CN106612328B - Mobile film reading system - Google Patents

Mobile film reading system Download PDF

Info

Publication number
CN106612328B
CN106612328B CN201611186309.XA CN201611186309A CN106612328B CN 106612328 B CN106612328 B CN 106612328B CN 201611186309 A CN201611186309 A CN 201611186309A CN 106612328 B CN106612328 B CN 106612328B
Authority
CN
China
Prior art keywords
data
image data
sub
image
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201611186309.XA
Other languages
Chinese (zh)
Other versions
CN106612328A (en
Inventor
柴雪挺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HANGZHOU LIANZHONG MEDICAL TECHNOLOGY CO LTD
Original Assignee
HANGZHOU LIANZHONG MEDICAL TECHNOLOGY CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by HANGZHOU LIANZHONG MEDICAL TECHNOLOGY CO LTD filed Critical HANGZHOU LIANZHONG MEDICAL TECHNOLOGY CO LTD
Priority to CN201611186309.XA priority Critical patent/CN106612328B/en
Publication of CN106612328A publication Critical patent/CN106612328A/en
Application granted granted Critical
Publication of CN106612328B publication Critical patent/CN106612328B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to an image data processing system, a method and a mobile film reading system, wherein the system comprises: the system comprises a data access server, a buffer server, an image cloud server, at least one storage node, at least one data node and a user terminal. The data node is used for acquiring image data and dividing each image data to generate a plurality of subparts, compressing each subpart in the plurality of subparts by adopting different compression ratios and encrypting each compressed subpart by using different encryption modes, and unidirectionally connecting all the encrypted subparts of each image data through pointers to form a data chain. The user initiates an image data acquisition request through the user terminal, the buffering server inquires the corresponding image from the image cloud, and then the image is pushed to the film reading server, and then the final image is presented to the user.

Description

Mobile film reading system
Technical Field
The present invention relates to the field of data processing, and more particularly, to a mobile film reading system based on an image data processing system, and an image data processing system and method.
Background
Cloud storage is a new concept that has been extended and developed over the cloud computing concept. As a new network storage technology, cloud storage is a system that integrates a large number of different types of storage devices in a network through application software to cooperatively work through functions such as cluster application, network technology or distributed file system, and provides data storage and service access functions to the outside. When the core of operation and processing of the cloud computing system is storage and management of a large amount of data, a large amount of storage devices need to be configured in the cloud computing system, and then the cloud computing system is converted into a cloud storage system. Therefore, cloud storage is a cloud computing system with data storage and management as a core. Briefly, cloud storage is an emerging solution for putting storage resources on the cloud for human access. The user can conveniently access data at any time and any place through connecting to the cloud through any internet-connected device.
However, existing data source nodes are typically located within a particular company, connecting the company's internal local area network. The data source node communicates with the workstation via various different protocols. However, when accessing data, users outside the lan cannot access the data inside the lan through the workstation, which severely limits the use of remote data processing. On the other hand, security of cloud storage is receiving more and more attention. If the cloud storage system or the cloud storage service has a bug, the password protection is better or difficult to prevent privacy disclosure. The security loophole of the exposed cloud service iCloud of apple Inc. only reveals the ice mountain corner with security problems of the mobile phone. In recent years, mobile terminal disclosure events are common.
For this reason, there is a need in the art for a secure cloud storage system, and various types of data processing systems need to be constructed from the secure cloud storage system. Generally, image data is one of the most widely used types of data at present, such as various types of data of pictures, videos, and the like. Therefore, it is an urgent problem to ensure the safe processing of image data.
Disclosure of Invention
The technical problems to be solved by the invention are as follows: the image cloud technology enables authorized doctors to read the desired images at any time and any place as long as the authorized doctors have Internet access authority.
According to one aspect of the invention, a mobile slide reading system is provided, which comprises:
the data access server receives a data access request from the user terminal, wherein the data access request comprises identity authentication information and a data node identifier, determines a corresponding data node from at least one data node according to the data node identifier and sends the identity authentication information to the corresponding data node;
receiving an authentication response message from the corresponding data node, acquiring an image data identifier in the authentication response message, and sending the image data identifier to a buffer server;
performing unidirectional connection on all the subparts according to the pointers to restore the subparts into a data chain, decrypting each subpart according to the respective encryption mode of each subpart, restoring according to different compression ratios of each subpart, combining all the subparts to generate image data and sending the image data to the mobile terminal;
the buffer server sends a query request to the image cloud server, wherein the query request comprises an image data identifier; acquiring all sub-parts of the image data from the image cloud server and transmitting all sub-parts of the image data to the data access server;
the image cloud server determines a storage node where each subsection in a data chain related to the image data is located according to the image data identifier in the query request and a locally stored storage allocation table, and sends a data acquisition request to the storage node where each subsection is located; acquiring all sub-parts of the image data from the storage nodes and transmitting all sub-parts of the image data to the buffer server;
at least one storage node for receiving and storing one or more sub-portions of the image data from the data nodes;
receiving a data acquisition request for a subsection of the image data from the image cloud server and transmitting the subsection of the image data to the image cloud server;
at least one data node for acquiring image data and dividing each image data to generate a plurality of sub-portions, compressing each sub-portion of the plurality of sub-portions with a different compression ratio and encrypting each compressed sub-portion using a different encryption method, unidirectionally connecting all encrypted sub-portions of each image data by pointers to form a data chain;
transmitting each sub-part in the data chain to a corresponding storage node according to a storage distribution table received from the image cloud server;
receiving identity authentication information from the data access server, authenticating the user terminal according to the identity authentication information to generate an authentication response message, and sending the authentication response message to the data access server;
the user terminal sends a data access request to the data access server; and receiving the raw image data from the data access server.
According to an aspect of the present invention, there is provided an image cloud-based image data processing system, the system including:
the data access server receives a data access request from the user terminal, wherein the data access request comprises identity authentication information and a data node identifier, determines a corresponding data node from at least one data node according to the data node identifier and sends the identity authentication information to the corresponding data node;
receiving an authentication response message from the corresponding data node, acquiring an image data identifier in the authentication response message, and sending the image data identifier to a buffer server;
performing unidirectional connection on all the subparts according to the pointers to restore the subparts into a data chain, decrypting each subpart according to the respective encryption mode of each subpart, restoring according to different compression ratios of each subpart, combining all the subparts to generate image data and sending the image data to the mobile terminal;
the buffer server sends a query request to the image cloud server, wherein the query request comprises an image data identifier; acquiring all sub-parts of the image data from the image cloud server and transmitting all sub-parts of the image data to the data access server;
the image cloud server determines a storage node where each subsection in a data chain related to the image data is located according to the image data identifier in the query request and a locally stored storage allocation table, and sends a data acquisition request to the storage node where each subsection is located; acquiring all sub-parts of the image data from the storage nodes and transmitting all sub-parts of the image data to the buffer server;
at least one storage node for receiving and storing one or more sub-portions of the image data from the data nodes; receiving a data acquisition request for a subsection of the image data from the image cloud server and transmitting the subsection of the image data to the image cloud server;
at least one data node for acquiring image data and dividing each image data to generate a plurality of sub-portions, compressing each sub-portion of the plurality of sub-portions with a different compression ratio and encrypting each compressed sub-portion using a different encryption method, unidirectionally connecting all encrypted sub-portions of each image data by pointers to form a data chain;
transmitting each sub-part in the data chain to a corresponding storage node according to a storage distribution table received from the image cloud server;
receiving identity authentication information from the data access server, authenticating the user terminal according to the identity authentication information to generate an authentication response message, and sending the authentication response message to the data access server;
the user terminal sends a data access request to the data access server; and receiving the raw image data from the data access server.
Preferably, the data node comprises:
the image data acquisition unit is used for acquiring image data from an image shooting device and/or an image filing device, wherein the image shooting device is used for acquiring the image data by using an imaging technology, and the image filing device is used for storing the image data acquired by the image shooting device;
a dividing unit that divides each image data to generate a plurality of sub-parts, compresses each of the plurality of sub-parts with a different compression ratio, and encrypts each of the compressed sub-parts using a different encryption method;
an association unit that unidirectionally connects all the encrypted sub-parts of each image data by pointers to form a data chain and determines an identification of a first sub-part of the data chain;
and the authentication unit is used for receiving the identity authentication information from the data access server and authenticating the user terminal according to the identity authentication information to generate an authentication response message, wherein the authentication response message comprises an authentication result and the image data identifier.
Preferably, the data node further comprises an identification code generation unit generating an identification code for each compressed sub-portion and adding said identification code in each encrypted sub-portion. When the storage node where each subsection in the data chain related to the image data is located cannot be determined according to the image data identification in the query request and the locally stored storage allocation table, searching at least one storage node by using the identification code of each compressed subsection so as to obtain all the subsections. Preferably, the unidirectionally connecting all the subsections according to the pointer to restore the data chain comprises: the data access server sends a pointer request to a data node, the pointer request comprises an image data identifier, the data node queries a local database according to the image data identifier to obtain an identifier of a first subpart of a data chain and sends a pointer response message containing the identifier of the first subpart to the data access server, the data access server determines the first subpart of the data chain according to the identifier of the first subpart, and the data access server performs unidirectional connection on the rest subparts in all subparts according to pointers in the first subpart to restore the data chain.
Preferably, the decrypting of each sub-part according to the respective encryption mode of each sub-part and the restoring according to the different compression ratio of each sub-part combine all sub-parts to generate the image data: the data access server sends a reduction request to a data node, wherein the reduction request comprises an image data identifier, and the data node queries a local database according to the image data identifier to obtain an encryption mode table and a compression ratio table which are consistent with the arrangement sequence of all sub-parts of a data chain; and sending a reduction response message containing an encryption mode table and a compression ratio table to a data access server, wherein the data access server decrypts each subpart according to the respective encryption mode of each subpart and reduces according to different compression ratios of each subpart according to the arrangement sequence of all the subparts indicated in the data chain and the encryption mode table and the compression ratio table, so that all the subparts are combined to generate image data.
Preferably, the user terminal can display the original image data, so that a user can perform data processing on the original image data.
Preferably, the video cloud server is further capable of performing multi-level storage and recovery of log files, and includes: fast store and restore, general store and restore, and full store and restore. The image cloud server calls a log level management unit to determine the storage and recovery level of the log file:
when the level is fast storage and recovery, the following steps are carried out:
1) the image cloud server packages the log into a character string and encrypts the character string;
2) storing the packaged log in a specified static variable of a memory;
3) when recovering, inquiring the user ID from the Key of the appointed static variable of the memory according to the obtained login user ID, then obtaining and decrypting the corresponding static variable value according to the user ID, and finally writing the user ID and the corresponding static variable value into a log file;
when the level is general storage and recovery, then:
1) the image cloud server packages the log into a message and encrypts the message;
2) calling a Java Messaging Service (JMS) message management module, and sending the message to a JMS message server;
3) when the log-in user ID is recovered, the JMS message management module queries the JMS message server according to the obtained log-in user ID to obtain a message corresponding to the specified user ID, decrypts and restores the obtained message into a character string and writes the character string into a log file; and
when the level is complete storage and recovery, then:
1) the image cloud server registers the database management module on the JMS message server;
2) the log is packaged into a message and encrypted, and a JMS message management module is called to send the message to a JMS message server;
3) the JMS message server pushes the received message to a database management module, and the database management module writes the message into a log storage database;
4) and during recovery, the database management module encapsulates the login user query model into a Structured Query Language (SQL) statement and executes the SQL statement, and then decrypts and restores the obtained query result into a character string and writes the character string into a log file.
According to another aspect of the invention, a mobile film reading method is provided, which comprises the following steps:
acquiring image data and dividing each image data to generate a plurality of sub-parts, compressing each sub-part of the plurality of sub-parts with different compression ratios and encrypting each compressed sub-part by using different encryption modes, and unidirectionally connecting all the encrypted sub-parts of each image data through pointers to form a data chain;
transmitting each sub-part in the data chain to a corresponding storage node according to a storage distribution table received from the image cloud server;
receiving a data access request from a user terminal, wherein the data access request comprises identity authentication information and a data node identifier, determining a corresponding data node from at least one data node according to the data node identifier and sending the identity authentication information to the corresponding data node;
the corresponding data node receives identity authentication information from the data access server, authenticates the user terminal according to the identity authentication information to generate an authentication response message, and sends the authentication response message to the data access server;
the data access server receives an authentication response message from the corresponding data node, acquires an image data identifier in the authentication response message, and sends the image data identifier to the buffer server;
sending a query request to an image cloud server, wherein the query request comprises an image data identifier;
the image cloud server determines a storage node where each subsection in a data chain related to the image data is located according to the image data identification in the query request and a locally stored storage distribution table, and sends a data acquisition request to the storage node where each subsection is located; acquiring all sub-parts of the image data from the storage nodes and transmitting all sub-parts of the image data to the buffer server;
the buffer server acquires all sub-parts of the image data from the image cloud server and sends all sub-parts of the image data to the data access server;
the data access server performs one-way connection on all the subparts according to the pointers to restore the subparts into a data chain, decrypts each subpart according to the respective encryption mode of each subpart and restores the subparts according to different compression ratios of each subpart, combines all the subparts to generate image data and sends the image data to the mobile terminal.
According to another aspect of the present invention, there is provided an image cloud-based image data processing method, including:
acquiring image data and dividing each image data to generate a plurality of sub-parts, compressing each sub-part of the plurality of sub-parts with different compression ratios and encrypting each compressed sub-part by using different encryption modes, and unidirectionally connecting all the encrypted sub-parts of each image data through pointers to form a data chain;
transmitting each sub-part in the data chain to a corresponding storage node according to a storage distribution table received from the image cloud server;
receiving a data access request from a user terminal, wherein the data access request comprises identity authentication information and a data node identifier, determining a corresponding data node from at least one data node according to the data node identifier and sending the identity authentication information to the corresponding data node;
receiving identity authentication information from the data access server, authenticating the user terminal according to the identity authentication information to generate an authentication response message, and sending the authentication response message to the data access server;
the data access server receives an authentication response message from the corresponding data node, acquires an image data identifier in the authentication response message, and sends the image data identifier to the buffer server;
sending a query request to an image cloud server, wherein the query request comprises an image data identifier;
the image cloud server determines a storage node where each subsection in a data chain related to the image data is located according to the image data identification in the query request and a locally stored storage distribution table, and sends a data acquisition request to the storage node where each subsection is located; acquiring all sub-parts of the image data from the storage nodes and transmitting all sub-parts of the image data to the buffer server;
the buffer server acquires all sub-parts of the image data from the image cloud server and sends all sub-parts of the image data to the data access server;
the data access server performs one-way connection on all the subparts according to the pointers to restore the subparts into a data chain, decrypts each subpart according to the respective encryption mode of each subpart and restores the subparts according to different compression ratios of each subpart, combines all the subparts to generate image data and sends the image data to the mobile terminal.
Wherein
The data node acquires image data from an image shooting device and/or an image filing device by using an image data acquisition unit, wherein the image shooting device is used for acquiring the image data by using an imaging technology, and the image filing device is used for storing the image data acquired by the image shooting device;
the data node divides each image data by using a dividing unit to generate a plurality of subparts, compresses each subpart in the plurality of subparts by adopting different compression ratios and encrypts each compressed subpart by using different encryption modes;
the data node uses the association unit to unidirectionally connect all encrypted subparts of each image data through pointers to form a data chain, and determines an identification of a first subpart of the data chain;
the data node receives identity authentication information from the data access server by using the authentication unit and authenticates the user terminal according to the identity authentication information to generate an authentication response message, wherein the authentication response message comprises an authentication result and the image data identifier.
Preferably, the data node also generates an identification code for each compressed sub-portion and adds the identification code in each encrypted sub-portion. When the storage node where each subsection in the data chain related to the image data is located cannot be determined according to the image data identification in the query request and the locally stored storage allocation table, searching at least one storage node by using the identification code of each compressed subsection so as to obtain all the subsections.
Preferably, the unidirectionally connecting all the subsections according to the pointer to restore the data chain comprises: the data access server sends a pointer request to a data node, the pointer request comprises an image data identifier, the data node queries a local database according to the image data identifier to obtain an identifier of a first subpart of a data chain and sends a pointer response message containing the identifier of the first subpart to the data access server, the data access server determines the first subpart of the data chain according to the identifier of the first subpart, and the data access server performs unidirectional connection on the rest subparts in all subparts according to pointers in the first subpart to restore the data chain.
Preferably, the decrypting of each sub-part according to the respective encryption mode of each sub-part and the restoring according to the different compression ratio of each sub-part combine all sub-parts to generate the image data: the data access server sends a reduction request to a data node, wherein the reduction request comprises an image data identifier, and the data node queries a local database according to the image data identifier to obtain an encryption mode table and a compression ratio table which are consistent with the arrangement sequence of all sub-parts of a data chain; and sending a reduction response message containing an encryption mode table and a compression ratio table to a data access server, wherein the data access server decrypts each subpart according to the respective encryption mode of each subpart and reduces according to different compression ratios of each subpart according to the arrangement sequence of all the subparts indicated in the data chain and the encryption mode table and the compression ratio table, so that all the subparts are combined to generate image data.
Preferably, the method further comprises displaying the original image data on the user terminal, so that the user can process the original image data.
Preferably, the method further comprises performing multi-level storage and recovery of the log file, including: fast store and restore, general store and restore, and full store and restore. The image cloud server calls a log level management unit to determine the storage and recovery level of the log file:
when the level is fast storage and recovery, the following steps are carried out:
1) the image cloud server packages the log into a character string and encrypts the character string;
2) storing the packaged log in a specified static variable of a memory;
3) when recovering, inquiring the user ID from the Key of the appointed static variable of the memory according to the obtained login user ID, then obtaining and decrypting the corresponding static variable value according to the user ID, and finally writing the user ID and the corresponding static variable value into a log file;
when the level is general storage and recovery, then:
1) the image cloud server packages the log into a message and encrypts the message;
2) calling a Java Messaging Service (JMS) message management module, and sending the message to a JMS message server;
3) when the log-in user ID is recovered, the JMS message management module queries the JMS message server according to the obtained log-in user ID to obtain a message corresponding to the specified user ID, decrypts and restores the obtained message into a character string and writes the character string into a log file; and
when the level is complete storage and recovery, then:
1) the image cloud server registers the database management module on the JMS message server;
2) the log is packaged into a message and encrypted, and a JMS message management module is called to send the message to a JMS message server;
3) the JMS message server pushes the received message to a database management module, and the database management module writes the message into a log storage database;
4) and during recovery, the database management module encapsulates the login user query model into a Structured Query Language (SQL) statement and executes the SQL statement, and then decrypts and restores the obtained query result into a character string and writes the character string into a log file.
The invention realizes the mobile film reading of doctors, is not limited in hospitals any more and liberates doctors. Meanwhile, technical support is provided for mobile telemedicine.
Drawings
A more complete understanding of exemplary embodiments of the present invention may be had by reference to the following drawings in which:
FIG. 1 is a block diagram of an image data processing system according to an embodiment of the present invention;
FIG. 2 is a schematic structural diagram of a data node according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating an image data processing method according to an embodiment of the invention;
FIG. 4 is a schematic diagram of an image data processing system according to another embodiment of the present invention;
FIG. 5 is a block diagram of an image data processing system according to another embodiment of the present invention;
fig. 6 is a flowchart illustrating an image data processing method according to another embodiment of the invention.
Detailed Description
The exemplary embodiments of the present invention will now be described with reference to the accompanying drawings, however, the present invention may be embodied in many different forms and is not limited to the embodiments described herein, which are provided for complete and complete disclosure of the present invention and to fully convey the scope of the present invention to those skilled in the art. The terminology used in the exemplary embodiments illustrated in the accompanying drawings is not intended to be limiting of the invention. In the drawings, the same units/elements are denoted by the same reference numerals.
Unless otherwise defined, terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Further, it will be understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and will not be interpreted in an idealized or overly formal sense.
Fig. 1 is a schematic diagram of an image data processing system 100 according to an embodiment of the invention. Image data processing system 100 is capable of acquiring image data and dividing each image data to generate a plurality of sub-portions. Different compression and encryption methods are used for each subsection, and all the encrypted subsections of each image data are unidirectionally connected by pointers to form a data chain. The image data processing system 100 is capable of sending each sub-portion in the data chain to a corresponding storage node according to the storage allocation table, receiving a data access request from the user terminal, determining a corresponding data node from at least one data node according to the data node identifier, and sending the identity authentication information to the corresponding data node. The image data processing system 100 is capable of receiving the authentication information from the data access server and authenticating the user terminal according to the authentication information to generate an authentication response message, transmitting the authentication response message to the data access server, and then the data access server receives the authentication response message from the corresponding data node, acquires the image data identifier in the authentication response message, and transmits the image data identifier to the cache server. The image data processing system 100 sends a query request to the image cloud server, which determines a storage node where each sub-portion in the data chain related to the image data is located according to the image data identifier in the query request and a locally stored storage allocation table, and sends a data acquisition request to the storage node where each sub-portion is located. Subsequently, all sub-parts of the image data are retrieved from the storage nodes and sent to the buffer server. The buffer server acquires all sub-parts of the image data from the image cloud server and transmits all sub-parts of the image data to the data access server. And finally, the data access server performs unidirectional connection on all the subparts according to the pointers to restore the subparts into a data chain, decrypts each subpart according to the respective encryption mode of each subpart, restores the subparts according to different compression ratios of each subpart, combines all the subparts to generate image data and sends the image data to the mobile terminal.
As shown in fig. 1, the image data processing system 100 includes: the system comprises an image cloud server 101, a buffer server 102, a data access server 103, at least one storage node 104 and 1,104-2, …, 104-N, at least one data node 105 and 1,105-2, …, 105-N and at least one user terminal 106 and 1,106-2, …, 106-N. Before describing the specific functions of each unit, the image data storage method of the present invention will be described. In image data processing system 100, the present invention divides the acquired image data to generate a plurality of sub-portions. Generally, the image data is, for example, data of a type such as a picture or a video. Therefore, dividing the acquired image data to generate a plurality of sub-parts is to divide the picture data into a plurality of sub-pictures, or to divide the video data into a plurality of sub-videos. Next, the image data processing system 100 compresses each of the plurality of sub-portions with a different compression ratio and encrypts each compressed sub-portion using a different encryption scheme. Currently, image data carries a lot of information about a user, and some image data relates to privacy of the user. For this reason, it is necessary to encrypt the image data. In addition, as the resolution of the image data is increased, the size of the image data is also increased. For this purpose, the different sub-parts have to be compressed. Since the content of different sub-parts of the image data is different, different compression ratios are adopted for compression. For example, if a certain portion of the image data is a pure color (e.g., white), then compression is performed using a high compression ratio to save space. Where a portion of the image data relates to a large amount of detail, then compression is performed using a low compression ratio to maintain resolution. Generally, after compression and encryption, in order to be able to recombine the sub-parts into image data at a later stage, i.e. to prevent the sub-parts from being misplaced or lost, the present invention connects all the encrypted sub-parts of each image data unidirectionally by pointers to form a data chain. Preferably, the identification information (e.g., ID, address, etc.) of the next subsection is appended in each subsection and the identification information of the first subsection is recorded for subsequent processing. Next, each sub-part in the data chain is transmitted to a corresponding storage node according to the storage allocation table received from the video cloud server 101. Typically, the allocation in the storage allocation table is predetermined or random. For example, the number of encrypted subsections of the image data is 10, and the storage allocation table may specify that 1 st, 3 rd, and 6 th subsections are stored in the first storage node, 2 nd subsection is stored in the second storage node, 4 th, 5 th, and 10 th subsections are stored in the third storage node, and 7 th, 8 th, and 9 th subsections are stored in the fourth storage node.
Preferably, the video cloud server 101 is configured to perform coordinated scheduling on a plurality of storage nodes, so that the plurality of storage nodes store data as storage units of the cloud server. The image cloud server 101 can provide a data access interface, on one hand, data uploaded by a user can be distributed to a plurality of storage nodes for storage, and on the other hand, data at the plurality of storage nodes can be combined into a data group which the user desires to access and the data group is sent to the user. Preferably, the image cloud server 101 determines a storage node where each sub-portion in the data chain related to the image data is located according to the image data identifier in the query request from the user terminal and a locally stored storage allocation table. The image cloud server 101 sends a data acquisition request to the storage node where each subsection is located. The storage node transmits the sub-parts stored thereon to the video cloud server 101 according to the data acquisition request. The image cloud server 101 acquires all sub-parts of the image data from the storage nodes and transmits all sub-parts of the image data to the buffer server.
Preferably, the caching server 102 receives a query request from the data access server 103 and forwards the query request to the video cloud server. Preferably, the query request includes an image data identifier. For example, the query request includes identification information such as an ID or a name of the image data for discrimination. The buffer server 102 is used to relieve the data storage pressure of the data access server 103 and can ensure data security. In general, the buffering server 102 acquires all sub-parts of the image data from the image cloud server and transmits all sub-parts of the image data to the data access server. After the data access server 103 performs data processing and transmits the result to the user terminal, in order to prevent data leakage (the data access server 103 is located at the front end of the buffer server 102), all the subsections of the video data are generally deleted from the data access server 103, and a copy is retained only in the buffer server 102.
Preferably, the data access server 103 receives data access requests from the user terminals 106- "1,106-2, …, 106-N. The data access request comprises identity authentication information and data node identification. The identity authentication information is used for authenticating the identity of the user terminal. This authentication is done by the data node. In order to ensure the safety of data, the identity authentication is carried out by a data provider, namely a data node, namely whether the data node can access the data stored in the image cloud or not is determined by the data node. Each of the user terminals 106-. In general, the data access server 103 determines a corresponding data node from at least one data node according to the data node identification and sends the identity authentication information to the corresponding data node. Preferably, the data access server 103 receives an authentication response message from the corresponding data node. The authentication response message may include an authentication result and an image data identifier. Wherein the authentication result indicates whether the user terminal is allowed to access the image data. And if the authentication result indicates that the user terminal is not allowed to access the image data, sending an access refusing message to the user terminal. If the authentication result indicates that the user terminal is allowed to access the image data, the data access server 103 acquires one or more image data identifications in the authentication response message and transmits the one or more image data identifications to the cache server. Therefore, the image data identification is corresponding to the identity authentication information, and the image data can be determined to be accessible according to the identity authentication information.
Preferably, the data access server 103 unilaterally connects all the subsections according to the pointers to restore the data chain: the data access server sends a pointer request to a data node, the pointer request comprises an image data identifier, the data node queries a local database according to the image data identifier to obtain an identifier of a first subpart of a data chain and sends a pointer response message containing the identifier of the first subpart to the data access server, the data access server determines the first subpart of the data chain according to the identifier of the first subpart, and the data access server performs unidirectional connection on the rest subparts in all subparts according to pointers in the first subpart to restore the data chain.
Preferably, the data access server 103 decrypts each sub-part according to the respective encryption mode of each sub-part and restores according to the different compression ratio of each sub-part, and combines all the sub-parts to generate image data and sends the image data to the mobile terminal, wherein the data access server sends a restoration request to a data node, the restoration request comprises an image data identifier, and the data node queries a local database according to the image data identifier to obtain an encryption mode table and a compression ratio table which are consistent with the arrangement sequence of all the sub-parts of the data chain; and sending a reduction response message containing an encryption mode table and a compression ratio table to a data access server, wherein the data access server decrypts each subpart according to the respective encryption mode of each subpart and reduces according to different compression ratios of each subpart according to the arrangement sequence of all the subparts indicated in the data chain and the encryption mode table and the compression ratio table, so that all the subparts are combined to generate image data. Preferably, different encryption schemes may use different encryption algorithms.
Preferably, at least one of the storage nodes 104-1,104-2, …, 104-N is used to receive and store one or more sub-portions of the image data from the data nodes. Further, the storage node receives a data acquisition request for a sub-part of the image data from the image cloud server, and transmits the sub-part of the image data to the image cloud server. At least one of the storage nodes 104-1,104-2, …, 104-N may be a geographically proximate or remote storage device of various types. Also, at least one of the storage nodes 104-1,104-2, …, 104-N may be a heterogeneous storage device.
Preferably, the at least one data node 105-1,105-2, …, 105-N is configured to obtain image data and divide each image data to generate a plurality of sub-portions, compress each sub-portion of the plurality of sub-portions with a different compression ratio and encrypt each compressed sub-portion using a different encryption method, and unidirectionally connect all encrypted sub-portions of each image data by pointers to form a data chain. Preferably, the data node transmits each sub-part in the data chain to the corresponding storage node according to the storage allocation table received from the video cloud server. In addition, the data node receives the identity authentication information from the data access server and authenticates the user terminal according to the identity authentication information to generate an authentication response message, and sends the authentication response message to the data access server. In general, when an error occurs in the storage allocation table, the storage node where each subsection in the data chain related to the image data is located cannot be determined according to the image data identifier in the query request and the locally stored storage allocation table. To this end, the data node further comprises an identification code generation unit generating an identification code for each compressed subpart and adding said identification code in each encrypted subpart. When the storage node where each subsection in the data chain related to the image data is located cannot be determined according to the image data identification in the query request and the locally stored storage allocation table, searching at least one storage node by using the identification code of each compressed subsection so as to obtain all the subsections.
Preferably, at least one of the user terminals 106-. In addition, the user terminal receives the original image data from the data access server to display. In general, a user terminal may be various types of terminal devices, such as a personal computer, a laptop computer, a personal digital assistant, a cell phone, and the like. At least one of the user terminals 106-1,106-2, …, 106-N is capable of displaying the original image data for the user to perform data processing on the original image data.
Preferably, in order to maintain information of data storage, the video cloud server 101 usually performs log file recording on the storage data on each storage node. Preferably, the video cloud server 101 is further capable of performing multi-level storage and recovery of log files, including: fast store and restore, general store and restore, and full store and restore. The image cloud server 101 calls a log level management unit, and the log level management unit determines the storage and recovery level of the log file according to the user input information:
when the level is fast storage and recovery, the following steps are carried out:
1) the image cloud server 101 packages the log into a character string and encrypts the character string;
2) storing the packaged log in a specified static variable of a memory of the image cloud server;
3) when recovering, inquiring the user ID from the Key of the appointed static variable of the memory according to the obtained login user ID, then obtaining and decrypting the corresponding static variable value according to the user ID, and finally writing the user ID and the corresponding static variable value into a log file;
when the level is general storage and recovery, then:
1) the image cloud server 101 packages the log into a message and encrypts the message;
2) calling a Java Messaging Service (JMS) message management module, and sending the message to a JMS message server;
3) when the log-in user ID is recovered, the JMS message management module queries the JMS message server according to the obtained log-in user ID to obtain a message corresponding to the specified user ID, decrypts and restores the obtained message into a character string and writes the character string into a log file; and
when the level is complete storage and recovery, then:
1) the image cloud server 101 registers the database management module on the JMS message server;
2) the log is packaged into a message and encrypted, and a JMS message management module is called to send the message to a JMS message server;
3) the JMS message server pushes the received message to a database management module, and the database management module writes the message into a log storage database;
4) and during recovery, the database management module encapsulates the login user query model into a Structured Query Language (SQL) statement and executes the SQL statement, and then decrypts and restores the obtained query result into a character string and writes the character string into a log file.
Fig. 2 is a schematic structural diagram of a data node 200 according to an embodiment of the present invention. Preferably, the data node 200 is configured to obtain image data and divide each image data to generate a plurality of sub-portions, compress each sub-portion of the plurality of sub-portions with a different compression ratio and encrypt each compressed sub-portion using a different encryption method, and unidirectionally connect all encrypted sub-portions of each image data by pointers to form a data chain. Preferably, the data node 200 transmits each sub-part in the data chain to the corresponding storage node according to the storage allocation table received from the video cloud server. Further, the data node 200 receives the authentication information from the data access server and authenticates the user terminal according to the authentication information to generate an authentication response message, and transmits the authentication response message to the data access server.
As shown in fig. 2, the data node 200 includes: an image data acquisition unit 201, a segmentation unit 202, an association unit 203, an authentication unit 204, and an interface unit 205. Preferably, the image data acquisition unit 201 is configured to acquire image data from an image capturing device and/or an image archiving device, wherein the image capturing device is configured to acquire the image data using an imaging technology, and the image archiving device is configured to store the image data acquired by the image capturing device. Preferably, the dividing unit 203 divides each image data to generate a plurality of sub-portions, compresses each of the plurality of sub-portions with a different compression ratio and encrypts each of the compressed sub-portions using a different encryption method. Preferably, the associating unit 203 unilaterally connects all the encrypted sub-parts of each image data by pointers to form a data chain, and determines an identification of a first sub-part of the data chain. Preferably, the authentication unit 204 receives the identity authentication information from the data access server and authenticates the user terminal according to the identity authentication information to generate an authentication response message, wherein the authentication response message includes the authentication result and the image data identifier. Preferably, the interface unit 205 is used for data interaction. For example, the data node receives the storage allocation table from the video cloud server through the interface unit 205 and transmits each sub-part in the data chain to the corresponding storage node through the interface unit 205 according to the storage allocation table. Further, the data node receives the authentication information from the data access server through the interface unit 205 and authenticates the user terminal according to the authentication information to generate an authentication response message, which is transmitted to the data access server through the interface unit 205.
Fig. 3 is a flowchart of an image data processing method 300 according to an embodiment of the invention. The image data processing method 300 is capable of acquiring image data and dividing each image data to generate a plurality of sub-portions. Different compression and encryption methods are used for each subsection, and all the encrypted subsections of each image data are unidirectionally connected by pointers to form a data chain. The image data processing method 300 is capable of sending each sub-portion in the data chain to a corresponding storage node according to the storage allocation table, receiving a data access request from the user terminal, determining a corresponding data node from at least one data node according to the data node identifier, and sending the identity authentication information to the corresponding data node. The image data processing method 300 is capable of receiving identity authentication information from the data access server and authenticating the user terminal according to the identity authentication information to generate an authentication response message, sending the authentication response message to the data access server, and then the data access server receives the authentication response message from the corresponding data node, acquires an image data identifier in the authentication response message, and sends the image data identifier to the cache server. The image data processing method 300 sends a query request to the image cloud server, which determines a storage node where each sub-portion in the data chain related to the image data is located according to the image data identifier in the query request and a locally stored storage allocation table, and sends a data acquisition request to the storage node where each sub-portion is located. Subsequently, all sub-parts of the image data are retrieved from the storage nodes and sent to the buffer server. The buffer server acquires all sub-parts of the image data from the image cloud server and transmits all sub-parts of the image data to the data access server. And finally, the data access server performs unidirectional connection on all the subparts according to the pointers to restore the subparts into a data chain, decrypts each subpart according to the respective encryption mode of each subpart, restores the subparts according to different compression ratios of each subpart, combines all the subparts to generate image data and sends the image data to the mobile terminal.
Preferably, the image data processing method 300 starts at step 301. In step 301, image data is obtained and each image data is divided to generate a plurality of sub-portions, each sub-portion of the plurality of sub-portions is compressed with a different compression ratio and each compressed sub-portion is encrypted using a different encryption method, and all the encrypted sub-portions of each image data are unidirectionally connected by pointers to form a data chain.
In step 302, each sub-part in the data chain is sent to a corresponding storage node according to the storage allocation table received from the video cloud server.
In step 303, a data access request is received from the user terminal, where the data access request includes the identity authentication information and the data node identifier, and a corresponding data node is determined from at least one data node according to the data node identifier and the identity authentication information is sent to the corresponding data node.
In step 304, identity authentication information is received from the data access server and the user terminal is authenticated according to the identity authentication information to generate an authentication response message, which is sent to the data access server.
In step 305, the data access server receives an authentication response message from the corresponding data node, acquires the image data identifier in the authentication response message, and sends the image data identifier to the cache server.
In step 306, a query request is sent to the image cloud server, where the query request includes an image data identifier.
In step 307, the image cloud server determines, according to the image data identifier in the query request and the locally stored storage allocation table, a storage node where each sub-portion in the data chain related to the image data is located, and sends a data acquisition request to the storage node where each sub-portion is located; all sub-portions of the image data are retrieved from the storage nodes and sent to the buffer server.
In step 308, the buffering server acquires all sub-parts of the image data from the image cloud server and transmits all sub-parts of the image data to the data access server. And
in step 309, the data access server connects all the sub-parts in a single direction according to the pointers to restore the data chain, decrypts each sub-part according to its respective encryption method and restores it according to the different compression ratio of each sub-part, combines all the sub-parts to generate image data and sends the image data to the mobile terminal.
The data node acquires image data from an image shooting device and/or an image filing device by using an image data acquisition unit, wherein the image shooting device is used for acquiring the image data by using an imaging technology, and the image filing device is used for storing the image data acquired by the image shooting device;
the data node divides each image data by using a dividing unit to generate a plurality of subparts, compresses each subpart in the plurality of subparts by adopting different compression ratios and encrypts each compressed subpart by using different encryption modes;
the data node uses the association unit to unidirectionally connect all encrypted subparts of each image data through pointers to form a data chain, and determines an identification of a first subpart of the data chain;
the data node receives identity authentication information from the data access server by using the authentication unit and authenticates the user terminal according to the identity authentication information to generate an authentication response message, wherein the authentication response message comprises an authentication result and the image data identifier.
Wherein the unidirectionally connecting all the sub-parts according to the pointer to restore the data chain comprises: the data access server sends a pointer request to a data node, the pointer request comprises an image data identifier, the data node queries a local database according to the image data identifier to obtain an identifier of a first subpart of a data chain and sends a pointer response message containing the identifier of the first subpart to the data access server, the data access server determines the first subpart of the data chain according to the identifier of the first subpart, and the data access server performs unidirectional connection on the rest subparts in all subparts according to pointers in the first subpart to restore the data chain.
Wherein, the sub-parts are decrypted according to the respective encryption mode of each sub-part and restored according to the different compression ratios of each sub-part, and all the sub-parts are combined to generate image data: the data access server sends a reduction request to a data node, wherein the reduction request comprises an image data identifier, and the data node queries a local database according to the image data identifier to obtain an encryption mode table and a compression ratio table which are consistent with the arrangement sequence of all sub-parts of a data chain; and sending a reduction response message containing an encryption mode table and a compression ratio table to a data access server, wherein the data access server decrypts each subpart according to the respective encryption mode of each subpart and reduces according to different compression ratios of each subpart according to the arrangement sequence of all the subparts indicated in the data chain and the encryption mode table and the compression ratio table, so that all the subparts are combined to generate image data. Preferably, the method 300 further includes displaying the raw image data on a user terminal for data processing of the raw image data by a user. In general, the data processing may be labeling of a part of the content in the original image data.
Fig. 4 is a schematic diagram of an image data processing system 400 according to another embodiment of the invention. The image Archiving and Communication system pacs (picture Archiving and Communication systems) is a system applied to hospital image departments, and has a main task of storing various daily medical images (including images generated by equipment such as nuclear magnetism, CT, ultrasound, various X-ray machines, various infrared instruments, microscopes and the like) in a digital manner through various interfaces (analog, DICOM and network). When needed, the system can be quickly called back to use under certain authorization, and meanwhile, auxiliary diagnosis management functions are added. PACS plays an important role in transmitting data among various video apparatuses and organizing and storing data.
The DICOM (digital Imaging and Communications in medicine) standard covers almost all information exchange protocols for acquisition, archiving, communication, display, query, etc. of medical digital images. DICOM defines a set of objects containing various types of medical diagnostic images and their associated analysis, reporting, etc. information in an open interconnected architecture and object-oriented approach. DICOM defines service classes and command sets for information delivery, exchange, and standard responses for messages, and details techniques for uniquely identifying information objects of various types. DICOM provides service support for applications in the network environment (OSI or TCP/IP) and defines the manufacturer's compliance Statement (compliance state) architecturally.
The traditional doctor image workstation is positioned in a hospital, is connected with an internal local area network of the hospital, and is connected with a PACS and a device workstation through a standard Dicom protocol. Doctors outside the hospital cannot browse images inside the hospital through the workstation, and the use of the images in remote diagnosis is severely limited.
The sleep-like and non-sleep mode of the invention adopts an HTML5 architecture mode, so that the image files of the original DICOM standard can be retrieved on mobile terminal equipment iPad, iOS mobile phones and android mobile phones, and post-processing operation can be carried out. The invention uses the image cloud technology to collect hospital PACS or hospital images in equipment to the cloud end through a standard Dicom interface, a file transfer protocol, a file sharing protocol, Http and the like. The traditional doctor image workstation is positioned in a hospital, is connected with an internal local area network of the hospital, and is connected with a PACS and a device workstation through a standard Dicom protocol. Doctors outside the hospital cannot browse images inside the hospital through the workstation, and the use of the images in remote diagnosis is severely limited. The image cloud technology enables doctors to read desired images at any time and any place as long as the doctors have Internet access authority. The collection server is accessed to PACS or imaging equipment (which can be connected simultaneously) of a hospital, collects images and uploads the images, and in order to ensure the safety of patient information, the files can be compressed and encrypted before the image files are uploaded to the cloud. And the image acquisition server stores the file to the image cloud through an enterprise private protocol.
As shown in fig. 4, in an image data processing system 400, the present invention divides acquired image data to generate a plurality of sub-portions. Generally, the image data is, for example, data of a type such as a picture or a video. Therefore, dividing the acquired image data to generate a plurality of sub-parts is to divide the picture data into a plurality of sub-pictures, or to divide the video data into a plurality of sub-videos. The image data processing system 400 then compresses each of the plurality of sub-portions with a different compression ratio and encrypts each compressed sub-portion using a different encryption scheme. Currently, image data carries a lot of information about a user, and some image data relates to privacy of the user. For this reason, it is necessary to encrypt the image data. In addition, as the resolution of the image data is increased, the size of the image data is also increased. For this purpose, the different sub-parts have to be compressed. Since the content of different sub-parts of the image data is different, different compression ratios are adopted for compression. For example, if a certain portion of the image data is a pure color (e.g., white), then compression is performed using a high compression ratio to save space. Where a portion of the image data relates to a large amount of detail, then compression is performed using a low compression ratio to maintain resolution. Generally, after compression and encryption, in order to be able to recombine the sub-parts into image data at a later stage, i.e. to prevent the sub-parts from being misplaced or lost, the present invention connects all the encrypted sub-parts of each image data unidirectionally by pointers to form a data chain. Preferably, the identification information (e.g., ID, address, etc.) of the next subsection is appended in each subsection and the identification information of the first subsection is recorded for subsequent processing. Next, each sub-part in the data chain is transmitted to a corresponding storage node according to the storage allocation table received from the video cloud server 101. Typically, the allocation in the storage allocation table is predetermined or random. For example, the number of encrypted subsections of the image data is 10, and the storage allocation table may specify that 1 st, 3 rd, and 6 th subsections are stored in the first storage node, 2 nd subsection is stored in the second storage node, 4 th, 5 th, and 10 th subsections are stored in the third storage node, and 7 th, 8 th, and 9 th subsections are stored in the fourth storage node. Preferably, the image data may be images or video files generated by nuclear magnetic, CT, ultrasound, various X-ray machines, various infrared machines, microscopes, and the like.
Preferably, the hospital nodes 401-. Preferably, the data node transmits each sub-part in the data chain to the corresponding storage node according to the storage allocation table received from the video cloud server. In addition, the data node receives the identity authentication information from the data access server and authenticates the user terminal according to the identity authentication information to generate an authentication response message, and sends the authentication response message to the data access server.
Preferably, the hospital nodes 402-1,402-2 and 402-3 may include the image capture servers 403-1,403-2 and 403-3, PACS and/or video equipment. In addition, the hospital nodes 402-1,402-2 and 402-3 may also include a segmentation unit, an association unit, an authentication unit and an interface unit, which are not shown in FIG. 4. Preferably, the image capture servers 403-1,403-2, and 403-3 are used to acquire image data from an imaging device and/or a PACS, wherein the imaging device is used to acquire image data using imaging techniques. The imaging device may be, for example, a nuclear magnetic, CT, ultrasound, various X-ray machines, various infrared machines, a microscope, etc. The PACS is used for storing image data acquired by the imaging equipment.
Preferably, the dividing unit divides each image data to generate a plurality of sub-parts, compresses each of the plurality of sub-parts with a different compression ratio, and encrypts each of the compressed sub-parts using a different encryption method. Preferably, the association unit unidirectionally concatenates all encrypted sub-portions of each image data by means of pointers to form a data chain, and determines an identification of a first sub-portion of the data chain. Preferably, the authentication unit receives identity authentication information from the data access server and authenticates the user terminal according to the identity authentication information to generate an authentication response message, wherein the authentication response message includes an authentication result and the image data identifier. Preferably, the interface unit is used for data interaction. For example, the data node receives the storage allocation table from the video cloud server through the interface unit and transmits each sub-part in the data chain to the corresponding storage node through the interface unit according to the storage allocation table. In addition, the data node receives the authentication information from the data access server through the interface unit and authenticates the user terminal according to the authentication information to generate an authentication response message, and transmits the authentication response message to the data access server through the interface unit.
Preferably, the image cloud 401 is configured to receive and store image data sent by a hospital, and implement management of a plurality of internal storage nodes.
Fig. 5 is a schematic diagram of an image data processing system 500 according to another embodiment of the invention. As shown in fig. 5, the image data processing system 500 includes: image cloud 501, buffering server 502, scoring server 503 and at least one user terminal 504-1, 504-2. Through a specific algorithm, image data in a Digital Imaging and Communications in Medicine (dcom) file is converted into images and videos suitable for transmission in the Internet, and the images and videos are displayed in a browser. If a traditional doctor image workstation wants to retrieve images of a PACS or a device workstation, a Dicom file must be downloaded from a Server to the local of the image workstation, and then display and post-processing are carried out, and if the method is also used in an Internent, several disadvantages exist: firstly, the Dicom protocol is low in efficiency and high in bandwidth occupation for image transmission; second, if the Dicom file is retained locally at the doctor's imaging workstation, it may cause leakage of patient information, especially when used in a public computer; thirdly, the doctor's imaging workstation is suitable for reading the film on the PC, but not on the mobile device. For the reasons, the invention specially provides an image retrieval server, which converts the pictures and video information contained in the Dicom file into a format suitable for transmission on the Internet, and finally presents the pictures and video information to a user in a format of Html 5. A user initiates a film reading request through a PC, a Pad or a mobile phone, the buffering server inquires a corresponding image from the image cloud, and then the image is pushed to the film reading server, and then a final image is displayed to the user.
Preferably, the video cloud 501 is used to perform coordinated scheduling on a plurality of storage nodes, so that the plurality of storage nodes serve as storage units of the cloud server to store data. The video cloud 501 can provide a data access interface, on one hand, data uploaded by a user can be distributed to a plurality of storage nodes for storage, and on the other hand, data at the plurality of storage nodes can be combined into a data group which the user desires to access and the data group is sent to the user. Preferably, the image cloud 501 determines a storage node where each sub-portion in the data chain related to the image data is located according to the image data identifier in the query request from the user terminal and a locally stored storage allocation table. The image cloud 501 sends a data acquisition request to the storage node where each subsection is located. The storage node transmits the sub-part stored thereon to the image cloud 501 according to the data acquisition request. The image cloud 501 acquires all sub-parts of the image data from the storage nodes and transmits all sub-parts of the image data to the buffer server.
Preferably, the buffering server 502 receives the query request from the scoring server 503 and forwards the query request to the video cloud server. Preferably, the query request includes an image data identifier. For example, the query request includes identification information such as an ID or a name of the image data for discrimination. The buffering server 502 is used for relieving the data storage pressure of the scoring server 503, and can ensure data security. In general, the buffering server 502 acquires all sub-parts of the image data from the image cloud server and transmits all sub-parts of the image data to the data access server. After the interpretation server 503 performs data processing and sends the result to the user terminal, all the subsections of the image data are usually deleted from the interpretation server 503 and a copy is kept only in the buffering server 502 in order to prevent data leakage (the interpretation server 503 is at the front end of the buffering server 502).
Preferably, the scoring server 503 receives data access requests from the user terminals 504-1, 504-2. The data access request comprises identity authentication information and a hospital identification. The identity authentication information is used for authenticating the identity of the user terminal. This authentication is done by the hospital. In order to ensure the safety of data, the identity authentication is carried out by a data provider, namely a hospital, namely whether the data stored in the image cloud by the hospital can be accessed or not is determined by the hospital. Each of the user terminals 504-1, 504-2 may access data at a different hospital, i.e., may have at least one different authentication information to obtain image data for at least one of the hospitals. In general, the radiograph reading server 503 determines a corresponding hospital from at least one hospital according to the hospital identification and transmits the identity authentication information to the corresponding hospital. Preferably, the scoring server 503 receives an authentication response message from the corresponding hospital. The authentication response message may include an authentication result and an image data identifier. Wherein the authentication result indicates whether the user terminal is allowed to access the image data. And if the authentication result indicates that the user terminal is not allowed to access the image data, sending an access refusing message to the user terminal. If the authentication result indicates that the user terminal is allowed to access the image data, the interpretation server 503 acquires one or more image data identifications in the authentication response message and sends the one or more image data identifications to the buffer server. Therefore, the image data identification is corresponding to the identity authentication information, and the image data can be determined to be accessible according to the identity authentication information.
Preferably, the scoring server 503 unilaterally connects all the subsections according to the pointers to restore the data chain: the data access server sends a pointer request to a hospital, the pointer request comprises an image data identifier, the hospital queries a local database according to the image data identifier to obtain an identifier of a first subpart of a data chain and sends a pointer response message containing the identifier of the first subpart to the data access server, the data access server determines the first subpart of the data chain according to the identifier of the first subpart, and the remaining subparts in all the subparts are connected in a one-way mode according to the pointers in the first subpart to be restored into the data chain.
Preferably, the film reading server 503 decrypts each sub-part according to the respective encryption mode of each sub-part and restores according to the different compression ratio of each sub-part, and combines all the sub-parts to generate image data and sends the image data to the mobile terminal, wherein the data access server sends a restoring request to a hospital, the restoring request comprises an image data identifier, and the hospital queries a local database according to the image data identifier to obtain an encryption mode table and a compression ratio table which are correspondingly consistent with the arrangement sequence of all the sub-parts of the data chain; and sending a reduction response message containing an encryption mode table and a compression ratio table to a data access server, wherein the data access server decrypts each subpart according to the respective encryption mode of each subpart and reduces according to different compression ratios of each subpart according to the arrangement sequence of all the subparts indicated in the data chain and the encryption mode table and the compression ratio table, so that all the subparts are combined to generate image data.
Preferably, at least one storage node (not shown) is used to receive and store one or more sub-portions of the image data from the hospital. Further, the storage node receives a data acquisition request for a sub-part of the image data from the image cloud server, and transmits the sub-part of the image data to the image cloud server. The at least one storage node may be various types of storage devices that are geographically proximate or remote. Also, at least one storage node may be a heterogeneous storage device.
Preferably, at least one user terminal 504-1, 504-2 sends a data access request to the data access server. In addition, the user terminal receives the original image data from the data access server to display. In general, the user terminal may be various types of terminal devices, such as a PC reading terminal and a mobile reading terminal as shown in fig. 5. At least one of the user terminals 504-1, 504-2 is capable of displaying raw image data for data processing of the raw image data by a user.
Fig. 6 is a flowchart of an image data processing method 600 according to another embodiment of the invention. Preferably, the image data processing method 600 begins at step 601. In step 601, medical image data is acquired and each medical image data is divided to generate a plurality of sub-portions, each sub-portion of the plurality of sub-portions is compressed with a different compression ratio and each compressed sub-portion is encrypted using a different encryption method, and all the encrypted sub-portions of each medical image data are unidirectionally connected by a pointer to form a data chain.
In step 602, each sub-part in the data chain is sent to a corresponding storage node according to the storage allocation table received from the video cloud server.
In step 603, a data access request is received from the user terminal, the data access request includes identity authentication information and a hospital identifier, a corresponding hospital is determined from at least one hospital according to the hospital identifier, and the identity authentication information is sent to the corresponding hospital.
In step 604, identity authentication information is received from the data access server and the user terminal is authenticated according to the identity authentication information to generate an authentication response message, which is sent to the data access server.
In step 605, the data access server receives an authentication response message from the corresponding hospital, acquires the medical image data identifier in the authentication response message, and sends the medical image data identifier to the buffer server.
In step 606, a query request is sent to the image cloud server, where the query request includes medical image data identification.
In step 607, the image cloud server determines, according to the medical image data identifier in the query request and the locally stored storage allocation table, a storage node where each sub-portion in the data chain related to the medical image data is located, and sends a data acquisition request to the storage node where each sub-portion is located; all sub-parts of the medical image data are retrieved from the storage nodes and sent to the buffer server.
At step 608, the buffer server obtains all sub-parts of the medical image data from the image cloud server and sends all sub-parts of the medical image data to the data access server. And
in step 609, the data access server unidirectionally connects all the subparts according to the pointers to restore the data chain, decrypts each subpart according to the respective encryption mode of each subpart and restores according to the different compression ratio of each subpart, combines all the subparts to generate medical image data and sends the medical image data to the mobile terminal.
The hospital acquires medical image data from an image shooting device and/or an image archiving device by using a medical image data acquisition unit, wherein the image shooting device is used for acquiring medical image data by using an imaging technology, and the image archiving device is used for storing the medical image data acquired by the image shooting device;
the hospital uses the segmentation unit to divide each medical image data to generate a plurality of sub-parts, compresses each sub-part in the plurality of sub-parts by adopting different compression ratios and encrypts each compressed sub-part by using different encryption modes;
the hospital uses the association unit to connect all encrypted subparts of each medical image data in a single direction through the pointers to form a data chain, and determines the identification of the first subpart of the data chain;
the hospital use authentication unit receives identity authentication information from the data access server and authenticates the user terminal according to the identity authentication information to generate an authentication response message, wherein the authentication response message comprises an authentication result and a medical image data identifier.
Wherein the unidirectionally connecting all the sub-parts according to the pointer to restore the data chain comprises: the data access server sends a pointer request to a hospital, the pointer request comprises medical image data identification, the hospital queries a local database according to the medical image data identification to obtain identification of a first subpart of a data chain and sends a pointer response message containing the identification of the first subpart to the data access server, the data access server determines the first subpart of the data chain according to the identification of the first subpart, and the rest subparts of all the subparts are connected in a one-way mode according to pointers in the first subpart to be restored into the data chain.
Wherein, the sub-parts are decrypted according to the respective encryption mode of each sub-part and restored according to the different compression ratios of each sub-part, and all the sub-parts are combined to generate the medical image data: the data access server sends a restoration request to a hospital, the restoration request comprises medical image data identification, and the hospital queries a local database according to the medical image data identification to obtain an encryption mode table and a compression ratio table which are consistent with the arrangement sequence of all the sub-parts of the data chain; and sending a reduction response message containing an encryption mode table and a compression ratio table to a data access server, wherein the data access server decrypts each subpart according to the respective encryption mode of each subpart and reduces according to the different compression ratio of each subpart according to the arrangement sequence of all the subparts indicated in the data chain and the encryption mode table and the compression ratio table, so that all the subparts are combined to generate the medical image data. Preferably, the method 600 further comprises displaying the raw medical image data on the user terminal for data processing of the raw medical image data by the user. In general, the data processing may be labeling of a part of the content in the original medical image data.
The invention has been described with reference to a few embodiments. However, other embodiments of the invention than the one disclosed above are equally possible within the scope of the invention, as would be apparent to a person skilled in the art from the appended patent claims.
Generally, all terms used in the claims are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a/an/the [ device, component, etc ]" are to be interpreted openly as referring to at least one instance of said device, component, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.

Claims (10)

1. A mobile slide viewing system, the system comprising:
the data access server receives a data access request from the user terminal, wherein the data access request comprises identity authentication information and a data node identifier, determines a corresponding data node from at least one data node according to the data node identifier and sends the identity authentication information to the corresponding data node;
receiving an authentication response message from the corresponding data node, acquiring an image data identifier in the authentication response message, and sending the image data identifier to a buffer server;
performing unidirectional connection on all the subparts according to the pointers to restore the subparts into a data chain, decrypting each subpart according to the respective encryption mode of each subpart, restoring according to different compression ratios of each subpart, combining all the subparts to generate image data and sending the image data to the mobile terminal;
the buffer server sends a query request to the image cloud server, wherein the query request comprises an image data identifier; acquiring all sub-parts of the image data from the image cloud server and transmitting all sub-parts of the image data to the data access server;
the image cloud server determines a storage node where each subsection in a data chain related to the image data is located according to the image data identifier in the query request and a locally stored storage allocation table, and sends a data acquisition request to the storage node where each subsection is located; acquiring all sub-parts of the image data from the storage nodes and transmitting all sub-parts of the image data to the buffer server;
at least one storage node for receiving and storing one or more sub-portions of the image data from the data nodes; receiving a data acquisition request for a subsection of the image data from the image cloud server and transmitting the subsection of the image data to the image cloud server;
at least one data node for acquiring image data and dividing each image data to generate a plurality of sub-portions, compressing each sub-portion of the plurality of sub-portions with a different compression ratio and encrypting each compressed sub-portion using a different encryption method, unidirectionally connecting all encrypted sub-portions of each image data by pointers to form a data chain;
transmitting each sub-part in the data chain to a corresponding storage node according to a storage distribution table received from the image cloud server;
receiving identity authentication information from the data access server, authenticating the user terminal according to the identity authentication information to generate an authentication response message, and sending the authentication response message to the data access server;
the user terminal sends a data access request to the data access server; receiving original image data from the data access server;
the data node further includes an identification code generation unit that generates an identification code for each of the compressed subparts and adds the identification code to each of the encrypted subparts, and when the storage node where each subpart in the data chain associated with the image data is located cannot be determined from the image data identification in the query request and the locally stored storage allocation table, searches at least one storage node using the identification code of each of the compressed subparts, thereby obtaining all the subparts.
2. The system of claim 1, the data node comprising:
the image data acquisition unit is used for acquiring image data from an image shooting device and/or an image filing device, wherein the image shooting device is used for acquiring the image data by using an imaging technology, and the image filing device is used for storing the image data acquired by the image shooting device;
a dividing unit that divides each image data to generate a plurality of sub-parts, compresses each of the plurality of sub-parts with a different compression ratio, and encrypts each of the compressed sub-parts using a different encryption method;
an association unit that unidirectionally connects all the encrypted sub-parts of each image data by pointers to form a data chain and determines an identification of a first sub-part of the data chain;
and the authentication unit is used for receiving the identity authentication information from the data access server and authenticating the user terminal according to the identity authentication information to generate an authentication response message, wherein the authentication response message comprises an authentication result and the image data identifier.
3. The system of claim 1, the unidirectionally concatenating all of the subdivisions according to the pointer to restore the data chain comprising: the data access server sends a pointer request to a data node, the pointer request comprises an image data identifier, the data node queries a local database according to the image data identifier to obtain an identifier of a first subpart of a data chain and sends a pointer response message containing the identifier of the first subpart to the data access server, the data access server determines the first subpart of the data chain according to the identifier of the first subpart, and the data access server performs unidirectional connection on the rest subparts in all subparts according to pointers in the first subpart to restore the data chain.
4. The system of claim 3, wherein each sub-portion is decrypted according to its respective encryption scheme and restored according to its different compression ratio, all sub-portions being combined to generate the image data: the data access server sends a reduction request to a data node, wherein the reduction request comprises an image data identifier, and the data node queries a local database according to the image data identifier to obtain an encryption mode table and a compression ratio table which are consistent with the arrangement sequence of all sub-parts of a data chain; and sending a reduction response message containing an encryption mode table and a compression ratio table to a data access server, wherein the data access server decrypts each subpart according to the respective encryption mode of each subpart and reduces according to different compression ratios of each subpart according to the arrangement sequence of all the subparts indicated in the data chain and the encryption mode table and the compression ratio table, so that all the subparts are combined to generate image data.
5. The system of claim 1, wherein the user terminal is capable of displaying raw image data for data processing by a user.
6. A mobile slide viewing method, the method comprising:
acquiring image data and dividing each image data to generate a plurality of sub-parts, compressing each sub-part of the plurality of sub-parts with different compression ratios and encrypting each compressed sub-part by using different encryption modes, and unidirectionally connecting all the encrypted sub-parts of each image data through pointers to form a data chain;
transmitting each sub-part in the data chain to a corresponding storage node according to a storage distribution table received from the image cloud server;
receiving a data access request from a user terminal, wherein the data access request comprises identity authentication information and a data node identifier, determining a corresponding data node from at least one data node according to the data node identifier and sending the identity authentication information to the corresponding data node;
the corresponding data node receives identity authentication information from the data access server, authenticates the user terminal according to the identity authentication information to generate an authentication response message, and sends the authentication response message to the data access server;
the data access server receives an authentication response message from the corresponding data node, acquires an image data identifier in the authentication response message, and sends the image data identifier to the buffer server;
sending a query request to an image cloud server, wherein the query request comprises an image data identifier;
the image cloud server determines a storage node where each subsection in a data chain related to the image data is located according to the image data identification in the query request and a locally stored storage distribution table, and sends a data acquisition request to the storage node where each subsection is located; acquiring all sub-parts of the image data from the storage nodes and transmitting all sub-parts of the image data to the buffer server;
the buffer server acquires all sub-parts of the image data from the image cloud server and sends all sub-parts of the image data to the data access server;
the data access server performs one-way connection on all the subparts according to the pointers to restore the subparts into a data chain, decrypts each subpart according to the respective encryption mode of each subpart and restores the subparts according to different compression ratios of each subpart, combines all the subparts to generate image data and sends the image data to the mobile terminal;
the data node further includes an identification code generation unit that generates an identification code for each of the compressed subparts and adds the identification code to each of the encrypted subparts, and when the storage node where each subpart in the data chain associated with the image data is located cannot be determined from the image data identification in the query request and the locally stored storage allocation table, searches at least one storage node using the identification code of each of the compressed subparts, thereby obtaining all the subparts.
7. The method of claim 6, wherein
The data node acquires image data from an image shooting device and/or an image filing device by using an image data acquisition unit, wherein the image shooting device is used for acquiring the image data by using an imaging technology, and the image filing device is used for storing the image data acquired by the image shooting device;
the data node divides each image data by using a dividing unit to generate a plurality of subparts, compresses each subpart in the plurality of subparts by adopting different compression ratios and encrypts each compressed subpart by using different encryption modes;
the data node uses the association unit to unidirectionally connect all encrypted subparts of each image data through pointers to form a data chain, and determines an identification of a first subpart of the data chain;
the data node receives identity authentication information from the data access server by using the authentication unit and authenticates the user terminal according to the identity authentication information to generate an authentication response message, wherein the authentication response message comprises an authentication result and the image data identifier.
8. The method of claim 6, the unidirectionally concatenating all of the subdivisions according to the pointer to restore the data chain comprising: the data access server sends a pointer request to a data node, the pointer request comprises an image data identifier, the data node queries a local database according to the image data identifier to obtain an identifier of a first subpart of a data chain and sends a pointer response message containing the identifier of the first subpart to the data access server, the data access server determines the first subpart of the data chain according to the identifier of the first subpart, and the data access server performs unidirectional connection on the rest subparts in all subparts according to pointers in the first subpart to restore the data chain.
9. The method of claim 8, wherein decrypting each sub-portion according to its respective encryption scheme and restoring according to a different compression ratio for each sub-portion, and combining all sub-portions to generate image data comprises: the data access server sends a reduction request to a data node, wherein the reduction request comprises an image data identifier, and the data node queries a local database according to the image data identifier to obtain an encryption mode table and a compression ratio table which are consistent with the arrangement sequence of all sub-parts of a data chain; and sending a reduction response message containing an encryption mode table and a compression ratio table to a data access server, wherein the data access server decrypts each subpart according to the respective encryption mode of each subpart and reduces according to different compression ratios of each subpart according to the arrangement sequence of all the subparts indicated in the data chain and the encryption mode table and the compression ratio table, so that all the subparts are combined to generate image data.
10. The method of claim 6, further comprising displaying the raw image data on a user terminal for data processing by a user on the raw image data.
CN201611186309.XA 2016-12-20 2016-12-20 Mobile film reading system Active CN106612328B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611186309.XA CN106612328B (en) 2016-12-20 2016-12-20 Mobile film reading system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611186309.XA CN106612328B (en) 2016-12-20 2016-12-20 Mobile film reading system

Publications (2)

Publication Number Publication Date
CN106612328A CN106612328A (en) 2017-05-03
CN106612328B true CN106612328B (en) 2021-07-23

Family

ID=58636376

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611186309.XA Active CN106612328B (en) 2016-12-20 2016-12-20 Mobile film reading system

Country Status (1)

Country Link
CN (1) CN106612328B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107578811A (en) * 2017-09-27 2018-01-12 深圳绰曦互动科技有限公司 A kind of realization method and system of portable medical image workstation
CN109450985B (en) * 2018-10-17 2021-09-21 中电万维信息技术有限责任公司 High-performance Web image loading and displaying system based on Html5
CN109448823B (en) * 2018-10-31 2023-10-03 武汉联影医疗科技有限公司 Data processing method, device, server and storage medium
CN109448824A (en) * 2018-11-01 2019-03-08 武汉联影医疗科技有限公司 A kind of data retrieval method, system and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101222509A (en) * 2008-01-22 2008-07-16 中兴通讯股份有限公司 Data protection transmission method of P2P network
CN103207971A (en) * 2012-01-12 2013-07-17 富泰华工业(深圳)有限公司 Cloud storage-based data security protection system and method
CN103595896A (en) * 2013-11-19 2014-02-19 广东威创视讯科技股份有限公司 Method and system for synchronously displaying images with UHD resolution ratio
CN104090897A (en) * 2013-12-19 2014-10-08 深圳市腾讯计算机系统有限公司 Method, server and system for accessing metadata
US9009491B2 (en) * 2009-10-30 2015-04-14 Cleversafe, Inc. Distributed storage network and method for encrypting and decrypting data using hash functions

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101222509A (en) * 2008-01-22 2008-07-16 中兴通讯股份有限公司 Data protection transmission method of P2P network
US9009491B2 (en) * 2009-10-30 2015-04-14 Cleversafe, Inc. Distributed storage network and method for encrypting and decrypting data using hash functions
CN103207971A (en) * 2012-01-12 2013-07-17 富泰华工业(深圳)有限公司 Cloud storage-based data security protection system and method
CN103595896A (en) * 2013-11-19 2014-02-19 广东威创视讯科技股份有限公司 Method and system for synchronously displaying images with UHD resolution ratio
CN104090897A (en) * 2013-12-19 2014-10-08 深圳市腾讯计算机系统有限公司 Method, server and system for accessing metadata

Also Published As

Publication number Publication date
CN106612328A (en) 2017-05-03

Similar Documents

Publication Publication Date Title
CN106878263B (en) Cloud medical image storage system and communication system
CN106845075B (en) Centralized diagnosis report system
US11062796B2 (en) Multimode mobile electronic medical record system and working method thereof
US6557102B1 (en) Digital trust center for medical image authentication
CN106612328B (en) Mobile film reading system
US20110289310A1 (en) Cloud computing appliance
CN112073453B (en) Medical image cloud processing method, system and medium
US20030005464A1 (en) System and method for repository storage of private data on a network for direct client access
JP4904109B2 (en) Interpretation data management device and interpretation data management method
US20090041249A1 (en) Method and system for managing a key for encryption or decryption of data
US10853518B2 (en) Systems and methods for providing secure access to data using encrypted codes
TW201944277A (en) File packing and file package unpacking method and apparatus, and network device
KR20070022975A (en) DICOM image transit system in PACS system
US7379605B1 (en) Method for the integration of medical imaging data and content for wireless transmission and remote viewing
CN109583232B (en) CP-ABE-based medical archive management method, device, equipment and storage medium
CN116230147A (en) Medical examination information mutual recognition sharing system
CN112436936B (en) Cloud storage method and system with quantum encryption function
Pasha et al. An android-based mobile medical image viewer and collaborative annotation: development issues and challenges
CN112735552A (en) Electronic medical record folder information system based on block chain and IPFS
CN116028486A (en) Method and device for data storage and data query
US20060190999A1 (en) Method and apparatus for two-way transmission of medical data
WO2000062472A1 (en) System and method for transmission of encrypted files from a central server computer to a remote computer
CN111581666B (en) Ultrasonic data management system and method based on blockchain
KR101116230B1 (en) Method for providing medical information to mobile terminals and computer readable recording media recording the same
KR101437515B1 (en) Picture archiving and communication system and method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant