CN115225669A - Distributed private data processing system and method - Google Patents

Distributed private data processing system and method Download PDF

Info

Publication number
CN115225669A
CN115225669A CN202210825275.3A CN202210825275A CN115225669A CN 115225669 A CN115225669 A CN 115225669A CN 202210825275 A CN202210825275 A CN 202210825275A CN 115225669 A CN115225669 A CN 115225669A
Authority
CN
China
Prior art keywords
data
server
data server
ciphertext
distributed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210825275.3A
Other languages
Chinese (zh)
Other versions
CN115225669B (en
Inventor
韩姣
庄金成
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong University
Original Assignee
Shandong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong University filed Critical Shandong University
Priority to CN202210825275.3A priority Critical patent/CN115225669B/en
Publication of CN115225669A publication Critical patent/CN115225669A/en
Application granted granted Critical
Publication of CN115225669B publication Critical patent/CN115225669B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a distributed privacy data processing system and a distributed privacy data processing method, which belong to the technical field of medical data processing, wherein the scheme is based on splitting of original data, so that access control is realized, and internal attack is effectively avoided; meanwhile, by adding the access result verification function, whether the final result is correct or not can be verified after the user receives the access result, the problem that the access result of the user is wrong due to the fact that malicious data server administrators provide wrong data is effectively avoided, and the correctness of data analysis is further effectively guaranteed.

Description

Distributed privacy data processing system and method
Technical Field
The disclosure belongs to the technical field of medical data processing, and particularly relates to a distributed privacy data processing system and method.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
A Wireless Sensor Network (WSN) is a distributed sensor network consisting of a set of distributed, dedicated sensors. Such networks are gradually beginning to penetrate into the medical field of doctors and patients. The device can remotely monitor physiological parameters of the heart rate, the blood pressure and the like of a patient, and collects and transmits information to a monitoring center.
Wireless medical sensor networks can provide medical services to patients while ensuring their comfort of life. However, patient sensitive physiological data transmitted through public channels and stored in backend systems presents a number of potential security threats. Examples of threats include eavesdropping, impersonation, data integrity, data leakage, collusion, and the like. These threats present new challenges such as privacy management of patient personal data, etc. Accordingly, various approaches are being attempted to protect patient data from various threats and attacks. Such as private key cryptography, public key cryptography, k-anonymity, etc. Most solutions focus on protecting data from external attacks during communication. However, internal attacks where the patient database proprietor reveals sensitive patient information may also have serious consequences. For example, a malicious patient database administrator may use patient data (e.g., patient identity) for medical fraud, fraudulent insurance claims, and sometimes even a life-threatening risk. Therefore, how to propose a data protection system capable of effectively preventing external and internal attacks is a research topic of attention.
In 2013, yi et al proposed a system based on private key encryption to protect data from internal attacks, where the shared system consists of three servers for storing data. The sensor divides the patient data into three parts, makes the sum equal to the raw data, and then sends them to three data servers, respectively. At this point, the patient data can be effectively protected as long as both servers are not attacked. Meanwhile, they propose a lightweight encryption algorithm to create a secure channel to protect the communication between the sensor nodes and the shared system. Then Yi and Bouguettaya et al propose a privacy data protection scheme based on Paillier and ElGamal cryptographic systems, as long as two servers are not attacked, the patient data can be effectively protected. In addition, they propose a SHA-3 based data acquisition protocol so that the sensor effectively randomly divides the raw data into three parts. In 2017, bhuiya et al proposed a new patient privacy preserving data collection framework and protected private data using a distributed database consisting of multiple edge servers. In 2018, luo et al considered a Slepian-Wolf code based data collection protocol for secret sharing and achieving access control to users through cooperation of multiple servers. Later, solomon et al incorporated attribute encryption to implement access control functionality based on distributed database systems. In such a distributed data system, if a malicious data server provides erroneous data, the results obtained by the user will be erroneous. However, the inventor finds that the distributed data scheme with the medical sensing network is mostly concerned about resisting internal and external attacks at present, but does not pay attention to the problem of data correctness, however, if a malicious data server provides wrong data, the result obtained by a user is wrong, and the correctness of data analysis is further influenced.
Disclosure of Invention
In order to solve the above problems, the present disclosure provides a distributed private data processing system and method, where the scheme is based on splitting of original data, and effectively avoids internal attack while implementing access control; meanwhile, by adding the access result verification function, whether the final result is correct or not can be verified after the user receives the access result, and the influence on the correctness of data analysis due to the fact that the user obtains wrong data is avoided.
According to a first aspect of embodiments of the present disclosure, there is provided a distributed privacy data processing system, comprising:
the sensor is used for collecting patient data and uploading the patient data to the distributed database; the method comprises the steps that any original data in patient data are split into first data and second data, and the sum of the first data and the second data is equal to the original data; respectively storing the first data and the second data;
the distributed database comprises a first data server and a second data server, wherein the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server; carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the verification center is used for receiving an access result verification request of an authorized user and verifying the access result based on a preset rule;
the authorized user is used for receiving the patient data ciphertext and decrypting the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
Further, the distributed privacy data processing system needs to perform initialization setting in advance, including performing key distribution for the first data server, the second data server, and the authorized user, where the key includes a public key and a private key.
Further, the obtaining intermediate data based on the first data and the public key specifically includes: the first data server, computing
Figure BDA0003746261100000021
Obtaining intermediate data A 1 And B 1
Wherein g is a generator, g 1 = N +1 as another generator, r 1 Is derived from
Figure BDA0003746261100000022
In a randomly selected intermediate parameter, wherein
Figure BDA0003746261100000023
ρ is a large integer not exceeding N, x 1 For the first data, pk is the public key and N is the product of two large prime numbers selected by the first data server and the second data server.
Further, the generating an original data cipher text based on the second data, the public key, and the intermediate data from the first data server specifically includes: the second data server computing
Figure BDA0003746261100000031
And calculate
Figure BDA0003746261100000032
Generating ciphertext [ x ] of original data x]=(A,B);
Wherein x is 2 Is the second data, r 2 To be driven from
Figure BDA0003746261100000033
In a randomly selected intermediate parameter, wherein
Figure BDA0003746261100000034
ρ is a large integer not exceeding N.
Further, the re-encrypting the original data cipher text by using the public key of the authorized user specifically includes: the second data server calculates based on the obtained raw data cryptograph (A, B)
Figure BDA0003746261100000035
And
Figure BDA0003746261100000036
then (A, B, A') is sent to the first data server, which calculates
Figure BDA0003746261100000037
Obtaining the re-encrypted original data cipher text (A', b), where sk 1 Is a private key, sk, of the first data server 2 Is the private key of the second data server, m is the user identification, pk m Is the authorized user public key.
Further, the receiving and decrypting the patient data ciphertext specifically comprises:
authorized user computing
Figure BDA0003746261100000038
Then raw data x = L (B · g) L′ /A″modN 2 )。
Further, the access result is verified based on the preset rule, which specifically includes: judging whether the following formula is satisfied:
[y-x]=[(y 1 -x 1 )q 1 (y 1 ,y 2 )]·[(y 2 -x 2 )q 2 (y 1 ,y 2 )]
if yes, the access result is correct, and 1 is returned to the authorized user; otherwise, the access result is wrong, and 0 is returned, wherein y = y 1 +y 2 As intermediate data, y 1 For a random data stored in the first data server, y 2 For a random data stored in the second data server, q 1 (y 1 ),q 2 (y 1 ) Respectively transmitting random data y to the first data server 1 Are respectively introduced into polynomials q 1 (y),q 2 (y) the resulting intermediate parameter, q 1 (y 1 ,y 2 ),q 2 (y 1 ,y 2 ) Respectively for the second data server in the q obtained based on the first data server 1 (y 1 ),q 2 (y 1 ) Continue to bring in random data y on the basis 2 The resulting intermediate parameter.
According to a second aspect of the embodiments of the present disclosure, there is provided a distributed private data processing method, which is based on the foregoing distributed private data processing system, and includes:
patient data are collected and uploaded to a distributed database; the method comprises the steps that any original data in patient data are split into first data and second data, and the sum of the first data and the second data is equal to the original data; respectively transmitting the first data and the second data to a first data server and a second data server;
the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server;
carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the authorized user receives and decrypts the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
According to a third aspect of the embodiments of the present disclosure, there is provided an electronic device, including a memory, a processor, and a computer program stored in the memory and running on the memory, where the processor implements the distributed private data processing method when executing the program.
According to a fourth aspect of embodiments of the present disclosure, there is provided a non-transitory computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements a distributed privacy data processing method as described.
Compared with the prior art, this disclosed beneficial effect is:
the scheme is based on splitting of original data, access control is achieved, and meanwhile internal attack is effectively avoided; meanwhile, by adding the access result verification function, whether the final result is correct or not can be verified after the user receives the access result, the problem that the access result of the user is wrong due to the fact that malicious data server administrators provide wrong data is effectively avoided, and the correctness of data analysis is further effectively guaranteed.
Advantages of additional aspects of the disclosure will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the disclosure.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure, illustrate embodiments of the disclosure and together with the description serve to explain the disclosure and are not to limit the disclosure.
Fig. 1 is a flowchart illustrating the operation of a distributed privacy data processing system according to an embodiment of the present disclosure.
Detailed Description
The present disclosure is further described with reference to the following drawings and examples.
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments according to the present disclosure. As used herein, the singular forms "a", "an", and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
The first embodiment is as follows:
an object of the present embodiment is to provide a distributed privacy data processing system.
A distributed private data processing system, comprising:
the sensor is used for collecting patient data and uploading the patient data to the distributed database; the method comprises the steps that any original data in patient data are split into first data and second data, and the sum of the first data and the second data is equal to the original data; respectively storing the first data and the second data;
the distributed database comprises a first data server and a second data server, wherein the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server; carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the verification center is used for receiving an access result verification request of an authorized user and verifying the access result based on a preset rule;
the authorized user is used for receiving the patient data ciphertext and decrypting the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
Further, the distributed privacy data processing system needs to perform initialization setting in advance, including performing key distribution for the first data server, the second data server, and the authorized user, where the key includes a public key and a private key.
Further, the obtaining intermediate data based on the first data and the public key specifically includes: the first data server, computing
Figure BDA0003746261100000051
Obtaining intermediate data A 1 And B 1
Wherein g is a generator, g 1 = N +1 for another generator, r 1 To be driven from
Figure BDA0003746261100000052
In a randomly selected intermediate parameter (wherein
Figure BDA0003746261100000053
ρ is a large integer not exceeding N), x 1 For the first data, pk is the public key and N is the product of two large prime numbers selected by the first data server and the second data server.
Further, the generating an original data cipher text based on the second data, the public key, and the intermediate data from the first data server specifically includes: the second data server computing
Figure BDA0003746261100000054
And calculate
Figure BDA0003746261100000055
Generating ciphertext [ x ] of original data x]=(A,B);
Wherein x is 2 Is the second data, r 2 Is derived from
Figure BDA0003746261100000056
In a randomly selected intermediate parameter (wherein
Figure BDA0003746261100000057
ρ is a large integer not exceeding N).
Further, the re-encrypting the original data cipher text by using the public key of the authorized user specifically includes: the second data server calculates based on the obtained raw data cryptograms (A, B)
Figure BDA0003746261100000058
And
Figure BDA0003746261100000059
then (A, B, A') is sent to the first data server, which calculates
Figure BDA00037462611000000510
Obtaining the re-encrypted original data cipher text (A', B), wherein sk 1 Is a private key, sk, of the first data server 2 Is the private key of the second data server, m is the user identification, pk m Is the authorized user public key.
Further, the receiving and decrypting the patient data ciphertext specifically includes:
authorized user computing
Figure BDA0003746261100000061
Then raw data x = L (B · g) L′ /A″modN 2 )。
Further, the verifying the access result based on the preset rule specifically includes: judging whether the following formula is satisfied:
[y-x]=[(y 1 -x 1 )q 1 (y 1 ,y 2 )]·[(y 2 -x 2 )q 2 (y 1 ,y 2 )]
if yes, the access result is correct, and 1 is returned to the authorized user; otherwise, the access result is wrong, and 0 is returned, wherein y = y 1 +y 2 As intermediate data, y 1 For a random data stored in the first data server, y 2 For a random data stored in the second data server, q 1 (y 1 ),q 2 (y 1 ) Respectively transmitting random data y to the first data server 1 Separately introduced polynomial q 1 (y),q 2 (y) the obtained intermediate parameter, q 1 (y 1 ,y 2 ),q 2 (y 1 ,y 2 ) Respectively for the second data server in the q obtained based on the first data server 1 (y),q 2 (y) continuing to carry in random data y on the basis of 2 The resulting polynomial (wherein q is 1 (y),q 2 (y) x = x for the sensor based on data obtained by authorized user 1 +x 2 Then f (y) = y 1 +y 2 Is a binary polynomial, f (x) = x).
Specifically, for the convenience of understanding, the scheme of the present embodiment is described in detail below with reference to the accompanying drawings:
based on the problems existing in the existing method, the embodiment provides a distributed privacy data processing system, and specifically, after a sensor collects patient data, a data collection protocol is adopted to split a piece of original data x into x 1 ,x 2 So that x = x 1 +x 2 And respectively transmitted to the two data servers through the secure channels. On this basis, the embodiment provides a verifiable distributed privacy data processing system which can be used by only authorized users and specifically comprises a sensor, a distributed database (comprising two data servers), a verification center and the authorized users. When a user wants to access data x = x 1 +x 2 Then, the system operation steps are as follows:
step 1: a key generation phase. For the security parameter k, two data serversTwo different large prime numbers p, q are selected and N = pq is calculated. Then randomly selecting an integer N E {2,3 2 Let generator g = (1 + npnnmodn2, satisfying that g-1/N is not an integer two servers DS1, DS2 select their own private key sk1, sk2 ∈ Z ρ = {1, 2., ρ -1}, where ρ is a large integer less than N, and calculate the public key pki = gski, respectively, where i =1,2
Figure BDA0003746261100000062
g 1 =N+1。
Step 2: an encryption phase consisting of two data servers DS 1 、DS 2 And (4) performing cooperative operation.
In order to encrypt the message x = x 1 +x 2 ,DS 1 Calculating out
Figure BDA0003746261100000063
And will (A) 1 ,B 1 ) To DS 2
DS 2 Calculating out
Figure BDA0003746261100000064
And calculate
Figure BDA0003746261100000065
Figure BDA0003746261100000066
Then (a, B) = E (x, pk) = [ x]。
Ciphertext [ x ] = E (x, pk) = (a, B) of original data x is generated through the above steps.
And step 3: and (5) a re-encryption stage. To achieve access control to users, we propose a re-encryption scheme. Suppose that an authorized user m has a key pair (sk) m ,pk m ) Wherein
Figure BDA0003746261100000067
The purpose of re-encryption is to convert the encrypted data into ciphertext under the public key of the authorized user, so that only the authorized user can obtain the mostFinal data results. The re-encryption process is as follows:
when DS is used 2 Obtaining encrypted data [ x ]]When = (A, B), calculation
Figure BDA0003746261100000071
And
Figure BDA0003746261100000072
then (A, b, A') is transmitted to the DS 1 。DS 1 Computing
Figure BDA0003746261100000073
Through the above process, DS 1 Finally obtaining cipher text under the public key of authorized user
Figure BDA0003746261100000074
And sends (A', B) to the authorized user m.
And 4, step 4: and a decryption stage. After the authorized user receives the ciphertext, a final access result can be obtained through a decryption algorithm.
Authorized user m calculation
Figure BDA0003746261100000075
Then x = L (B · g) L′ /A″modN 2 )。
And 5: to prevent an untrusted cloud server from using the wrong data to disturb the results, the authorized user may request verification that the results are correct. The verification process is as follows:
upon receiving the request for verification, the sensor uses the polynomial decomposition theorem to decompose the polynomial f (y) -f (x) 1 ,x 2 ) Is converted into
Figure BDA0003746261100000076
(wherein the polynomial f (y) = y) 1 +y 2 ,f(x 1 ,x 2 )=x 1 +x 2 = x, and q 1 (y),q 2 (y) can be obtained within polynomial time using the polynomial decomposition theorem), and q is calculated 1 (y),q 2 (y) to DS 1
DS 1 Randomly selecting data y 1 ∈Z N
Figure BDA00037462611000000720
Then calculate
Figure BDA0003746261100000077
Figure BDA0003746261100000078
And q is 1 (y 1 ),q 2 (y 1 ). Due to (A) 1 ,B 1 )=[x 1 ],
Figure BDA00037462611000000721
DS 1 Can obtain [ y 1 -x 1 ]=[y 1 ]·[x 1 ] N-1 Then, DS 1 Sending,
Figure BDA0003746261100000079
q 1 (y 1 )、q 2 (y 1 ) And [ y 1 -x 1 ]To DS 2
DS 2 Randomly selecting data y 2 ∈Z N
Figure BDA00037462611000000710
Then calculate
Figure BDA00037462611000000711
Figure BDA00037462611000000712
And q is 1 (y 1 ,y 2 ),q 2 (y 1 ,y 2 ). Similarly, by (A) 2 ,B 2 )=[x 2 ],
Figure BDA00037462611000000713
DS 2 Can obtain [ y 2 -x 2 ]=[y 2 ]·[x 2 ] N-1
Then, further calculating
Figure BDA00037462611000000714
Figure BDA00037462611000000715
At the same time, by calculating
Figure BDA00037462611000000716
Figure BDA00037462611000000717
DS 2 Can obtain [ y]=[y 1 +y 2 ]=(A y ,B y ). Thus, DS 2 Can calculate [ y]·[x] N-1 =[y-x]. Finally, DS 2 Sending [ (y) 1 -x 1 )q 1 (y 1 ,y 2 )],[(y 2 -x 2 )q 2 (y 1 ,y 2 )]And [ y-x]To a verification center.
The verification center tests whether the following equation is satisfied:
[y-x]=[(y 1 -x 1 )q 1 (y 1 ,y 2 )]·[(y 2 -x 2 )q 2 (y 1 ,y 2 )]
if the two sides of the formula are equal, the verification center will return 1 to the user, otherwise it returns 0.
Step 6: a joint decryption stage. When data analysis is performed, we may need some intermediate results, and the two data servers can jointly decrypt the ciphertext of the needed results.
DS 2 Calculating out
Figure BDA00037462611000000718
And (A, B, C) 2 ) Is sent to the DS 1
DS 1 Computing
Figure BDA00037462611000000719
Then x = L (B/C) 1 C 2 modN 2 )。
The second embodiment:
the embodiment aims to provide a distributed privacy data processing method.
A distributed private data processing method, which is based on the above-mentioned distributed private data processing system, includes:
patient data are collected and uploaded to a distributed database; the method comprises the steps that any original data in patient data are split into first data and second data, and the sum of the first data and the second data is equal to the original data; respectively transmitting the first data and the second data to a first data server and a second data server;
the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server;
carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the authorized user receives and decrypts the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
Further, the technical details of the method according to this embodiment are described in detail in the system according to the first embodiment, and thus are not described herein again.
In further embodiments, there is also provided:
an electronic device comprising a memory and a processor and computer instructions stored on the memory and executed on the processor, the computer instructions when executed by the processor performing the method of embodiment two. For brevity, further description is omitted herein.
It should be understood that in this embodiment, the processor may be a central processing unit CPU, and the processor may also be other general purpose processor, a digital signal processor DSP, an application specific integrated circuit ASIC, an off-the-shelf programmable gate array FPGA or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory may include both read-only memory and random access memory and may provide instructions and data to the processor, and a portion of the memory may also include non-volatile random access memory. For example, the memory may also store device type information.
A computer readable storage medium storing computer instructions which, when executed by a processor, perform the method of embodiment two.
The method in the second embodiment may be directly implemented by a hardware processor, or implemented by a combination of hardware and software modules in the processor. The software modules may be located in ram, flash, rom, prom, or eprom, registers, among other storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and combines hardware thereof to complete the steps of the method. To avoid repetition, it is not described in detail here.
Those of ordinary skill in the art will appreciate that the various illustrative elements, i.e., algorithm steps, described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
The distributed privacy data processing system and the distributed privacy data processing method can be realized, and have wide application prospects.
The above description is only a preferred embodiment of the present disclosure and is not intended to limit the present disclosure, and various modifications and changes may be made to the present disclosure by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.

Claims (10)

1. A distributed private data processing system, comprising:
the sensor is used for collecting patient data and uploading the patient data to the distributed database; splitting any original data in patient data into first data and second data, wherein the sum of the first data and the second data is equal to the original data; respectively storing the first data and the second data;
the distributed database comprises a first data server and a second data server, wherein the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server; carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the verification center is used for receiving an access result verification request of an authorized user and verifying an access result based on a preset rule;
the authorized user is used for receiving the patient data ciphertext and decrypting the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
2. The distributed privacy data processing system of claim 1, wherein the distributed privacy data processing system requires initialization settings in advance, including key distribution for the first data server, the second data server, and authorized users, the keys including public and private keys.
3. The distributed private data processing system according to claim 1, wherein the obtaining of the intermediate data based on the first data and the public key specifically includes: the first data server, computing
Figure FDA0003746261090000011
Figure FDA0003746261090000012
Obtaining intermediate data A 1 And B 1
Wherein g is a generator, g 1 = N +1 for another generator, r 1 To be driven from
Figure FDA0003746261090000013
In a randomly selected intermediate parameter, wherein
Figure FDA0003746261090000014
ρ is a large integer not exceeding N, x 1 For the first data, pk is the public key and N is the product of two large prime numbers selected by the first data server and the second data server.
4. The distributed privacy data processing system of claim 1, wherein the generating of the original data ciphertext based on the second data, the public key, and the intermediate data from the first data server is specifically: the second data server computing
Figure FDA0003746261090000015
And calculate
Figure FDA0003746261090000016
Figure FDA0003746261090000017
Generating ciphertext [ x ] of original data x]=(A,B);
Wherein x is 2 Is the second data, r 2 To be driven from
Figure FDA0003746261090000018
In a randomly selected intermediate parameter, wherein
Figure FDA0003746261090000019
ρ is a large integer not exceeding N.
5. The distributed privacy data processing system of claim 1, wherein the re-encrypting the original data ciphertext with a public key of an authorized user is specifically: the second data server calculates based on the obtained raw data cryptograph (A, B)
Figure FDA0003746261090000021
And
Figure FDA0003746261090000022
then (A, B, A') is sent to the first data server, which calculates
Figure FDA0003746261090000023
Obtaining the re-encrypted original data cipher text (A', B), wherein sk 1 Is a private key, sk, of the first data server 2 Is the private key of the second data server, m is the user identification, pk m Is the authorized user public key.
6. The distributed privacy data processing system of claim 1, wherein the receiving and decrypting of the patient data ciphertext comprises:
authorized user computing
Figure FDA0003746261090000024
Then raw data x = L (B · g) L′ /A″modN 2 )。
7. The distributed privacy data processing system according to claim 1, wherein the verification of the access result based on the preset rule is specifically: judging whether the following formula is satisfied:
[y-x]=[(y 1 -x 1 )q 1 (y 1 ,y 2 )]·[(y 2 -x 2 )q 2 (y 1 ,y 2 )]
if yes, the access result is correct, and 1 is returned to the authorized user; otherwise, the access result is wrong, and 0,y = y is returned 1 +y 2 As intermediate data, y 1 For a random data stored in the first data server, y 2 For a random data stored in the second data server, q 1 (y 1 ),q 2 (y 1 ) Respectively transmitting random data y to the first data server 1 Are respectively introduced into polynomials q 1 (y),q 2 (y) the obtained intermediate parameter, q 1 (y 1 ,y 2 ),q 2 (y 1 ,y 2 ) Q obtained by the second data server based on the first data server 1 (y),q 2 (y) continuing to carry in random data y on the basis of 2 The resulting polynomial.
8. A distributed private data processing method, characterized in that it is based on a distributed private data processing system according to any of claims 1-7, comprising:
patient data are collected and uploaded to a distributed database; splitting any original data in patient data into first data and second data, wherein the sum of the first data and the second data is equal to the original data; respectively transmitting the first data and the second data to a first data server and a second data server;
the first data server receives the first data, obtains intermediate data based on the first data and a public key, and transmits the intermediate data to the second data server; the second data server receives the second data and generates an original data ciphertext based on the second data, the public key and the intermediate data from the first data server;
carrying out re-encryption on the original data ciphertext by using a public key of an authorized user, and sending the original data ciphertext to the authorized user;
the authorized user receives and decrypts the patient data ciphertext to obtain an access result; and verifying whether the access result is correct through the verification center.
9. An electronic device comprising a memory, a processor and a computer program stored for execution on the memory, wherein the processor, when executing the program, implements a distributed private data processing method according to claim 8.
10. A non-transitory computer-readable storage medium on which a computer program is stored, the program, when executed by a processor, implementing a distributed private data processing method according to claim 8.
CN202210825275.3A 2022-07-14 2022-07-14 Distributed privacy data processing system and method Active CN115225669B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210825275.3A CN115225669B (en) 2022-07-14 2022-07-14 Distributed privacy data processing system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210825275.3A CN115225669B (en) 2022-07-14 2022-07-14 Distributed privacy data processing system and method

Publications (2)

Publication Number Publication Date
CN115225669A true CN115225669A (en) 2022-10-21
CN115225669B CN115225669B (en) 2024-04-05

Family

ID=83611487

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210825275.3A Active CN115225669B (en) 2022-07-14 2022-07-14 Distributed privacy data processing system and method

Country Status (1)

Country Link
CN (1) CN115225669B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107040510A (en) * 2016-11-30 2017-08-11 华侨大学 A kind of medical big data processing method based on body area network and cloud computing
CN107070879A (en) * 2017-02-15 2017-08-18 北京深思数盾科技股份有限公司 Data guard method and system
WO2018045568A1 (en) * 2016-09-09 2018-03-15 深圳大学 Access control method oriented to cloud storage service platform and system thereof
CN112261082A (en) * 2020-09-21 2021-01-22 中国科学院计算技术研究所 Passive DNS data sharing method and system based on block chain and safe multi-party computation
CN113407627A (en) * 2021-06-17 2021-09-17 安徽师范大学 Intelligent medical network system based on block chain and medical data sharing method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018045568A1 (en) * 2016-09-09 2018-03-15 深圳大学 Access control method oriented to cloud storage service platform and system thereof
CN107040510A (en) * 2016-11-30 2017-08-11 华侨大学 A kind of medical big data processing method based on body area network and cloud computing
CN107070879A (en) * 2017-02-15 2017-08-18 北京深思数盾科技股份有限公司 Data guard method and system
CN112261082A (en) * 2020-09-21 2021-01-22 中国科学院计算技术研究所 Passive DNS data sharing method and system based on block chain and safe multi-party computation
CN113407627A (en) * 2021-06-17 2021-09-17 安徽师范大学 Intelligent medical network system based on block chain and medical data sharing method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
朱建明: "基于区块链的隐私保护可信联邦学习模型", 《计算机学报》, vol. 44, no. 12, 31 December 2021 (2021-12-31) *

Also Published As

Publication number Publication date
CN115225669B (en) 2024-04-05

Similar Documents

Publication Publication Date Title
Chatterjee et al. An effective ECC‐based user access control scheme with attribute‐based encryption for wireless sensor networks
US8516268B2 (en) Secure field-programmable gate array (FPGA) architecture
Lee et al. Secure key management scheme based on ECC algorithm for patient's medical information in healthcare system
CN103124269B (en) Based on the Bidirectional identity authentication method of dynamic password and biological characteristic under cloud environment
CN108040056B (en) Safe medical big data system based on Internet of things
CN104253694B (en) A kind of time slot scrambling for network data transmission
Maitra et al. An efficient biometric and password-based remote user authentication using smart card for telecare medical information systems in multi-server environment
Sudarsono et al. A secure data sharing using identity-based encryption scheme for e-healthcare system
CN104270242A (en) Encryption and decryption device used for network data encryption transmission
CN204180095U (en) A kind of ciphering and deciphering device for network data encryption transmission
Gowtham et al. Privacy enhanced data communication protocol for wireless body area network
CN111931249A (en) Medical secret data statistical analysis method supporting transmission fault-tolerant mechanism
Belkhouja et al. Role-based hierarchical medical data encryption for implantable medical devices
CN111079178B (en) Method for desensitizing and backtracking trusted electronic medical record
Boussada et al. A lightweight privacy-preserving solution for IoT: The case of E-health
Yu et al. SALS-TMIS: Secure, anonymous, and lightweight privacy-preserving scheme for IoMT-enabled TMIS environments
Li et al. Design of a secure and effective medical cyber‐physical system for ubiquitous telemonitoring pregnancy
EP3010173B1 (en) Key storage device, key storage method, and program therefor
Babu et al. Revamping data access privacy preservation method against inside attacks in wireless sensor networks
Zhang et al. Efficient obfuscation for encrypted identity-based signatures in wireless body area networks
Zhao et al. Lightweight Privacy‐Preserving Data Sharing Scheme for Internet of Medical Things
CN113890890B (en) Efficient data management method applied to intelligent medical system
Lu et al. A chaotic-map-based password-authenticated key exchange protocol for telecare medicine information systems
Basnet et al. A novel secure patient data transmission through wireless body area network: Health tele-monitoring
Hussein Cloud-Based Efficient and Secure Scheme for Medical Images Storage and Sharing using ECC and SHA-3

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant