CN104009974A - A method for processing radio frequency identification medical information that provides privacy protection - Google Patents

A method for processing radio frequency identification medical information that provides privacy protection Download PDF

Info

Publication number
CN104009974A
CN104009974A CN201410193980.1A CN201410193980A CN104009974A CN 104009974 A CN104009974 A CN 104009974A CN 201410193980 A CN201410193980 A CN 201410193980A CN 104009974 A CN104009974 A CN 104009974A
Authority
CN
China
Prior art keywords
label
rfid reader
patient
background server
random number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410193980.1A
Other languages
Chinese (zh)
Inventor
林巧民
王汝传
叶宁
孙力娟
肖甫
黄海平
李鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Post and Telecommunication University
Original Assignee
Nanjing Post and Telecommunication University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Post and Telecommunication University filed Critical Nanjing Post and Telecommunication University
Priority to CN201410193980.1A priority Critical patent/CN104009974A/en
Publication of CN104009974A publication Critical patent/CN104009974A/en
Pending legal-status Critical Current

Links

Landscapes

  • Medical Treatment And Welfare Office Work (AREA)

Abstract

本发明是一种基于RFID的智慧医疗新方法,主要用于解决数字医疗过程中的医疗差错和病人隐私泄露问题,同时也提高了病人的就诊效率,以提高患者的用药安全和在数字医疗过程中避免人为错误。虽然这些基于RFID的措施比传统的数字医疗过程更高效,但是病人的信息却可能会在数据传输期间遭受威胁,从而导致隐私暴露或医疗差错。本发明中的方法采用了如下有效具体措施:1)匿名认证;2)加密诊断记录;3)化验标签与病人挂号标签正确关联;4)记录下检查过程以防将来可能出现的医疗纠纷;5)药物处方匹配检查保证用药安全。

The present invention is a new method of intelligent medical treatment based on RFID, which is mainly used to solve the problems of medical errors and patient privacy leakage in the process of digital medical treatment. avoid human error. Although these RFID-based measures are more efficient than traditional digital medical processes, patient information may be compromised during data transmission, leading to privacy exposure or medical errors. The method in the present invention adopts the following effective specific measures: 1) anonymous authentication; 2) encrypted diagnosis records; 3) the correct correlation between the laboratory label and the patient registration label; 4) record the inspection process to prevent possible medical disputes in the future; 5 ) drug prescription matching check to ensure medication safety.

Description

一种提供隐私保护的射频识别医疗信息处理方法A method for processing radio frequency identification medical information that provides privacy protection

技术领域technical field

本发明是一种提供隐私保护的射频识别(Radio Frequency Identification,RFID)医疗信息处理方法,主要用于解决数字医疗过程中的医疗差错和隐私泄露问题,属于物联网技术领域。The invention is a radio frequency identification (Radio Frequency Identification, RFID) medical information processing method providing privacy protection, which is mainly used to solve the problems of medical errors and privacy leakage in the digital medical process, and belongs to the technical field of the Internet of Things.

背景技术Background technique

在医疗行业中,借助于RFID可以加速医院的数字化进程。在医院管理中,可以给每位医师、护士、患者、公用医疗设备、贵重药品配备电子标签,从而方便地实现对患者的管理、重要医疗设备及药品的追踪,还可以优化流程,降低运行成本,提高服务质量、工作效率和管理水平。In the medical industry, the digitization process of hospitals can be accelerated with the help of RFID. In hospital management, each doctor, nurse, patient, public medical equipment, and valuable medicine can be equipped with an electronic label, so as to facilitate the management of patients, the tracking of important medical equipment and medicine, and optimize the process and reduce operating costs. , Improve service quality, work efficiency and management level.

与RFID在其它行业平淡局面相比,目前RFID在医疗业应用的兴起足以让人刮目相看,尤其在欧美等发达国家,越来越多的医院将RFID技术引入日常管理中,大大提高了医疗运营效率。然而,同样RFID在医疗业的应用也面临着一些问题,如隐私保护。Compared with the flat situation of RFID in other industries, the current rise of RFID in the medical industry is impressive enough, especially in developed countries such as Europe and the United States, more and more hospitals have introduced RFID technology into daily management, greatly improving the efficiency of medical operations . However, the application of RFID in the medical industry also faces some problems, such as privacy protection.

RFID电子标签同读写器之间的通信是基于无线射频信号的,这使得它们之间所传输的信息完全暴露在外面,假如所传送的医疗信息中含有敏感的隐私信息,则任何人都可能轻易获取。这是RFID系统出现隐私安全问题的源头所在,此外,RFID电子标签自身资源受限的特性(电源供给有限、存储空间小和计算能力弱等)也对RFID系统隐私安全机制的设计提出了难题和很大的挑战,使得设计工程师对于安全机制的设计和选取受到很大的限制。The communication between the RFID electronic tag and the reader is based on radio frequency signals, which makes the information transmitted between them completely exposed to the outside. If the transmitted medical information contains sensitive private information, anyone may Easy access. This is the source of privacy and security issues in RFID systems. In addition, the limited resources of RFID electronic tags (limited power supply, small storage space, and weak computing power, etc.) also pose difficulties and challenges to the design of privacy and security mechanisms in RFID systems. This is a big challenge, which makes the design and selection of security mechanisms by design engineers very limited.

发明内容Contents of the invention

技术问题:近年来,许多研究都推出基于RFID的数字医疗解决方案,以提高患者的用药安全和在数字医疗过程中避免人为错误。虽然这些基于RFID的措施比传统的数字医疗过程更高效,但是病人的信息却可能会在数据传输期间遭受威胁,从而导致隐私暴露或医疗差错。因此,很有必要提出一种提供隐私保护的RFID医疗信息处理方法,它不仅能够提高病人的就诊效率,还能保护病人的个人隐私信息不被泄露,同时保证不出医疗差错。Technical issues: In recent years, many studies have launched RFID-based digital medical solutions to improve patient medication safety and avoid human errors in the digital medical process. Although these RFID-based measures are more efficient than traditional digital medical processes, patient information may be compromised during data transmission, leading to privacy exposure or medical errors. Therefore, it is necessary to propose a privacy-protected RFID medical information processing method, which can not only improve the efficiency of patients' consultation, but also protect the patient's personal privacy information from being leaked, and at the same time ensure that there are no medical errors.

技术方案:1)在挂号阶段,系统会把病人身份信息与RFID标签编号对应起来,即采用病人的智能卡中的私钥对RFID的编号进行数据加密,并将加密后的编号信息分别存储到RFID标签和后台服务器。Technical solution: 1) In the registration stage, the system will associate the patient's identity information with the RFID tag number, that is, use the private key in the patient's smart card to encrypt the RFID number, and store the encrypted number information in the RFID tag respectively. Tags and backend servers.

2)在就诊阶段,为了保护病人的身份隐私,系统采用匿名认证方式。当医生给出诊断后,便用后台服务器的数字P来对应所存储的病人的加密诊断记录。病人利用挂号标签按照一定步骤获取该对应数字P,从而可以查看自己的诊断记录。2) In the stage of seeing a doctor, in order to protect the privacy of the patient's identity, the system adopts an anonymous authentication method. When the doctor gives a diagnosis, the number P of the background server is used to correspond to the encrypted diagnosis records of the stored patients. The patient uses the registration label to obtain the corresponding number P according to certain steps, so that he can view his own diagnosis records.

3)在化验阶段,关键要在后台服务器中将验血试管与病人身份正确关联起来。3) In the testing stage, the key is to correctly associate the blood test tube with the identity of the patient in the background server.

4)在检查阶段,检查医务人员将首先通过挂号标签再次确认病人的合法性,病人被确认是合法后方可接受检查。在该阶段,病人接受检查的过程将被记录下来,以防将来可能出现的医疗纠纷。4) In the inspection stage, the inspecting medical personnel will first reconfirm the legitimacy of the patient through the registration label, and the patient can only be accepted for inspection after being confirmed to be legal. At this stage, the process of the patient's examination will be recorded to prevent possible medical disputes in the future.

5)药物处方阶段主要涉及药品管理,目标是保证每一项药品都是医生开出的。需要注意的是,医生的建议药品列表早在医生完成诊断时就已经在后台服务器生成了,并且该药品列表是与病人的身份信息相对应的。药物都装袋后,对药品是否匹配仍需进行再次验证。5) The drug prescription stage mainly involves drug management, and the goal is to ensure that every drug is prescribed by a doctor. It should be noted that the doctor's recommended drug list has already been generated on the background server when the doctor completes the diagnosis, and the drug list corresponds to the patient's identity information. After all the medicines are bagged, it is still necessary to verify whether the medicines match again.

本发明的一种提供隐私保护的射频识别医疗信息处理方法包含5个阶段,即挂号、就诊、化验、检查和药物处方,具体方法如下:A kind of radio frequency identification medical information processing method that provides privacy protection of the present invention comprises 5 stages, namely registration, see a doctor, laboratory test, inspection and drug prescription, and specific method is as follows:

1)挂号阶段1) Registration stage

步骤11:RFID阅读器读取挂号标签的唯一编号IDi,智能卡阅读器读取病人的智能卡;Step 11: The RFID reader reads the unique number ID i of the registration label, and the smart card reader reads the patient's smart card;

步骤12:RFID阅读器将挂号标签唯一编号IDi发送给智能卡阅读器;Step 12: The RFID reader sends the unique number ID i of the registration label to the smart card reader;

步骤13:智能卡阅读器收到IDi后,采用病人智能卡中的私钥对IDi进行加密操作,得到病人的匿名标识Ii=Encrypt(IDi);Step 13: After receiving the ID i , the smart card reader uses the private key in the patient's smart card to encrypt the ID i to obtain the patient's anonymous identity I i =Encrypt(ID i );

步骤14:智能卡阅读器将病人的匿名标识Ii发送给RFID阅读器,后者将收到的病人匿名标识Ii写入挂号标签并替换掉IDiStep 14: the smart card reader sends the patient's anonymous identifier I i to the RFID reader, and the latter writes the received patient's anonymous identifier I i into the registration label and replaces the ID i ;

步骤15:智能卡阅读器发送病人的匿名标识Ii給后台服务器保存;Step 15: the smart card reader sends the patient's anonymous identifier I i to the background server for storage;

2)就诊阶段2) The stage of seeing a doctor

步骤21:医生通过RFID阅读器生成一个随机数r1,发送随机数r1给病人的挂号标签;Step 21: The doctor generates a random number r 1 through the RFID reader, and sends the random number r 1 to the patient's registration tag;

步骤22:得到随机数后,挂号标签计算结果值,其中H()是哈希函数;Step 22: After getting the random number, the registration tag calculates the result value , where H() is a hash function;

步骤23:挂号标签发送(r1,x1)给RFID阅读器;Step 23: The registration tag sends (r 1 , x 1 ) to the RFID reader;

步骤24:RFID阅读器将(r1,x1)转发给后台服务器,后台服务器验证所收到的x1的正确性,即将所收到的x1同计算值进行比较,相同则表示病人身份合法,该验证在确认病人的合法性的同时隐藏了其真实身份信息;Step 24: The RFID reader forwards (r 1 , x 1 ) to the background server, and the background server verifies the correctness of the received x1, that is, the received x 1 is the same as the calculated value For comparison, the same means that the identity of the patient is legal, and this verification hides the real identity information of the patient while confirming the legitimacy of the patient;

步骤25:挂号标签生成一个随机数r2,并将其发送给RFID阅读器;Step 25: The registration tag generates a random number r 2 and sends it to the RFID reader;

步骤26:RFID阅读器将随机数r2转发给后台服务器;Step 26: the RFID reader forwards the random number r 2 to the background server;

步骤27:后台服务器计算结果值,其中P为随机数,并将x2发送给RFID阅读器;Step 27: The background server calculates the result value , where P is a random number, and x 2 is sent to the RFID reader;

步骤28:RFID阅读器发送x2给挂号标签,后者利用x2解密得到数字P,即 P = x 2 ⊕ H ( I i ⊕ r 2 ) ; Step 28: The RFID reader sends x 2 to the registration tag, and the latter uses x 2 to decrypt to obtain the number P, namely P = x 2 ⊕ h ( I i ⊕ r 2 ) ;

3)化验阶段3) Assay stage

步骤31:RFID阅读器生成一个随机数r3,并将其发送给挂号标签和化验标签,贴在验血试管上;Step 31: The RFID reader generates a random number r 3 , and sends it to the registration label and the laboratory label, and sticks it on the blood test tube;

步骤32:挂号标签计算结果值 Step 32: Registered label calculation result value

步骤33:挂号标签将x3发送给RFID阅读器;Step 33: The registration tag sends x 3 to the RFID reader;

步骤34:化验标签计算,其中IDj是化验标签的标识号;Step 34: Assay label calculation , where ID j is the identification number of the assay label;

步骤35:化验标签发送x'3给RFID阅读器;Step 35: The test label sends x' 3 to the RFID reader;

步骤36:RFID阅读器根据x'3获得IDj后,发送信息(IDj,r3,x3)给后台服务器;Step 36: After the RFID reader obtains ID j according to x' 3 , send information (ID j , r 3 , x 3 ) to the background server;

步骤37:后台服务器根据信息(IDj,r3,x3)验证病人的合法性,若是合法的,即所收到的x3同计算值相等,则服务器将化验标签的标识号IDj插入到该病人的对应记录中;Step 37: The background server verifies the legitimacy of the patient according to the information (ID j , r 3 , x 3 ), if it is legal, the received x 3 is the same as the calculated value equal, then the server inserts the identification number ID j of the test label into the corresponding record of the patient;

4)检查阶段4) Inspection stage

步骤41:RFID阅读器生成一个随机数r4,并将其发送给挂号标签;Step 41: the RFID reader generates a random number r 4 and sends it to the registration tag;

步骤42:挂号标签计算结果值 x 4 = H ( I i ⊕ r 4 ) ⊕ ( P | | I i ) ; Step 42: Registered label calculation result value x 4 = h ( I i ⊕ r 4 ) ⊕ ( P | | I i ) ;

步骤43:挂号标签发送x4给RFID阅读器;Step 43: The registration tag sends x 4 to the RFID reader;

步骤44:RFID阅读器转发消息(r4,x4)给后台服务器,后台服务器根据所收到的x4和计算得到的是否相等来判断病人的合法性,如果结果相等,则病人的合法性得到验证;Step 44: The RFID reader forwards the message (r 4 , x 4 ) to the background server, and the background server calculates the received x 4 and If the results are equal, the patient's legitimacy is verified;

步骤45:RFID阅读器生成一个随机数r5,并将(Ti,r5)发送给挂号标签,其中Ti是当前的时间戳;Step 45: The RFID reader generates a random number r 5 and sends (T i , r 5 ) to the registration tag, where T i is the current timestamp;

步骤46:挂号标签计算结果值 x 5 = H ( I i ⊕ r 5 ) ⊕ ( T i | | P | | I i ) ; Step 46: Registered label calculation result value x 5 = h ( I i ⊕ r 5 ) ⊕ ( T i | | P | | I i ) ;

步骤47:挂号标签发送x5给RFID阅读器;Step 47: The registration tag sends x 5 to the RFID reader;

步骤48:检查医务人员标签发送IDk给RFID阅读器,其中IDk是检查医务人员标签的标识号;Step 48: check the tag of the medical staff and send ID k to the RFID reader, where ID k is the identification number of the tag of the checked medical staff;

步骤49:RFID阅读器转发消息(r5,x5,IDk)给后台服务器;Step 49: The RFID reader forwards the message (r 5 , x 5 , ID k ) to the background server;

步骤410:后台服务器生成数字签名{r5,x5,IDk},该数字签名可作为将来验证的证据;Step 410: The background server generates a digital signature {r 5 , x 5 , ID k }, which can be used as evidence for future verification;

5)药物处方阶段5) Drug prescription stage

步骤51:后台服务器生成随机数r6,发送r6给RFID阅读器;Step 51: The background server generates a random number r 6 and sends r 6 to the RFID reader;

步骤52:RFID阅读器转发随机数r6给药品标签1;Step 52: The RFID reader forwards the random number r 6 to the drug label 1;

步骤53:药品标签1生成随机数r7,并计算结果值,其中MID1是药品标签1的标识号;Step 53: drug label 1 generates random number r 7 and calculates the result value , where MID 1 is the identification number of drug label 1;

步骤54:药品标签1发送(x6,r7)给RFID阅读器;Step 54: Drug label 1 sends (x 6 , r 7 ) to the RFID reader;

步骤55:RFID阅读器转发随机数r6给药品标签2;Step 55: The RFID reader forwards the random number r 6 to the drug label 2;

步骤56:药品标签2生成随机数r8,并计算结果值,其中MID2是药品标签2的标识号;Step 56: drug label 2 generates a random number r 8 and calculates the result value , where MID 2 is the identification number of drug label 2;

步骤57:药品标签2发送(x7,r8)给RFID阅读器;Step 57: Drug label 2 sends (x 7 , r 8 ) to the RFID reader;

步骤58:类似地,对于药品标签3、药品标签4一直到药品标签n-1,重复步骤55~步骤57;Step 58: Similarly, for drug label 3, drug label 4 to drug label n-1, repeat steps 55 to 57;

步骤59:RFID阅读器转发随机数r6给药品标签n;Step 59: The RFID reader forwards the random number r 6 to the drug label n;

步骤510:药品标签n生成随机数rn+6,并计算结果值,其中MIDn是药品标签n的标识号;Step 510: Drug label n generates a random number r n+6 and calculates the result value , where MID n is the identification number of drug label n;

步骤511:药品标签n发送(xn+5,rn+6)给RFID阅读器;Step 511: Drug label n sends (x n+5 , r n+6 ) to the RFID reader;

步骤512:RFID阅读器转发(xi+5,ri+6)(1≤i≤n)给后台服务器,后台服务器根据接收到的(xi+5)(1≤i≤n)验证(MIDi)(1≤i≤n)是否在医生所开的药物处方中,若验证通过,即所收到的(xi+5)(1≤i≤n)同计算值相等,后台服务器才通知配药师可以装药入袋,并计算结果值,将yi同时存储在后台服务器以及附着在病人药袋上的药袋标签中;Step 512: The RFID reader forwards (x i+5 , r i+6 ) (1≤i≤n) to the background server, and the background server verifies ( Whether MID i )(1≤i≤n) is in the drug prescription prescribed by the doctor, if the verification is passed, the received (x i+5 )(1≤i≤n) is the same as the calculated value equal, the background server notifies the pharmacist that the medicine can be put into the bag, and calculates the result value , store yi in the background server and the medicine bag label attached to the patient's medicine bag at the same time;

步骤513:RFID阅读器生成一个随机数rn+7,发送rn+7给挂号标签和药袋标签;Step 513: the RFID reader generates a random number r n+7 , and sends r n+7 to the registration label and the medicine bag label;

步骤514:挂号标签发送计算结果值给RFID阅读器,药袋标签发送计算结果值 x n + 7 = H ( y i ⊕ r n + 7 ) ⊕ y i 给RFID阅读器;Step 514: The registered label sends the calculation result value Send the calculation result value to the RFID reader and the label of the medicine bag x no + 7 = h ( the y i ⊕ r no + 7 ) ⊕ the y i to the RFID reader;

步骤515:RFID阅读器接收到xn+6和xn+7后,发送信息(xn+6,xn+7,rn+7)给后台服务器进行匹配验证,即后台服务器验证xn+6和xn+7是否分别与计算值相等,当且仅当验证都是相等的,才可以断定该药袋没有出错且确实属于病人IiStep 515: After receiving x n+6 and x n+7 , the RFID reader sends information (x n+6 , x n+7 , r n+7 ) to the background server for matching verification, that is, the background server verifies x n Are +6 and x n+7 the same as the calculated value and Equal, if and only if the verifications are all equal, it can be concluded that the medicine bag has no error and indeed belongs to patient I i .

有益效果:本发明通过采用RFID技术,可以减少用药不当、增强门诊病人(住院病人)的医疗安全,促进健康关怀管理。特别地,该方法提高了医疗就诊效率、加强了医疗系统安全,尤其是充分考虑到并保护了病人用户的隐私。具体地,该方法采取了如下有益措施:Beneficial effects: the present invention can reduce improper medication, enhance the medical safety of outpatients (inpatients), and promote health care management by adopting RFID technology. In particular, the method improves the efficiency of medical treatment, strengthens the security of the medical system, and especially fully considers and protects the privacy of patient users. Specifically, the method takes the following beneficial measures:

1)匿名认证;1) Anonymous authentication;

2)加密诊断记录;2) Encrypted diagnostic records;

3)化验标签与病人挂号标签正确关联;3) The laboratory label is correctly associated with the patient registration label;

4)记录下检查过程以防将来可能出现的医疗纠纷;4) Record the inspection process to prevent possible medical disputes in the future;

5)药物处方匹配检查保证用药安全。5) Drug prescription matching check to ensure drug safety.

附图说明Description of drawings

图1是医疗就诊示意图,Figure 1 is a schematic diagram of medical treatment,

图2是挂号流程示意图,Figure 2 is a schematic diagram of the registration process,

图3是就诊流程示意图,Figure 3 is a schematic diagram of the medical treatment process,

图4是化验流程示意图,Figure 4 is a schematic diagram of the assay process,

图5是检查流程示意图,Figure 5 is a schematic diagram of the inspection process,

图6是药物处方流程示意图。Fig. 6 is a schematic flow chart of drug prescription.

具体实施方式Detailed ways

1)挂号阶段1) Registration stage

挂号流程如图2所示,其具体步骤如下。The registration process is shown in Figure 2, and the specific steps are as follows.

步骤1:RFID阅读器读取挂号标签的唯一编号IDi,智能卡阅读器读取病人的智能卡;Step 1: The RFID reader reads the unique number ID i of the registration label, and the smart card reader reads the patient's smart card;

步骤2:RFID阅读器将挂号标签唯一编号IDi发送给智能卡阅读器;Step 2: The RFID reader sends the unique number ID i of the registration label to the smart card reader;

步骤3:智能卡阅读器收到IDi后,采用病人智能卡中的私钥对IDi进行加密操作,得到病人的匿名标识Ii=Encrypt(IDi);Step 3: After receiving the ID i , the smart card reader uses the private key in the patient's smart card to encrypt the ID i to obtain the patient's anonymous identity I i = Encrypt(ID i );

步骤4:智能卡阅读器将病人的匿名标识Ii发送给RFID阅读器,后者将收到的病人匿名标识Ii写入挂号标签并替换掉IDiStep 4: The smart card reader sends the patient's anonymous identifier I i to the RFID reader, and the latter writes the received patient's anonymous identifier I i into the registration label and replaces the ID i ;

步骤5:智能卡阅读器发送病人的匿名标识Ii給后台服务器保存。Step 5: The smart card reader sends the patient's anonymous identifier I i to the background server for storage.

2)就诊阶段2) The stage of seeing a doctor

就诊流程如图3所示,其具体步骤如下。The process of seeing a doctor is shown in Figure 3, and the specific steps are as follows.

步骤1:医生通过RFID阅读器生成一个随机数r1,发送随机数r1给病人的挂号标签;Step 1: The doctor generates a random number r1 through the RFID reader, and sends the random number r1 to the patient's registration tag;

步骤2:得到随机数后,挂号标签计算结果值,其中H()是哈希函数;Step 2: After getting the random number, the registration tag calculates the result value , where H() is a hash function;

步骤3:挂号标签发送(r1,x1)给RFID阅读器;Step 3: The registration tag sends (r 1 ,x 1 ) to the RFID reader;

步骤4:RFID阅读器将(r1,x1)转发给后台服务器,后台服务器验证所收到的x1的正确性,即将所收到的x1同计算值进行比较,相同则表示病人身份合法,该验证在确认病人的合法性的同时隐藏了其真实身份信息;Step 4: The RFID reader forwards (r 1 , x 1 ) to the background server, and the background server verifies the correctness of the received x1, and the received x 1 is the same as the calculated value For comparison, the same means that the identity of the patient is legal, and this verification hides the real identity information of the patient while confirming the legitimacy of the patient;

步骤5:挂号标签生成一个随机数r2,并将其发送给RFID阅读器;Step 5: The registration tag generates a random number r 2 and sends it to the RFID reader;

步骤6:RFID阅读器将随机数r2转发给后台服务器;Step 6: The RFID reader forwards the random number r 2 to the background server;

步骤7:后台服务器计算结果值,并将x2发送给RFID阅读器;Step 7: The background server calculates the result value , and send x 2 to the RFID reader;

步骤8:RFID阅读器发送x2给挂号标签,后者利用x2解密得到数字P,即 P = x 2 ⊕ H ( I i ⊕ r 2 ) . Step 8: The RFID reader sends x 2 to the registration tag, and the latter uses x 2 to decrypt to get the number P, namely P = x 2 ⊕ h ( I i ⊕ r 2 ) .

3)化验阶段3) Assay stage

化验流程如图4所示,其具体步骤如下。The assay process is shown in Figure 4, and the specific steps are as follows.

步骤1:RFID阅读器生成一个随机数r3,并将其发送给挂号标签和化验标签(贴在验血试管上);Step 1: The RFID reader generates a random number r 3 and sends it to the registration label and the laboratory label (attached to the blood test tube);

步骤2:挂号标签计算结果值 Step 2: Registered label calculation result value

步骤3:挂号标签将x3发送给RFID阅读器;Step 3: The registration tag sends x 3 to the RFID reader;

步骤4:化验标签计算,其中IDj是化验标签的标识号;Step 4: Assay label calculation , where ID j is the identification number of the assay label;

步骤5:化验标签发送x'3给RFID阅读器;Step 5: The test label sends x' 3 to the RFID reader;

步骤6:RFID阅读器根据x'3获得IDj后,发送信息(IDj,r3,x3)给后台服务器;Step 6: After the RFID reader obtains ID j according to x' 3 , send information (ID j , r 3 , x 3 ) to the background server;

步骤7:后台服务器根据信息(IDj,r3,x3)验证病人的合法性,若是合法的,即所收到的x3同计算值相等,则服务器将化验标签的标识号IDj插入到该病人的对应记录中。Step 7: The background server verifies the legitimacy of the patient according to the information (ID j , r 3 , x 3 ), if it is legal, the received x 3 is the same as the calculated value If they are equal, the server inserts the identification number ID j of the test label into the corresponding record of the patient.

4)检查阶段4) Inspection stage

检查流程如图5所示,其具体步骤如下。The inspection process is shown in Figure 5, and its specific steps are as follows.

步骤1:RFID阅读器生成一个随机数r4,并将其发送给挂号标签;Step 1: The RFID reader generates a random number r 4 and sends it to the registration tag;

步骤2:挂号标签计算结果值 x 4 = H ( I i ⊕ r 4 ) ⊕ ( P | | I i ) ; Step 2: Registered label calculation result value x 4 = h ( I i ⊕ r 4 ) ⊕ ( P | | I i ) ;

步骤3:挂号标签发送x4给RFID阅读器;Step 3: The registration tag sends x 4 to the RFID reader;

步骤4:RFID阅读器转发消息(r4,x4)给后台服务器,后台服务器根据所收到的x4和计算得到的是否相等来判断病人的合法性,如果结果相等,则病人的合法性得到验证。Step 4: The RFID reader forwards the message ( r 4 , x 4 ) to the background server, and the background server calculates the If the results are equal, the patient's legitimacy is verified.

步骤5:RFID阅读器生成一个随机数r5,并将(Ti,r5)发送给挂号标签,其中Ti是当前的时间戳;Step 5: The RFID reader generates a random number r 5 and sends (T i , r 5 ) to the registration tag, where T i is the current timestamp;

步骤6:挂号标签计算结果值 x 5 = H ( I i ⊕ r 5 ) ⊕ ( T i | | P | | I i ) ; Step 6: Registered label calculation result value x 5 = h ( I i ⊕ r 5 ) ⊕ ( T i | | P | | I i ) ;

步骤7:挂号标签发送x5给RFID阅读器;Step 7: The registration tag sends x 5 to the RFID reader;

步骤8:检查医务人员标签发送IDk给RFID阅读器,其中IDk是检查医务人员标签的标识号;Step 8: Check the tag of the medical staff and send ID k to the RFID reader, where ID k is the identification number of the tag of the checked medical staff;

步骤9:RFID阅读器转发消息(r5,x5,IDk)给后台服务器;Step 9: The RFID reader forwards the message (r 5 , x 5 , ID k ) to the background server;

步骤10:后台服务器生成数字签名{r5,x5,IDk},该数字签名可作为将来验证的证据。Step 10: The background server generates a digital signature {r 5 , x 5 , ID k }, which can be used as evidence for future verification.

5)药物处方阶段5) Drug prescription stage

药物处方流程如图6所示,其具体步骤如下。The drug prescription process is shown in Figure 6, and its specific steps are as follows.

步骤1:后台服务器生成随机数r6,发送r6给RFID阅读器;Step 1: The background server generates a random number r 6 and sends r 6 to the RFID reader;

步骤2:RFID阅读器转发随机数r6给药品标签1;Step 2: The RFID reader forwards the random number r 6 to the drug label 1;

步骤3:药品标签1生成随机数r7,并计算结果值,其中MID1是药品标签1的标识号;Step 3: Drug label 1 generates random number r 7 and calculates the result value , where MID 1 is the identification number of drug label 1;

步骤4:药品标签1发送(x6,r7)给RFID阅读器;Step 4: Drug label 1 sends (x 6 , r 7 ) to the RFID reader;

步骤5:RFID阅读器转发随机数r6给药品标签2;Step 5: The RFID reader forwards the random number r 6 to the drug label 2;

步骤6:药品标签2生成随机数r8,并计算结果值,其中MID2是药品标签2的标识号;Step 6: Drug label 2 generates a random number r 8 and calculates the result value , where MID 2 is the identification number of drug label 2;

步骤7:药品标签2发送(x7,r8)给RFID阅读器;Step 7: Drug label 2 sends (x 7 , r 8 ) to the RFID reader;

步骤8:类似地,对于药品标签3、药品标签4一直到药品标签n-1,重复步骤5~步骤7;Step 8: Similarly, for drug label 3, drug label 4 to drug label n-1, repeat steps 5 to 7;

步骤9:RFID阅读器转发随机数r6给药品标签n;Step 9: The RFID reader forwards the random number r 6 to the drug label n;

步骤10:药品标签n生成随机数rn+6,并计算结果值,其中MIDn是药品标签n的标识号;Step 10: Drug label n generates a random number r n+6 and calculates the result value , where MID n is the identification number of drug label n;

步骤11:药品标签n发送(xn+5,rn+6)给RFID阅读器;Step 11: Drug label n sends (x n+5 , r n+6 ) to the RFID reader;

步骤12:RFID阅读器转发(xi+5,ri+6)(1≤i≤n)给后台服务器,后台服务器根据接收到的(xi+5)(1≤i≤n)验证(MIDi)(1≤i≤n)是否在医生所开的药物处方中,若验证通过,即所收到的(xi+5)(1≤i≤n)同计算值相等,后台服务器才通知配药师可以装药入袋,并计算结果值,将yi同时存储在后台服务器以及附着在病人药袋上的药袋标签中;Step 12: The RFID reader forwards (x i+5 ,r i+6 ) (1≤i≤n) to the background server, and the background server verifies ( Whether MID i )(1≤i≤n) is in the drug prescription prescribed by the doctor, if the verification is passed, the received (x i+5 )(1≤i≤n) is the same as the calculated value equal, the background server notifies the pharmacist that the medicine can be put into the bag, and calculates the result value , store yi in the background server and the medicine bag label attached to the patient's medicine bag at the same time;

步骤13:RFID阅读器生成一个随机数rn+7,发送rn+7给挂号标签和药袋标签;Step 13: The RFID reader generates a random number r n+7 , and sends r n+7 to the registration label and medicine bag label;

步骤14:挂号标签发送结果值给RFID阅读器,药袋标签发送结果值 x n + 7 = H ( y i ⊕ r n + 7 ) ⊕ y i 给RFID阅读器;Step 14: Registered label sends result value Send result value to RFID reader, medicine bag label x no + 7 = h ( the y i ⊕ r no + 7 ) ⊕ the y i to the RFID reader;

步骤15:RFID阅读器接收到xn+6和xn+7后,发送信息(xn+6,xn+7,rn+7)给后台服务器进行匹配验证,即后台服务器验证xn+6和xn+7是否分别与计算值相等,当且仅当验证都是相等的,才可以断定该药袋没有出错且确实属于病人IiStep 15: After receiving x n+6 and x n+7 , the RFID reader sends information (x n+6 , x n+7 , r n+7 ) to the background server for matching verification, that is, the background server verifies x n Are +6 and x n+7 the same as the calculated value and Equal, if and only if the verifications are all equal, it can be concluded that the medicine bag has no error and indeed belongs to patient I i .

Claims (1)

1. a radio frequency identification medical information processing method for secret protection is provided, it is characterized in that the method comprises 5 stages, register, go to a doctor, chemical examination, inspection and drug prescription, concrete grammar is as follows:
1) register the stage
Step 11:RFID reader reads the unique number ID of registered mail label i, intelligent card reading reads patient's smart card;
Step 12:RFID reader is by registered mail label unique number ID isend to intelligent card reading;
Step 13: intelligent card reading is received ID iafter, the private key in employing patient smart card is to ID ibe encrypted operation, obtain patient's anonymous identification I i=Encrypt (ID i);
Step 14: intelligent card reading is by patient's anonymous identification I isend to RFID reader, the latter is by the patient's anonymous identification I receiving iwrite registered mail label and replace ID i;
Step 15: intelligent card reading sends patient's anonymous identification I igive background server is preserved;
2) the medical stage
Step 21: doctor generates a random number r by RFID reader 1, send random number r 1give patient's registered mail label;
Step 22: obtain after random number registered mail label result of calculation value wherein H () is hash function;
Step 23: registered mail label sends (r 1, x 1) to RFID reader;
Step 24:RFID reader is by (r 1, x 1) being transmitted to background server, background server is verified the correctness of the x1 receiving, is about to received x 1same calculated value compare, identically represent that patient status is legal, this checking has been hidden its true identity information in the legitimacy of confirming patient;
Step 25: registered mail label generates a random number r 2, and send it to RFID reader;
Step 26:RFID reader is by random number r 2be transmitted to background server;
Step 27: background server result of calculation value wherein P is random number, and by x 2send to RFID reader;
Step 28:RFID reader sends x 2give registered mail label, the latter utilizes x 2deciphering obtains digital P, P = x 2 ⊕ H ( I i ⊕ r 2 ) ;
3) the chemical examination stage
Step 31:RFID reader generates a random number r 3, and send it to registered mail label and chemical examination label, be attached on blood count test tube;
Step 32: registered mail label result of calculation value
Step 33: registered mail label is by x 3send to RFID reader;
Step 34: chemical examination tag computation , wherein ID jit is the identification number of chemical examination label;
Step 35: chemical examination label sends x' 3give RFID reader;
Step 36:RFID reader is according to x' 3obtain ID jafter, transmission information (ID j, r 3, x 3) to background server;
Step 37: background server is according to information (ID j, r 3, x 3) checking patient legitimacy, if legal, the x that received 3same calculated value equate, server is by the identification number ID of chemical examination label jbe inserted in this patient's corresponding record;
4) examination phase
Step 41:RFID reader generates a random number r 4, and send it to registered mail label;
Step 42: registered mail label result of calculation value x 4 = H ( I i ⊕ r 4 ) ⊕ ( P | | I i ) ;
Step 43: registered mail label sends x 4give RFID reader;
Step 44:RFID reader forwarding messages (r 4, x 4) give background server, background server is according to received x 4with calculate whether equate to judge patient's legitimacy, if result is equal, patient's legitimacy is verified;
Step 45:RFID reader generates a random number r 5, and by (T i, r 5) send to registered mail label, wherein T iit is current timestamp;
Step 46: registered mail label result of calculation value x 5 = H ( I i ⊕ r 5 ) ⊕ ( T i | | P | | I i ) ;
Step 47: registered mail label sends x 5give RFID reader;
Step 48: check that medical worker's label sends ID kgive RFID reader, wherein ID kit is the identification number that checks medical worker's label;
Step 49:RFID reader forwarding messages (r 5, x 5, ID k) to background server;
Step 410: background server generating digital signature { r 5, x 5, ID k, this digital signature can be used as the evidence of checking in the future;
5) the drug prescription stage
Step 51: background server generates random number r 6, send r 6give RFID reader;
Step 52:RFID reader forwards random number r 6give medicine label 1;
Step 53: medicine label 1 generates random number r 7, and result of calculation value , wherein MID 1it is the identification number of medicine label 1;
Step 54: medicine label 1 sends (x 6, r 7) to RFID reader;
Step 55:RFID reader forwards random number r 6give medicine label 2;
Step 56: medicine label 2 generates random number r 8, and result of calculation value , wherein MID 2it is the identification number of medicine label 2;
Step 57: medicine label 2 sends (x 7, r 8) to RFID reader;
Step 58: similarly, for medicine label 3, medicine label 4 until medicine label n-1, repeating step 55~step 57;
Step 59:RFID reader forwards random number r 6give medicine label n;
Step 510: medicine label n generates random number r n+6, and result of calculation value , wherein MID nit is the identification number of medicine label n;
Step 511: medicine label n sends (x n+5, r n+6) to RFID reader;
Step 512:RFID reader forwards (x i+5, r i+6) (1≤i≤n) give background server, background server is according to (the x receiving i+5) (1≤i≤n) checking (MID i) (in the drug prescription of 1≤i≤n) whether open doctor, if be verified, (the x that received i+5) (1≤i≤n) same to calculated value equate, background server just notifies pharmacist powder charge to enter bag, and result of calculation value , by y ibe stored in background server simultaneously and be attached in the medicine bag label on patient's medicine bag;
Step 513:RFID reader generates a random number r n+7, send r n+7give registered mail label and medicine bag label;
Step 514: registered mail label sends result of calculation value give RFID reader, medicine bag label sends result of calculation value x n + 7 = H ( y i ⊕ r n + 7 ) ⊕ y i Give RFID reader;
Step 515:RFID reader receives x n+6and x n+7after, transmission information (x n+6, x n+7, r n+7) mate checking to background server, i.e. background server checking x n+6and x n+7whether respectively with calculated value with equate, and if only if, and checking all equates, just can conclude that this medicine bag do not make mistakes and really belong to patient I i.
CN201410193980.1A 2014-05-08 2014-05-08 A method for processing radio frequency identification medical information that provides privacy protection Pending CN104009974A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410193980.1A CN104009974A (en) 2014-05-08 2014-05-08 A method for processing radio frequency identification medical information that provides privacy protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410193980.1A CN104009974A (en) 2014-05-08 2014-05-08 A method for processing radio frequency identification medical information that provides privacy protection

Publications (1)

Publication Number Publication Date
CN104009974A true CN104009974A (en) 2014-08-27

Family

ID=51370468

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410193980.1A Pending CN104009974A (en) 2014-05-08 2014-05-08 A method for processing radio frequency identification medical information that provides privacy protection

Country Status (1)

Country Link
CN (1) CN104009974A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108229205A (en) * 2018-01-05 2018-06-29 东北大学 A kind of medical information system and medical information guard method
CN108899076A (en) * 2018-06-12 2018-11-27 涓ユ不 A kind of medical treatment Quality Control information system and its control method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060218626A1 (en) * 2005-03-23 2006-09-28 Edwards Systems Technology, Inc. Patient identification and information protection system and method
CN101271534A (en) * 2008-03-25 2008-09-24 华南理工大学 RFID tag and its reader, reading system and security authentication method
US20090048865A1 (en) * 2007-08-16 2009-02-19 Breazeale Jr Earl Edward Patient Tracking Systems and Methods
CN101470791A (en) * 2007-12-29 2009-07-01 华为技术有限公司 Radio frequency signal recognition and response method and system, label and reading device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060218626A1 (en) * 2005-03-23 2006-09-28 Edwards Systems Technology, Inc. Patient identification and information protection system and method
US20090048865A1 (en) * 2007-08-16 2009-02-19 Breazeale Jr Earl Edward Patient Tracking Systems and Methods
CN101470791A (en) * 2007-12-29 2009-07-01 华为技术有限公司 Radio frequency signal recognition and response method and system, label and reading device
CN101271534A (en) * 2008-03-25 2008-09-24 华南理工大学 RFID tag and its reader, reading system and security authentication method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108229205A (en) * 2018-01-05 2018-06-29 东北大学 A kind of medical information system and medical information guard method
CN108899076A (en) * 2018-06-12 2018-11-27 涓ユ不 A kind of medical treatment Quality Control information system and its control method

Similar Documents

Publication Publication Date Title
Gonçalves et al. Security architecture for mobile e-health applications in medication control
Sadhu et al. Prospect of internet of medical things: A review on security requirements and solutions
Mansoor et al. Securing IoT-based RFID systems: A robust authentication protocol using symmetric cryptography
Peris-Lopez et al. A comprehensive RFID solution to enhance inpatient medication safety
Jung et al. Efficient and security enhanced anonymous authentication with key agreement scheme in wireless sensor networks
US10152582B2 (en) System and method for securing, and providing secured access to encrypted global identities embedded in a QR code
WO2022062399A1 (en) Blockchain network-based diagnosis method and apparatus, and blockchain network system
CN102388386A (en) Device and user authentication
Jung et al. An improved and secure anonymous biometric-based user authentication with key agreement scheme for the integrated epr information system
Özcanhan et al. Cryptographically supported NFC tags in medication for better inpatient safety
CN103338196A (en) Information certificate authority and safety use method and system
Chen et al. Security privacy and policy for cryptographic based electronic medical information system
Kaul et al. RFID authentication protocol to enhance patient medication safety
Nikkhah et al. LAPCHS: A lightweight authentication protocol for cloud-based health-care systems
Safkhani et al. A note on the security of IS-RFID, an inpatient medication safety
CN104965986A (en) Generation system and method for medical information identification card of implantable medical device
Sun et al. Privacy‐preserving self‐helped medical diagnosis scheme based on secure two‐party computation in wireless sensor networks
Choi et al. Towards secure and usable certificate-based authentication system using a secondary device for an industrial internet of things
Chen et al. An RFID solution for enhancing inpatient medication safety with real-time verifiable grouping-proof
El-Meniawy et al. An authentication protocol for the medical internet of things
Le Cross-server end-to-end patient key agreement protocol for DNA-based U-healthcare in the internet of living things
CN104009974A (en) A method for processing radio frequency identification medical information that provides privacy protection
Chen et al. Hadoop‐Based Healthcare Information System Design and Wireless Security Communication Implementation
CN112651033A (en) LIMS-based inspection information acquisition and input method, system and medium
Delgado-Vargas et al. Cryptographic protocol with keyless sensors authentication for WBAN in healthcare applications

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20140827