 2 ]·[x 2 ] N-1 。
Then, further calculating At the same time, by calculating DS 2 Can obtain [ y]=[y 1 +y 2 ]=(A y ,B y ). Thus, DS 2 Can calculate [ y]·[x] N-1 =[y-x]. Finally, DS 2 Sending [ (y) 1 -x 1 )q 1 (y 1 ,y 2 )],[(y 2 -x 2 )q 2 (y 1 ,y 2 )]And [ y-x]To a verification center.
The verification center tests whether the following equation is satisfied:
[y-x]=[(y 1 -x 1 )q 1 (y 1 ,y 2 )]·[(y 2 -x 2 )q 2 (y 1 ,y 2 )]
if the two sides of the formula are equal, the verification center will return 1 to the user, otherwise it returns 0.
Step 6: a joint decryption stage. When data analysis is performed, we may need some intermediate results, and the two data servers can jointly decrypt the ciphertext of the needed results.
The second embodiment:
the embodiment aims to provide a distributed privacy data processing method.
A distributed private data processing method, which is based on the above-mentioned distributed private data processing system, includes:
patient data are collected and uploaded to a distributed database; the method comprises the steps that any original data in patient data are split into first data and second data, and the sum of the first data and the second data is equal to the original data; respectively transmitting the first data and the second data to a first data server and a second data server;
the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server;
carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the authorized user receives and decrypts the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
Further, the technical details of the method according to this embodiment are described in detail in the system according to the first embodiment, and thus are not described herein again.
In further embodiments, there is also provided:
an electronic device comprising a memory and a processor and computer instructions stored on the memory and executed on the processor, the computer instructions when executed by the processor performing the method of embodiment two. For brevity, further description is omitted herein.
It should be understood that in this embodiment, the processor may be a central processing unit CPU, and the processor may also be other general purpose processor, a digital signal processor DSP, an application specific integrated circuit ASIC, an off-the-shelf programmable gate array FPGA or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory may include both read-only memory and random access memory and may provide instructions and data to the processor, and a portion of the memory may also include non-volatile random access memory. For example, the memory may also store device type information.
A computer readable storage medium storing computer instructions which, when executed by a processor, perform the method of embodiment two.
The method in the second embodiment may be directly implemented by a hardware processor, or implemented by a combination of hardware and software modules in the processor. The software modules may be located in ram, flash, rom, prom, or eprom, registers, among other storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and combines hardware thereof to complete the steps of the method. To avoid repetition, it is not described in detail here.
Those of ordinary skill in the art will appreciate that the various illustrative elements, i.e., algorithm steps, described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
The distributed privacy data processing system and the distributed privacy data processing method can be realized, and have wide application prospects.
The above description is only a preferred embodiment of the present disclosure and is not intended to limit the present disclosure, and various modifications and changes may be made to the present disclosure by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.
Claims (10)
1. A distributed private data processing system, comprising:
the sensor is used for collecting patient data and uploading the patient data to the distributed database; splitting any original data in patient data into first data and second data, wherein the sum of the first data and the second data is equal to the original data; respectively storing the first data and the second data;
the distributed database comprises a first data server and a second data server, wherein the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server; carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the verification center is used for receiving an access result verification request of an authorized user and verifying an access result based on a preset rule;
the authorized user is used for receiving the patient data ciphertext and decrypting the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
2. The distributed privacy data processing system of claim 1, wherein the distributed privacy data processing system requires initialization settings in advance, including key distribution for the first data server, the second data server, and authorized users, the keys including public and private keys.
3. The distributed private data processing system according to claim 1, wherein the obtaining of the intermediate data based on the first data and the public key specifically includes: the first data server, computing Obtaining intermediate data A 1 And B 1 ;
Wherein g is a generator, g 1 = N +1 for another generator, r 1 To be driven fromIn a randomly selected intermediate parameter, whereinρ is a large integer not exceeding N, x 1 For the first data, pk is the public key and N is the product of two large prime numbers selected by the first data server and the second data server.
4. The distributed privacy data processing system of claim 1, wherein the generating of the original data ciphertext based on the second data, the public key, and the intermediate data from the first data server is specifically: the second data server computingAnd calculate Generating ciphertext [ x ] of original data x]=(A,B);
5. The distributed privacy data processing system of claim 1, wherein the re-encrypting the original data ciphertext with a public key of an authorized user is specifically: the second data server calculates based on the obtained raw data cryptograph (A, B)Andthen (A, B, A') is sent to the first data server, which calculatesObtaining the re-encrypted original data cipher text (A', B), wherein sk 1 Is a private key, sk, of the first data server 2 Is the private key of the second data server, m is the user identification, pk m Is the authorized user public key.
7. The distributed privacy data processing system according to claim 1, wherein the verification of the access result based on the preset rule is specifically: judging whether the following formula is satisfied:
[y-x]=[(y 1 -x 1 )q 1 (y 1 ,y 2 )]·[(y 2 -x 2 )q 2 (y 1 ,y 2 )]
if yes, the access result is correct, and 1 is returned to the authorized user; otherwise, the access result is wrong, and 0,y = y is returned 1 +y 2 As intermediate data, y 1 For a random data stored in the first data server, y 2 For a random data stored in the second data server, q 1 (y 1 ),q 2 (y 1 ) Respectively transmitting random data y to the first data server 1 Are respectively introduced into polynomials q 1 (y),q 2 (y) the obtained intermediate parameter, q 1 (y 1 ,y 2 ),q 2 (y 1 ,y 2 ) Q obtained by the second data server based on the first data server 1 (y),q 2 (y) continuing to carry in random data y on the basis of 2 The resulting polynomial.
8. A distributed private data processing method, characterized in that it is based on a distributed private data processing system according to any of claims 1-7, comprising:
patient data are collected and uploaded to a distributed database; splitting any original data in patient data into first data and second data, wherein the sum of the first data and the second data is equal to the original data; respectively transmitting the first data and the second data to a first data server and a second data server;
the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server;
carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the authorized user receives and decrypts the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
9. An electronic device comprising a memory, a processor and a computer program stored for execution on the memory, wherein the processor, when executing the program, implements a distributed private data processing method according to claim 8.
10. A non-transitory computer-readable storage medium on which a computer program is stored, the program, when executed by a processor, implementing a distributed private data processing method according to claim 8.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210825275.3A CN115225669B (en) | 2022-07-14 | 2022-07-14 | Distributed privacy data processing system and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210825275.3A CN115225669B (en) | 2022-07-14 | 2022-07-14 | Distributed privacy data processing system and method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115225669A true CN115225669A (en) | 2022-10-21 |
CN115225669B CN115225669B (en) | 2024-04-05 |
Family
ID=83611487
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210825275.3A Active CN115225669B (en) | 2022-07-14 | 2022-07-14 | Distributed privacy data processing system and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115225669B (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107040510A (en) * | 2016-11-30 | 2017-08-11 | 华侨大学 | A kind of medical big data processing method based on body area network and cloud computing |
CN107070879A (en) * | 2017-02-15 | 2017-08-18 | 北京深思数盾科技股份有限公司 | Data guard method and system |
WO2018045568A1 (en) * | 2016-09-09 | 2018-03-15 | 深圳大学 | Access control method oriented to cloud storage service platform and system thereof |
CN112261082A (en) * | 2020-09-21 | 2021-01-22 | 中国科学院计算技术研究所 | Passive DNS data sharing method and system based on block chain and safe multi-party computation |
CN113407627A (en) * | 2021-06-17 | 2021-09-17 | 安徽师范大学 | Intelligent medical network system based on block chain and medical data sharing method |
-
2022
- 2022-07-14 CN CN202210825275.3A patent/CN115225669B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018045568A1 (en) * | 2016-09-09 | 2018-03-15 | 深圳大学 | Access control method oriented to cloud storage service platform and system thereof |
CN107040510A (en) * | 2016-11-30 | 2017-08-11 | 华侨大学 | A kind of medical big data processing method based on body area network and cloud computing |
CN107070879A (en) * | 2017-02-15 | 2017-08-18 | 北京深思数盾科技股份有限公司 | Data guard method and system |
CN112261082A (en) * | 2020-09-21 | 2021-01-22 | 中国科学院计算技术研究所 | Passive DNS data sharing method and system based on block chain and safe multi-party computation |
CN113407627A (en) * | 2021-06-17 | 2021-09-17 | 安徽师范大学 | Intelligent medical network system based on block chain and medical data sharing method |
Non-Patent Citations (1)
Title |
---|
朱建明: "基于区块链的隐私保护可信联邦学习模型", 《计算机学报》, vol. 44, no. 12, 31 December 2021 (2021-12-31) * |
Also Published As
Publication number | Publication date |
---|---|
CN115225669B (en) | 2024-04-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Chatterjee et al. | An effective ECC‐based user access control scheme with attribute‐based encryption for wireless sensor networks | |
US8516268B2 (en) | Secure field-programmable gate array (FPGA) architecture | |
Lee et al. | Secure key management scheme based on ECC algorithm for patient's medical information in healthcare system | |
CN103124269B (en) | Based on the Bidirectional identity authentication method of dynamic password and biological characteristic under cloud environment | |
CN108040056B (en) | Safe medical big data system based on Internet of things | |
CN104253694B (en) | A kind of time slot scrambling for network data transmission | |
Maitra et al. | An efficient biometric and password-based remote user authentication using smart card for telecare medical information systems in multi-server environment | |
Sudarsono et al. | A secure data sharing using identity-based encryption scheme for e-healthcare system | |
CN104270242A (en) | Encryption and decryption device used for network data encryption transmission | |
CN204180095U (en) | A kind of ciphering and deciphering device for network data encryption transmission | |
Gowtham et al. | Privacy enhanced data communication protocol for wireless body area network | |
CN111931249A (en) | Medical secret data statistical analysis method supporting transmission fault-tolerant mechanism | |
Belkhouja et al. | Role-based hierarchical medical data encryption for implantable medical devices | |
CN111079178B (en) | Method for desensitizing and backtracking trusted electronic medical record | |
Boussada et al. | A lightweight privacy-preserving solution for IoT: The case of E-health | |
Yu et al. | SALS-TMIS: Secure, anonymous, and lightweight privacy-preserving scheme for IoMT-enabled TMIS environments | |
Li et al. | Design of a secure and effective medical cyber‐physical system for ubiquitous telemonitoring pregnancy | |
EP3010173B1 (en) | Key storage device, key storage method, and program therefor | |
Babu et al. | Revamping data access privacy preservation method against inside attacks in wireless sensor networks | |
Zhang et al. | Efficient obfuscation for encrypted identity-based signatures in wireless body area networks | |
Zhao et al. | Lightweight Privacy‐Preserving Data Sharing Scheme for Internet of Medical Things | |
CN113890890B (en) | Efficient data management method applied to intelligent medical system | |
Lu et al. | A chaotic-map-based password-authenticated key exchange protocol for telecare medicine information systems | |
Basnet et al. | A novel secure patient data transmission through wireless body area network: Health tele-monitoring | |
Hussein | Cloud-Based Efficient and Secure Scheme for Medical Images Storage and Sharing using ECC and SHA-3 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |