CN107579980A - Lightweight double call control system in medical Internet of Things - Google Patents

Lightweight double call control system in medical Internet of Things Download PDF

Info

Publication number
CN107579980A
CN107579980A CN201710798569.0A CN201710798569A CN107579980A CN 107579980 A CN107579980 A CN 107579980A CN 201710798569 A CN201710798569 A CN 201710798569A CN 107579980 A CN107579980 A CN 107579980A
Authority
CN
China
Prior art keywords
key
medical
patient
mrow
hip
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710798569.0A
Other languages
Chinese (zh)
Inventor
杨旸
张煜超
刘西蒙
程红举
张�浩
刘耿耿
尚艳艳
倪涛
倪一涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fuzhou University
Original Assignee
Fuzhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fuzhou University filed Critical Fuzhou University
Priority to CN201710798569.0A priority Critical patent/CN107579980A/en
Publication of CN107579980A publication Critical patent/CN107579980A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The present invention relates to the lightweight double call control system in a kind of medical Internet of Things.Patient obtains medical services by the medical infrastructure provider, medical Internet of Things is responsible for collecting the physiological data of patient and medical imaging forms medical document, and specifies access strategy encryption medical document to be then sent to the cloud platform by internet by patient;Patient also generates the urgent access key based on password by key generation centre, and specifies programmed emergency to know password;User is registered by key generation centre, obtains attribute key, its basis and access strategy match condition, generates corresponding authorization key, and the authorization key has the appropriate section decrypted rights that medical document is encrypted to cloud platform;Programmed emergency is by password, and being interacted with cloud platform, medical infrastructure provider can recover promptly to access key, so as to decrypt encryption medical document.The present invention solves the problems such as urgent access can not being supported in existing scheme, storage and computing cost are big.

Description

Lightweight double call control system in medical Internet of Things
Technical field
The present invention relates to the lightweight double call control system in a kind of medical Internet of Things.
Background technology
Data are collected and exchanged to Internet of Things (IoT) by the different physical equipment of Internet connection.Body-worn medical is set The medical Internet of Things of intelligence sensor composition on standby and medicine equipment can remotely monitor the health condition of patient.But wear The electricity for wearing formula or implantable sensor is extremely limited.Continually consuming patient can be made to sensor and ambulatory medical device charging With nurse's plenty of time, Consumer's Experience is greatly reduced.In addition, during wireless medical equipment out of power, it may threaten patient's Life.Therefore, in medical Internet of Things calculate must lightweight could reduce the consumption of electricity.
Medical Devices in medical Internet of Things can monitor the vital sign of patient, and the medical data monitored is collected Into medical document.The storage capacity of medical Internet of Things is limited, it is necessary to which third-party platform stores the medical document of magnanimity.Cloud meter Calculation can provide the user calculating and storage resource, support anywhere or anytime data access on demand.Cloud platform storage can be utilized Medical document is locally stored expense and enjoys convenient data access service to save.Because medical document includes sensitive physiology Data, it is therefore necessary to data are conducted interviews with control to prevent unauthorized persons from accessing data.
Conventional access control mechanisms are not particularly suited for emergency common in medical system.In emergency circumstances (such as Patient's heart onste is fallen in a swoon suddenly), access rights can not be licensed to first-aid personnel after patient unconscious, this may Delay treatment even results in death.In order to save the life of patient in time, it is necessary to which that realizes in emergency circumstances urgent connects Enter access mechanism.
Urgent access mechanism has bypassed the access strategy of routine, obtains the power of urgent access patient medical document Power.Because the authority of urgent insertion authority has bypassed access strategy and can access the medical data of patient, some malice easily User is in order to break through the limitation of access strategy, it is desirable to the authority promptly accessed.Therefore, promptly access power must be controlled System, is not abused.
2007, Ostrovsky et al. proposed the ABE schemes with non-monotonic (non-monotonic) access structure, it It is to assume to construct based on prejudgementing character bilinear Diffie-Hellman.Itd is proposed to reduce the computing cost, Lai et al. of decryption Cryptographic operation part is outsourced to public cloud, and proposed with the ABE schemes that can verify that outsourcing decryption.If malicious user tries Figure sells decruption key to obtain interests, then needs the identity of Tracing traitors and deprive its decrypted rights.The artificial electricity such as Zhou Sub- medical system proposes more mandate ABE schemes with whitepack traceability.Rouselakis et al. proposes that dynamic more and authorizes ABE Scheme reduces systematic parameter.Medical Internet of Things in the artificial distributed environment such as Yang proposes lightweight ABE schemes.Deng etc. People proposes the layering ABE schemes with short ciphertext.The artificial mobile social networking such as Luo proposes the classification with more authorization centers ABE schemes.
2009, Brucker et al. proposed the urgent access Controlling model based on different emergency prioritys, and it will be tight Anxious situation is divided into different brackets and made a distinction.Afterwards, they apply to urgent access concept in ABE, and propose urgent category Property hierarchy.Marinovic et al. proposes entitled Rampole novel emergency access model, and it is in decision process In need policy development person to limit time and access module.The artificial wireless senser medical network such as Maw proposes that urgent access is visited Model is asked, its based role model and the unlawful practice of user can be detected.However, these researchs only give basic framework But there is no concrete scheme.2016, Zhang et al. proposed a urgent access scheme based on password, and it utilizes base In the cryptographic construction of identity, fine-granularity access control can not be carried out to shared ciphertext under nonemergency.
For urgent access in currently existing scheme, can not be supported, the problems such as storage and computing cost are big, the present invention devises Lightweight double call control system in medical Internet of Things.
The content of the invention
It is an object of the invention to provide the lightweight double call control system in a kind of medical Internet of Things, solves existing There is the problems such as urgent access can not being supported in scheme, storage and computing cost are big.
To achieve the above object, the technical scheme is that:A kind of lightweight double call control in medical Internet of Things System processed, including key generation centre, cloud platform, medical infrastructure provider;
The key generation centre, it is that patient and user generate attribute key for generating main public/private keys pair;
The cloud platform, provide the user outsourcing storage and calculate service;
The medical infrastructure provider, medical Internet of Things infrastructure is provided for patient, and by medical Internet of Things base Infrastructure forms medical Internet of Things by Internet connection;
Patient obtains medical services by the medical infrastructure provider, and medical Internet of Things is responsible for collecting the life of patient Manage data and medical imaging forms medical document, and specify access strategy encryption medical document then to be sent out by internet by patient Give the cloud platform;Patient also generates the urgent access key based on password by key generation centre, and specifies urgent connection It is that people knows password;
User is registered by key generation centre, obtains attribute key, its basis and access strategy match condition, generates phase The authorization key answered, the authorization key has the appropriate section decrypted rights that medical document is encrypted to cloud platform, so as to obtain Obtain the medical document of appropriate section in plain text;
Programmed emergency by password, interacted with cloud platform, medical infrastructure provider can recover promptly to access it is close Key, so as to decrypt encryption medical document.
In an embodiment of the present invention, the key generation centre is with security parameter 1κFor input, given birth to using Setup algorithms It is specific as follows into main public/private keys pair:
Setup(1κ)→(MPK,MSK):Key generation centre selects hash function Symmetric cryptography/decipherment algorithm SEnc/SDec of safety and symmetric key spaceIn then key generation The heart selects random numberCalculate g2=g1 β, Y=e (g1,g1)α;It is MPK=finally to obtain Your Majesty's key (g1,g2, Y), main private key is MSK=(α, β);Wherein,WithIt is cyclic group, g1It isGeneration member.
In an embodiment of the present invention, user is as follows by attribute key SK generation authorization keys DK concrete mode:
KeyGen.Del(SK)→DK:CalculateAnd Authorization key is DK=(dk1,{dk2,i}i∈[k],dk3,dk4)。
In an embodiment of the present invention, patient generates the side of the urgent access key based on password by key generation centre Formula is:
Patient selects the urgent access key BK of password pw generations, while generates the auxiliary information (bk of urgent access key1, bk2), utilize password pw, auxiliary information (bk1,bk2) can recover to obtain key BK;Patient specifies programmed emergency ECP, and will Password pw informs ECP;It is implemented as follows,
KeyGen.BK(pw)→(BK,bk1,bk2):Calculate ζ=H1(IDPA, pw), select random numberSo that ζ=ζ12;Random selectionAnd make urgent access key BK=K;Wherein, IDPAThat is patient identity;
Cloud platform CP is randomly choosedCalculateAnd PCPIt is sent to patient;Medical infrastructure provider HIP is randomly choosedCalculateAnd PHIPIt is sent to patient;Patient receives (PCP,PHIP) after, selectionCalculate:K2=K (K1)-1·(PCP,PHIP)τ,Urgent access key Auxiliary information is bk1=(K11) and bk2=(K22);Patient is by auxiliary information bk1And bk2It is sent respectively to CP and HIP; CP is responsible for storing (bk1,PCP1), HIP is responsible for storing (bk2,PHIP2)。
In an embodiment of the present invention, by password, the mode for generating urgent access key is programmed emergency:ECP with Passwords of the password pw as input generation encapsulation, and it is sent respectively to CP and HIP;The auxiliary letter of the urgent access key of input Cease bk1/bk2With the password of encapsulation, CP/HIP is calculated and auxiliary is recovered into information ψ12It is sent to ECP;ECP respectively from CP and ψ is received at HIP1And ψ2Recover to obtain promptly accessing key BK afterwards;It is implemented as follows,
Extract.BK(pw,bk1,bk2)→BK:After CP and HIP receives urgent access cipher key-extraction request, respectively will PCPAnd PHIPIt is sent to ECP;ECP choosesCalculate ζ=H1(IDPA, pw),And point Other handle (Γ12) it is sent to CP and HIP;CP is calculatedAnd send it to ECP;HIP is calculatedAnd send it to ECP;ECP is by calculating BK=(ψ1·ψ2)·(PCP·PHIP)-sPromptly accessed Key BK.
In an embodiment of the present invention, the mode of the specified access strategy encryption medical document of patient is:Patient utilizes access StrategyMedical document M is encrypted with urgent access key BK, wherein,ρ is by matrixRow vector be mapped to category Property;It is implemented as follows,
Patient choosesMake v=(z, λ2,...λn)Τ;For i ∈ [l], calculateCalculate ciphertext CT:Υ=H2(BK,IDPA, FID), C0=Υ Yz,C2,i=ρ (i) zi/r1, C3,i=zi/r2,WhereinHave after representing MIndividual 0;The ciphertext of generation is CT=(CM,C0, C1,{C2,i,C3,i}i∈[l]);Patient willCloud platform CP is sent to be stored.
In an embodiment of the present invention, user is decrypted by authorization key to the part for encrypting medical document, is obtained corresponding The mode of partial medical document plaintext is:After cloud platform CP receives the data access request that user sends, the category of user is verified Property set whether meet encrypt medical document access strategy, if satisfied, then CP using user authorization key DK to encryption cure Treat document and carry out part decryption, then user passes through attribute key and decipherment algorithm Dec1Recover in plain text and verify its correctness, It is implemented as follows,
CP carries out part decrypting process using the authorization key DK of user to encryption medical document:
PDec(CT,DK)→CT':CP is calculated using linear cipher secret sharing LSSSSo thatCP is calculated:
And by CT'=(CM,C0, Ω) and it is sent to user;
User passes through attribute key and decipherment algorithm Dec1Recover in plain text and verify its correctness process:
Dec1(CT',SK)→M/⊥:User calculatesM'=SDec (H3(Υ),CM);If Represent that the ciphertext CT' of CP parts decryption is correct, and the medical document recovered is correct M;Otherwise ⊥ is exported.
In an embodiment of the present invention, ECP is by promptly accessing key BK and decipherment algorithm Dec2Decryption encryption medical treatment text Shelves, concrete mode is as follows,
Dec2(CT,BK)→M/⊥:ECP calculates Υ=H2(BK,IDPA, FID) and M'=SDec (H3(Υ),CM);IfRepresent that programmed emergency correctly extracts BK, and the medical document recovered is correct M;Otherwise ⊥ is exported.
Compared to prior art, the invention has the advantages that:
(1) Patients' rights encryption mechanism:In the present invention, patient is responsible for encrypting its medical data;In order in medical worker, friend Safely shared data between friend and household, access strategy is formulated by patient;
(2) access based on attribute:The present invention carries out the particulate in medical Internet of Things using the encryption method based on attribute Spend access control;System is distinguished according to the attribute set of user (such as kinsfolk, clinician, researcher and insurance personnel) Key is distributed for it, therefore they have different data access authorities;
(3) urgent access:The present invention realizes the urgent access based on password.Patient presets a mouth Make and be shared with programmed emergency;In emergency circumstances, programmed emergency using the urgent access key of password extraction and solves Close medical document;Urgent access key could be extracted by only knowing the programmed emergency of password, and this method effectively prevent tightly The abuse of anxious insertion authority;
(4) lightweight:Encryption in the present invention, decryption are urgent to access key generation and extract all using lightweight Algorithm;In the access mechanism based on attribute, cloud platform carries out part decryption using authorization key to ciphertext so that user only needs Carry out the decryption burden that single index computing in plain text, greatly reduces user with regard to that can recover.
Brief description of the drawings
Fig. 1 is present system framework.
Fig. 2 is the urgent access key generation process of the present invention.
Fig. 3 is the urgent access cipher key-extraction process of the present invention.
Fig. 4 is the two kinds of access control mechanisms used in the present invention.
Embodiment
Below in conjunction with the accompanying drawings, technical scheme is specifically described.
Lightweight double call control system in a kind of medical Internet of Things of the present invention, including key generation centre, cloud Platform, medical infrastructure provider;
The key generation centre, it is that patient and user generate attribute key for generating main public/private keys pair;
The cloud platform, provide the user outsourcing storage and calculate service;
The medical infrastructure provider, medical Internet of Things infrastructure is provided for patient, and by medical Internet of Things base Infrastructure forms medical Internet of Things by Internet connection;
Patient obtains medical services by the medical infrastructure provider, and medical Internet of Things is responsible for collecting the life of patient Manage data and medical imaging forms medical document, and specify access strategy encryption medical document then to be sent out by internet by patient Give the cloud platform;Patient also generates the urgent access key based on password by key generation centre, and specifies urgent connection It is that people knows password;
User is registered by key generation centre, obtains attribute key, its basis and access strategy match condition, generates phase The authorization key answered, the authorization key has the appropriate section decrypted rights that medical document is encrypted to cloud platform, so as to obtain Obtain the medical document of appropriate section in plain text;
Programmed emergency by password, interacted with cloud platform, medical infrastructure provider can recover promptly to access it is close Key, so as to decrypt encryption medical document.
In the present invention, the key generation centre is with security parameter 1κFor input, Your Majesty is generated using Setup algorithms Key/private key pair, it is specific as follows:
Setup(1κ)→(MPK,MSK):Key generation centre selects hash function Symmetric cryptography/decipherment algorithm SEnc/SDec of safety and symmetric key spaceIn then key generation The heart selects random numberCalculate g2=g1β, Y=e (g1,g1)α;It is MPK=finally to obtain Your Majesty's key (g1,g2, Y), main private key is MSK=(α, β);Wherein,WithIt is cyclic group, g1It isGeneration member.
In the present invention, user is as follows by attribute key SK generation authorization keys DK concrete mode:
KeyGen.Del(SK)→DK:CalculateAnd Authorization key is DK=(dk1,{dk2,i}i∈[k],dk3,dk4)。
In the present invention, patient is by way of key generation centre generates the urgent access key based on password:
Patient selects the urgent access key BK of password pw generations, while generates the auxiliary information (bk of urgent access key1, bk2), utilize password pw, auxiliary information (bk1,bk2) can recover to obtain key BK;Patient specifies programmed emergency ECP, and will Password pw informs ECP;It is implemented as follows,
KeyGen.BK(pw)→(BK,bk1,bk2):Calculate ζ=H1(IDPA, pw), select random numberSo that ζ=ζ12;Random selectionAnd make urgent access key BK=K;Wherein, IDPAThat is patient identity;
Cloud platform CP is randomly choosedCalculateAnd PCPIt is sent to patient;Medical infrastructure provider HIP is randomly choosedCalculateAnd PHIPIt is sent to patient;Patient receives (PCP,PHIP) after, selectionCalculate:K2=K (K1)-1·(PCP,PHIP)τ,Urgent access key Auxiliary information is bk1=(K11) and bk2=(K22);Patient is by auxiliary information bk1And bk2It is sent respectively to CP and HIP; CP is responsible for storing (bk1,PCP1), HIP is responsible for storing (bk2,PHIP2)。
In the present invention, by password, the mode for generating urgent access key is programmed emergency:ECP is made with password pw The password encapsulated for input generation, and it is sent respectively to CP and HIP;The auxiliary information bk of the urgent access key of input1/bk2 With the password of encapsulation, CP/HIP is calculated and auxiliary is recovered into information ψ12It is sent to ECP;ECP is received at CP and HIP respectively ψ1And ψ2Recover to obtain promptly accessing key BK afterwards;It is implemented as follows,
Extract.BK(pw,bk1,bk2)→BK:After CP and HIP receives urgent access cipher key-extraction request, respectively will PCPAnd PHIPIt is sent to ECP;ECP choosesCalculate ζ=H1(IDPA, pw),And point Other handle (Γ12) it is sent to CP and HIP;CP is calculatedAnd send it to ECP;HIP is calculatedAnd send it to ECP;ECP is by calculating BK=(ψ1·ψ2)·(PCP·PHIP)-sPromptly accessed Key BK.
In the present invention, the mode of the specified access strategy encryption medical document of patient is:Patient utilizes access strategy Medical document M is encrypted with urgent access key BK, wherein,ρ is by matrixRow vector be mapped to attribute;Specific implementation It is as follows,
Patient choosesMake v=(z, λ2,...λn)Τ;For i ∈ [l], calculateCalculate ciphertext CT:Υ=H2(BK,IDPA, FID), C0=Υ Yz,C2,i=ρ (i) zi/r1, C3,i=zi/r2,WhereinHave after representing MIndividual 0;The ciphertext of generation is CT=(CM,C0, C1,{C2,i,C3,i}i∈[l]);Patient willCloud platform CP is sent to be stored.
In the present invention, user is decrypted by authorization key to the part for encrypting medical document, obtains the doctor of appropriate section Treat document plaintext mode be:After cloud platform CP receives the data access request that user sends, verifying the attribute set of user is The no access strategy for meeting encryption medical document, if satisfied, then CP is entered using the authorization key DK of user to encryption medical document Row part is decrypted, and then user passes through attribute key and decipherment algorithm Dec1Recover in plain text and verify its correctness, implement It is as follows,
CP carries out part decrypting process using the authorization key DK of user to encryption medical document:
PDec(CT,DK)→CT':CP is calculated using linear cipher secret sharing LSSSSo thatCP is calculated:
And by CT'=(CM,C0, Ω) and it is sent to user;
User passes through attribute key and decipherment algorithm Dec1Recover in plain text and verify its correctness process:
Dec1(CT',SK)→M/⊥:User calculatesM'=SDec (H3(Υ),CM);If Represent that the ciphertext CT' of CP parts decryption is correct, and the medical document recovered is correct M;Otherwise ⊥ is exported.
In the present invention, ECP is by promptly accessing key BK and decipherment algorithm Dec2Decryption encryption medical document, specific side Formula is as follows,
Dec2(CT,BK)→M/⊥:ECP calculates Υ=H2(BK,IDPA, FID) and M'=SDec (H3(Υ),CM);IfRepresent that programmed emergency correctly extracts BK, and the medical document recovered is correct M;Otherwise ⊥ is exported.
It is below the specific implementation process of the present invention.
Fig. 1 is the system framework of the present invention.System includes following various types of entities.The characteristics of each entity and function It is described below:
Key generation centre (KGC):KGC is that system generates main public/private keys pair, is that patient and user's generation attribute are close Key.
Cloud platform (CP):CP has powerful storage and computing capability, provides the user outsourcing storage and calculates service.
Medical infrastructure provider (HIP):HIP be for patient provide medical Internet of Things infrastructure hospital or its His medical institutions.Medical Devices (such as electrocardiograph, B ultrasound instrument, electronic sphygmomanometer, CT scanner) in HIP are special by English Net connection, forms medical Internet of Things (IOT).
Patient (PA):PA obtains medical services from HIP.Medical Internet of Things is responsible for collecting the physiological data of patient and medical shadow Picture.In order to protect the medical data of sensitivity and realize fine-granularity access control, patient can specify access strategy to encrypt medical treatment Document simultaneously sends it to CP by internet.In view of emergency, patient generates the urgent access key based on password, should Key can recovers all encrypted documents of patient.Patient specifies emergency contact list, and password secret is informed promptly Contact person.
User:User can be other medical workers of doctor, nurse and HIP, or the friend and relative of patient. User needs to register to KGC, and obtains attribute key.If the attribute of user meets access strategy, it becomes possible to accesses patient's Data.After user receives the encryption medical document that CP is sent, it is decrypted using attribute key so as to obtain medical document Plaintext.
Programmed emergency (ECPs):ECPs is specified by patient, and knows the password of patient.In emergency circumstances, Ta Menyu CP, HIP are interacted so as to recover promptly to access key.ECPs inquires about the encrypted document of patient in CP, uses urgent access key Recover the medical records of patient.
1st, system is established
With security parameter 1κFor input, main public/private keys pair are generated using Setup algorithms, it is specific as follows:
Setup(1κ)→(MPK,MSK):Key generation centre selects hash function Symmetric cryptography/decipherment algorithm SEnc/SDec of safety and symmetric key spaceIn then key generation The heart selects random numberCalculate g2=g1 β, Y=e (g1,g1)α;It is MPK=finally to obtain Your Majesty's key (g1,g2, Y), main private key is MSK=(α, β);MPK is acquiescence input in following algorithm.
2nd, user key generates
User sends it to CP using attribute key SK generation authorization key DK.
KeyGen.Del(SK)→DK:CalculateAndAuthorization key is DK=(dk1,{dk2,i}i∈[k],dk3,dk4)。
3rd, the urgent access key generation based on password
Fig. 2 is urgent access key generation process.Patient (identity IDPA) the urgent access key BK of selection password pw generations, Auxiliary information (the bk of urgent access key is generated simultaneously1,bk2), utilize password pw, auxiliary information (bk1,bk2) can recover To key BK.Auxiliary information (bk1,bk2) it is respectively stored in CP and HIP.Patient specifies ECPs lists, and password pw secrets are accused Know ECPs.HIP is responsible for storing ECPs lists.
KeyGen.BK(pw)→(BK,bk1,bk2):Calculate ζ=H1(IDPA, pw), select random numberSo that ζ=ζ12;Random selectionAnd make urgent access key BK=K;
CP is randomly choosedCalculateAnd PCPIt is sent to patient;Medical infrastructure provider HIP is random SelectionCalculateAnd PHIPIt is sent to patient;Patient receives (PCP,PHIP) after, selectionCalculate: K2=K (K1)-1·(PCP,PHIP)τ,The auxiliary information of urgent access key is bk1 =(K11) and bk2=(K22);Patient is by auxiliary information bk1And bk2It is sent respectively to CP and HIP;CP is responsible for storage (bk1,PCP1), HIP is responsible for storing (bk2,PHIP2)。
4th, the urgent access cipher key-extraction based on password
Fig. 3 is urgent access cipher key-extraction process.In order to protect password pw, ECP to be used as input generation encapsulation using password pw Password, and be sent respectively to CP and HIP.CP and HIP can not be inferred to password pw from the password of encapsulation.Input is urgent Access the auxiliary information bk of key1/bk2With the password of encapsulation, CP/HIP is calculated and auxiliary is recovered into information ψ12It is sent to ECP;ECP receives ψ at CP and HIP respectively1And ψ2Recover to obtain promptly accessing key BK afterwards, own using BK decryption patients Encryption medical document.
Extract.BK(pw,bk1,bk2)→BK:After CP and HIP receives urgent access cipher key-extraction request, respectively by PCP And PHIPIt is sent to ECP;ECP choosesCalculate ζ=H1(IDPA, pw),And respectively (Γ12) it is sent to CP and HIP;CP is calculatedAnd send it to ECP;HIP is calculated And send it to ECP;ECP is by calculating BK=(ψ1·ψ2)·(PCP·PHIP)-sObtain promptly accessing key BK.
5th, encrypt
Patient utilizes access strategyMedical document M (document code FID) is encrypted with urgent access key BK, its In,ρ is by matrixRow vector be mapped to attribute
Patient choosesMake v=(z, λ2,...λn)Τ;For i ∈ [l], calculateCalculate ciphertext CT:Υ=H2(BK,IDPA, FID), C0=Υ Yz,C2,i=ρ (i) zi/r1, C3,i=zi/r2,WhereinHave after representing MIndividual 0;The ciphertext of generation is CT=(CM,C0, C1,{C2,i,C3,i}i∈[l]);Patient willCloud platform CP is sent to be stored.
6th, part is decrypted
After CP receives the data access request that user sends, verify whether the attribute set of user meets the access of ciphertext Strategy.If be unsatisfactory for, CP can refuse the request.Otherwise CP carries out part decryption using the authorization key DK of user to ciphertext, So as to reduce the operand of user's decryption.
PDec(CT,DK)→CT':CP is calculated using linear cipher secret sharing LSSSSo thatCP is calculated:
And by CT'=(CM,C0, Ω) and it is sent to user;
7th, it is decrypted and is verified with attribute key
Under normal circumstances, user utilizes its attribute key SK and decipherment algorithm Dec1Recover in plain text and verify its correctness.
Dec1(CT',SK)→M/⊥:User calculatesM'=SDec (H3(Υ),CM);If Represent that the ciphertext CT' of CP parts decryption is correct, and the medical document recovered is correct M;Otherwise ⊥ is exported.
8th, it is decrypted and is verified with urgent access key
In emergency circumstances, ECP is by promptly accessing key BK and decipherment algorithm Dec2Decrypt ciphertext.
Dec2(CT,BK)→M/⊥:ECP calculates Υ=H2(BK,IDPA, FID) and M'=SDec (H3(Υ),CM);IfRepresent that programmed emergency correctly extracts BK, and the medical document recovered is correct M;Otherwise ⊥ is exported.
9th, Bilinear map
WithIt is cyclic group, g1It isGeneration member.Bilinear mapThere are following characteristics:
(1) bilinearity:AndHave
(2) non-degeneracy:e(g1,g1)≠1。
(3) computability:By effectively can be calculated e (h1,h2)。
10th, difficulty is assumed
Prejudgementing character bilinear Diffie-Hellman is assumed.OrderT is random numberg1It is groupLife Cheng Yuan.Given tupleIn the absence of probabilistic polynomial time algorithmE (g can be distinguished1,g1)abcAnd T.'s Advantage ε is defined as:
11st, linear secret sharing scheme
Define 1:(linear secret sharing scheme (LSSS)).SetOn secret sharing scheme Π be referred to as it is linear ( On) and if only if:1. share (share) formation of each sideOn vector.2. l × n matrix be presentIt is referred to as Π Share (share) generator matrix.For all i=1 ..., l, M the i-th row by ρ (i) marks (ρ be { 1 ..., l } toA function).Make vector v=(z, λ2,...λn), wherein z is the secret to be sharedRandomly selectAccording to Π,Be secret z share vector (Belong to ρ (i)).
According to definition, each LSSS has linear reconstruction property.Assuming that Π is access structure Φ LSSS, S ∈ are made Φ is any sets of authorizations, defines I={ i:ρ (i) ∈ S }, whereinAccording to Π, if there is constant So that { zi}i∈IIt is any secret z effective share (validshare), then have ∑i∈Iωizi=z andFor unauthorized set, in the absence of such constant.
12nd, two kinds of access control mechanisms
Fig. 4 show two kinds of access control mechanisms:Access mechanism and urgent access mechanism based on attribute, including with Lower algorithm:Authorization key generating algorithm KeyGen.Del, part decipherment algorithm PDec, promptly accesses key-extraction algorithm Extract.BK, the decipherment algorithm of type -1 Dec1, the decipherment algorithm of type -2 Dec2
For the access based on attribute, ECP utilizes attribute key SK decryption ciphertexts.The present invention using outsourcing decryption technology come Mitigate the decryption burden of user.User performs authorization key generating algorithm KeyGen.Del, is generated by input of attribute key SK Authorization key DK, and send it to CP.During data access, CP carries out part decryption to encryption medical document.CP is performed Part decipherment algorithm PDec, ciphertext CT is changed into CT' using authorization key DK.User performs the decipherment algorithm of type -1 Dec1, Recover the plaintext of medical document using attribute key SK.In the decipherment algorithm of type -1 Dec1In, user only needs once to be referred to Number calculates can just recover in plain text from CT'.
For urgent access, ECP utilizes password pw, performs urgent access key-extraction algorithm Extract.BK and recovers Go out urgent access key BK.ECP performs the decipherment algorithm of type -2 Dec2Obtain the plaintext of medical document.
After performing decipherment algorithm, the invention provides verification algorithm to verify whether the medical document of recovery is correct, so as to Detect that the part decryption ciphertext CT' of mistake is sent to user, or CP (or HIP) by CP or HIP malicious act, such as CP The auxiliary of mistake is recovered information and is sent to ECP.
Advantages of the present invention:
(1) Patients' rights encryption mechanism:In the present invention, patient is responsible for encrypting its medical data.In order in medical worker, friend Safely shared data between friend and household, access strategy is formulated by patient.
(2) access based on attribute:The present invention carries out the particulate in medical Internet of Things using the encryption method based on attribute Spend access control.System is distinguished according to the attribute set of user (such as kinsfolk, clinician, researcher and insurance personnel) Key is distributed for it, therefore they have different data access authorities.
(3) urgent access:The present invention realizes the urgent access based on password.Patient presets a mouth Make and be shared with programmed emergency.In emergency circumstances, programmed emergency using the urgent access key of password extraction and solves Close medical document.Urgent access key could be extracted by only knowing the programmed emergency of password, and this method effectively prevent tightly The abuse of anxious insertion authority.
(4) lightweight:Encryption in the present invention, decryption are urgent to access key generation and extract all using lightweight Algorithm.In the access mechanism based on attribute, cloud platform carries out part decryption using authorization key to ciphertext so that user only needs Carry out the decryption burden that single index computing in plain text, greatly reduces user with regard to that can recover.
The purposes of the present invention:Medical Internet of Things (IOT) is the effective means that quality of medical care and efficiency improve in medical institutions.Doctor The vital sign of patient can be monitored by treating the Medical Devices in Internet of Things, these tidal data recoverings into medical document, and by document It is sent in Cloud Server and is stored, medical worker can accesses relevant documentation.In order to protect the privacy of patient, can use Encrypt to control access of the authorized person to document, while prevent the access of unauthorized persons.In addition it is also necessary to can be in emergency The lower medical document for accessing patient in time.The present invention proposes the lightweight double call control system in a medical Internet of Things, It provides two kinds of methods for accessing encryption medical document:Access and urgent access based on attribute.Under normal circumstances, cure Business personnel could be decrypted and access to data only when possessing attribute key.In emergency circumstances, urgent access machine System can get around the access strategy of medical document, it is allowed to which medical worker conducts interviews to data so as to save the life of patient in time Life.
It should be understood by those skilled in the art that, embodiments herein can be provided as method, system or computer program Product.Therefore, the application can use the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware Apply the form of example.Moreover, the application can use the computer for wherein including computer usable program code in one or more The computer program production that usable storage medium is implemented on (including but is not limited to magnetic disk storage, CD-ROM, optical memory etc.) The form of product.
The application is with reference to the flow according to the method for the embodiment of the present application, equipment (system) and computer program product Figure and/or block diagram describe.It should be understood that can be by every first-class in computer program instructions implementation process figure and/or block diagram Journey and/or the flow in square frame and flow chart and/or block diagram and/or the combination of square frame.These computer programs can be provided The processors of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce A raw machine so that produced by the instruction of computer or the computing device of other programmable data processing devices for real The device for the function of being specified in present one flow of flow chart or one square frame of multiple flows and/or block diagram or multiple square frames.
These computer program instructions, which may be alternatively stored in, can guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works so that the instruction being stored in the computer-readable memory, which produces, to be included referring to Make the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one square frame of block diagram or The function of being specified in multiple square frames.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that counted Series of operation steps is performed on calculation machine or other programmable devices to produce computer implemented processing, so as in computer or Its
The instruction that he performs on programmable device is provided for realizing in one flow of flow chart or multiple flows and/or side The step of function of being specified in one square frame of block diagram or multiple square frames.
Above is presently preferred embodiments of the present invention, all changes made according to technical solution of the present invention, caused function are made During with scope without departing from technical solution of the present invention, protection scope of the present invention is belonged to.

Claims (8)

  1. A kind of 1. lightweight double call control system in medical Internet of Things, it is characterised in that:Including key generation centre, cloud Platform, medical infrastructure provider;
    The key generation centre, it is that patient and user generate attribute key for generating main public/private keys pair;
    The cloud platform, provide the user outsourcing storage and calculate service;
    The medical infrastructure provider, medical Internet of Things infrastructure is provided for patient, and medical Internet of Things basis is set Apply by Internet connection, form medical Internet of Things;
    Patient obtains medical services by the medical infrastructure provider, and medical Internet of Things is responsible for collecting the physiology number of patient Medical document is formed according to medical imaging, and specifies access strategy encryption medical document to be then sent to by internet by patient The cloud platform;Patient also generates the urgent access key based on password by key generation centre, and specifies programmed emergency Know password;
    User is registered by key generation centre, obtains attribute key, and it is according to corresponding with access strategy match condition, generation Authorization key, the authorization key has the appropriate section decrypted rights that medical document is encrypted to cloud platform, so as to obtain phase Answer the medical document of part in plain text;
    By password, being interacted with cloud platform, medical infrastructure provider can recover promptly to access key programmed emergency, from And encryption medical document can be decrypted.
  2. 2. the lightweight double call control system in medical Internet of Things according to claim 1, it is characterised in that:It is described Key generation centre is with security parameter 1κFor input, main public/private keys pair are generated using Setup algorithms, it is specific as follows:
    Setup(1κ)→(MPK,MSK):Key generation centre selects hash function Symmetric cryptography/decipherment algorithm SEnc/SDec of safety and symmetric key spaceIn then key generation The heart selects random numberCalculate g2=g1 β, Y=e (g1,g1)α;It is MPK=finally to obtain Your Majesty's key (g1,g2, Y), main private key is MSK=(α, β);Wherein,WithIt is cyclic group, g1It isGeneration member.
  3. 3. the lightweight double call control system in medical Internet of Things according to claim 1, it is characterised in that:User The concrete mode that authorization key DK is generated by attribute key SK is as follows:
    KeyGen.Del(SK)→DK:CalculateAndAward Power key is DK=(dk1,{dk2,i}i∈[k],dk3,dk4)。
  4. 4. the lightweight double call control system in medical Internet of Things according to claim 1, it is characterised in that:Patient It is by way of key generation centre generates the urgent access key based on password:
    Patient selects the urgent access key BK of password pw generations, while generates the auxiliary information (bk of urgent access key1,bk2), Utilize password pw, auxiliary information (bk1,bk2) can recover to obtain key BK;Patient specifies programmed emergency ECP, and by password Pw informs ECP;It is implemented as follows,
    KeyGen.BK(pw)→(BK,bk1,bk2):Calculate ζ=H1(IDPA, pw), select random numberSo that ζ=ζ12;Random selectionAnd make urgent access key BK=K;Wherein, IDPAThat is patient identity;
    Cloud platform CP is randomly choosedCalculateAnd PCPIt is sent to patient;Medical infrastructure provider HIP with Machine selectsCalculateAnd PHIPIt is sent to patient;Patient receives (PCP,PHIP) after, selectionMeter Calculate:K2=K (K1)-1·(PCP,PHIP)τ,The auxiliary information of urgent access key For bk1=(K11) and bk2=(K22);Patient is by auxiliary information bk1And bk2It is sent respectively to CP and HIP;CP is responsible for depositing Store up (bk1,PCP1), HIP is responsible for storing (bk2,PHIP2)。
  5. 5. the lightweight double call control system in medical Internet of Things according to claim 4, it is characterised in that:Promptly By password, the mode for generating urgent access key is contact person:Passwords of the ECP using password pw as input generation encapsulation, and It is sent respectively to CP and HIP;The auxiliary information bk of the urgent access key of input1/bk2With the password of encapsulation, CP/HIP is calculated And auxiliary is recovered into information ψ12It is sent to ECP;ECP receives ψ at CP and HIP respectively1And ψ2Recover promptly to be connect afterwards Enter key BK;It is implemented as follows,
    Extract.BK(pw,bk1,bk2)→BK:After CP and HIP receives urgent access cipher key-extraction request, respectively by PCPWith PHIPIt is sent to ECP;ECP choosesCalculate ζ=H1(IDPA, pw),And respectively (Γ12) it is sent to CP and HIP;CP is calculatedAnd send it to ECP;HIP is calculated And send it to ECP;ECP is by calculating BK=(ψ1·ψ2)·(PCP·PHIP)-sObtain promptly accessing key BK.
  6. 6. the lightweight double call control system in medical Internet of Things according to claim 1, it is characterised in that:Patient Specify access strategy encryption medical document mode be:Patient utilizes access strategyWith urgent access key BK encryption medical treatment Document M, wherein,ρ is by matrixRow vector be mapped to attribute;It is implemented as follows,
    Patient choosesMake v=(z, λ2,...λn)Τ;For i ∈ [l], CalculateCalculate ciphertext CT:Υ=H2(BK,IDPA, FID), C0=Υ Yz,C2,i=ρ (i) zi/r1, C3,i= zi/r2,WhereinHave after representing MIndividual 0;The ciphertext of generation is CT=(CM,C0,C1, {C2,i,C3,i}i∈[l]);Patient willCloud platform CP is sent to be stored.
  7. 7. the lightweight double call control system in medical Internet of Things according to claim 3, it is characterised in that:User The part for encrypting medical document is decrypted by authorization key, the mode for obtaining the medical document plaintext of appropriate section is:Yun Ping After platform CP receives the data access request that user sends, verify whether the attribute set of user meets the access for encrypting medical document Strategy, if satisfied, then CP carries out part decryption using the authorization key DK of user to encryption medical document, then user passes through category Property key and decipherment algorithm Dec1Recover in plain text and verify its correctness, be implemented as follows,
    CP carries out part decrypting process using the authorization key DK of user to encryption medical document:
    PDec(CT,DK)→CT':CP is calculated using linear cipher secret sharing LSSSSo thatCP is calculated:
    <mrow> <mi>&amp;Omega;</mi> <mo>=</mo> <mi>e</mi> <mrow> <mo>(</mo> <msub> <mi>C</mi> <mn>1</mn> </msub> <mo>,</mo> <msub> <mi>dk</mi> <mn>1</mn> </msub> <mo>)</mo> </mrow> <mi>e</mi> <mrow> <mo>(</mo> <msub> <mi>dk</mi> <mn>3</mn> </msub> <mo>,</mo> <munder> <mo>&amp;Pi;</mo> <mrow> <mi>i</mi> <mo>&amp;Element;</mo> <mi>I</mi> </mrow> </munder> <msubsup> <mi>dk</mi> <mrow> <mn>2</mn> <mo>,</mo> <mi>i</mi> </mrow> <mrow> <msub> <mi>C</mi> <mrow> <mn>2</mn> <mo>,</mo> <mi>i</mi> </mrow> </msub> <mo>&amp;CenterDot;</mo> <msub> <mi>&amp;omega;</mi> <mi>i</mi> </msub> </mrow> </msubsup> <mo>)</mo> </mrow> <mi>e</mi> <mrow> <mo>(</mo> <msub> <mi>dk</mi> <mn>4</mn> </msub> <mo>,</mo> <munder> <mo>&amp;Pi;</mo> <mrow> <mi>i</mi> <mo>&amp;Element;</mo> <mi>I</mi> </mrow> </munder> <msubsup> <mi>dk</mi> <mrow> <mn>2</mn> <mo>,</mo> <mi>i</mi> </mrow> <mrow> <msub> <mi>C</mi> <mrow> <mn>3</mn> <mo>,</mo> <mi>i</mi> </mrow> </msub> <mo>&amp;CenterDot;</mo> <msub> <mi>&amp;omega;</mi> <mi>i</mi> </msub> </mrow> </msubsup> <mo>)</mo> </mrow> <mo>=</mo> <mi>e</mi> <msup> <mrow> <mo>(</mo> <msub> <mi>g</mi> <mn>1</mn> </msub> <mo>,</mo> <msub> <mi>g</mi> <mn>1</mn> </msub> <mo>)</mo> </mrow> <mrow> <mi>&amp;alpha;</mi> <mo>&amp;CenterDot;</mo> <mi>z</mi> <mo>&amp;CenterDot;</mo> <mi>&amp;tau;</mi> </mrow> </msup> </mrow>
    And by CT'=(CM,C0, Ω) and it is sent to user;
    User passes through attribute key and decipherment algorithm Dec1Recover in plain text and verify its correctness process:
    Dec1(CT',SK)→M/⊥:User calculatesM'=SDec (H3(Υ),CM);IfRepresent CP The ciphertext CT' of part decryption is correct, and the medical document recovered is correct M;Otherwise ⊥ is exported.
  8. 8. the lightweight double call control system in medical Internet of Things according to claim 5, it is characterised in that:ECP By promptly accessing key BK and decipherment algorithm Dec2Decryption encryption medical document, concrete mode is as follows,
    Dec2(CT,BK)→M/⊥:ECP calculates Υ=H2(BK,IDPA, FID) and M'=SDec(H3(Υ),CM);IfRepresent that programmed emergency correctly extracts BK, and the medical document recovered is correct M;Otherwise export ⊥。
CN201710798569.0A 2017-09-07 2017-09-07 Lightweight double call control system in medical Internet of Things Pending CN107579980A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710798569.0A CN107579980A (en) 2017-09-07 2017-09-07 Lightweight double call control system in medical Internet of Things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710798569.0A CN107579980A (en) 2017-09-07 2017-09-07 Lightweight double call control system in medical Internet of Things

Publications (1)

Publication Number Publication Date
CN107579980A true CN107579980A (en) 2018-01-12

Family

ID=61031212

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710798569.0A Pending CN107579980A (en) 2017-09-07 2017-09-07 Lightweight double call control system in medical Internet of Things

Country Status (1)

Country Link
CN (1) CN107579980A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109583232A (en) * 2018-11-20 2019-04-05 深圳大学 Medical archive management method, device, equipment and storage medium based on CP-ABE
CN111241375A (en) * 2019-12-31 2020-06-05 上海汇智融合科技集团有限公司 Regional medical information sharing query system
CN111324898A (en) * 2020-01-20 2020-06-23 福州大学 Block chain-based electronic medical document dual-access control system
CN112039880A (en) * 2020-08-30 2020-12-04 河南大学 Block chain distributed outsourcing-based dual-policy access control method
CN112735566A (en) * 2020-12-28 2021-04-30 武汉联影医疗科技有限公司 Medical image management method and device, computer equipment and storage medium
CN112989375A (en) * 2021-03-05 2021-06-18 武汉大学 Hierarchical optimization encryption lossless privacy protection method
CN113904818A (en) * 2021-09-27 2022-01-07 九江学院 Lightweight fine-grained access control method supporting ciphertext sharing and aggregation
CN115394392A (en) * 2022-08-31 2022-11-25 西安交通大学 Medical data sharing system and method

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103391192A (en) * 2013-07-16 2013-11-13 国家电网公司 Cross-safety-domain access control system and method based on privacy protection
CN103763319A (en) * 2014-01-13 2014-04-30 华中科技大学 Method for safely sharing mobile cloud storage light-level data
CN104683351A (en) * 2015-03-17 2015-06-03 西安电子科技大学 System and method for controlling anonymous hospitalizing and security access of medical information based on property
US20150331999A1 (en) * 1996-02-17 2015-11-19 Robert H. Shelton Standing order database search system and method for internet and intranet application
CN105959111A (en) * 2016-07-01 2016-09-21 何钟柱 Information security big-data resource access control system based on cloud computing and credible computing
CN106101131A (en) * 2016-07-06 2016-11-09 杨炳 A kind of encryption system realizing supporting fine-granularity access control
CN106209357A (en) * 2016-07-06 2016-12-07 杨炳 A kind of ciphertext based on cloud computing platform accesses control system
CN107104982A (en) * 2017-05-26 2017-08-29 福州大学 Have traitor tracing function in mobile electron medical treatment can search for encryption system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150331999A1 (en) * 1996-02-17 2015-11-19 Robert H. Shelton Standing order database search system and method for internet and intranet application
CN103391192A (en) * 2013-07-16 2013-11-13 国家电网公司 Cross-safety-domain access control system and method based on privacy protection
CN103763319A (en) * 2014-01-13 2014-04-30 华中科技大学 Method for safely sharing mobile cloud storage light-level data
CN104683351A (en) * 2015-03-17 2015-06-03 西安电子科技大学 System and method for controlling anonymous hospitalizing and security access of medical information based on property
CN105959111A (en) * 2016-07-01 2016-09-21 何钟柱 Information security big-data resource access control system based on cloud computing and credible computing
CN106101131A (en) * 2016-07-06 2016-11-09 杨炳 A kind of encryption system realizing supporting fine-granularity access control
CN106209357A (en) * 2016-07-06 2016-12-07 杨炳 A kind of ciphertext based on cloud computing platform accesses control system
CN107104982A (en) * 2017-05-26 2017-08-29 福州大学 Have traitor tracing function in mobile electron medical treatment can search for encryption system

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109583232A (en) * 2018-11-20 2019-04-05 深圳大学 Medical archive management method, device, equipment and storage medium based on CP-ABE
CN109583232B (en) * 2018-11-20 2022-03-18 深圳大学 CP-ABE-based medical archive management method, device, equipment and storage medium
CN111241375A (en) * 2019-12-31 2020-06-05 上海汇智融合科技集团有限公司 Regional medical information sharing query system
CN111324898A (en) * 2020-01-20 2020-06-23 福州大学 Block chain-based electronic medical document dual-access control system
CN111324898B (en) * 2020-01-20 2023-04-07 福州大学 Block chain-based electronic medical document dual-access control system
CN112039880A (en) * 2020-08-30 2020-12-04 河南大学 Block chain distributed outsourcing-based dual-policy access control method
CN112735566A (en) * 2020-12-28 2021-04-30 武汉联影医疗科技有限公司 Medical image management method and device, computer equipment and storage medium
CN112989375A (en) * 2021-03-05 2021-06-18 武汉大学 Hierarchical optimization encryption lossless privacy protection method
CN112989375B (en) * 2021-03-05 2022-04-29 武汉大学 Hierarchical optimization encryption lossless privacy protection method
CN113904818A (en) * 2021-09-27 2022-01-07 九江学院 Lightweight fine-grained access control method supporting ciphertext sharing and aggregation
CN113904818B (en) * 2021-09-27 2023-04-18 九江学院 Lightweight fine-grained access control method supporting ciphertext sharing and aggregation
CN115394392A (en) * 2022-08-31 2022-11-25 西安交通大学 Medical data sharing system and method

Similar Documents

Publication Publication Date Title
Yang et al. Lightweight break-glass access control system for healthcare Internet-of-Things
Yang et al. Privacy-preserving smart IoT-based healthcare big data storage and self-adaptive access control system
CN107579980A (en) Lightweight double call control system in medical Internet of Things
Yang et al. Lightweight sharable and traceable secure mobile health system
CN111986755B (en) Data sharing system based on blockchain and attribute-based encryption
Li et al. A blockchain based data aggregation and group authentication scheme for electronic medical system
CN107635018B (en) Cross-domain medical cloud storage system supporting emergency access control and safe deduplication
CN103391192B (en) A kind of based on secret protection across security domain access control system and control method thereof
Chen et al. An infrastructure framework for privacy protection of community medical internet of things: Transmission protection, storage protection and access control
CN108040056A (en) Safety medical treatment big data system based on Internet of Things
CN107104982A (en) Have traitor tracing function in mobile electron medical treatment can search for encryption system
Sharma et al. RSA based encryption approach for preserving confidentiality of big data
Castiglione et al. On secure data management in health-care environment
Wazid et al. Healthcare 5.0 security framework: applications, issues and future research directions
Lee et al. Service-oriented security framework for remote medical services in the Internet of Things environment
Xu et al. A secure mutual authentication scheme of blockchain-based in WBANs
WO2017148162A1 (en) Electronic prescription processing system and method applied to internet hospital
KR101022213B1 (en) Method and apparatus for sharing and secondary use of medical data based on multi-proxy re-encryption
CN112364376A (en) Attribute agent re-encryption medical data sharing method
CN115378966A (en) Intelligent medical online service system and intelligent medical online service method
CN105978918A (en) Bilinear identity authentication method suitable for wireless body area network communication access
Venkatasubramanian et al. Security solutions for pervasive healthcare
Padmashree et al. SIRLC: Secure information retrieval using lightweight cryptography in HIoT
Wang et al. Data transmission and access protection of community medical internet of things
Wenhua et al. A lightweight security model for ensuring patient privacy and confidentiality in telehealth applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180112