CN107635018A - Support the cross-domain medical cloud storage system of urgent access control and safe duplicate removal - Google Patents
Support the cross-domain medical cloud storage system of urgent access control and safe duplicate removal Download PDFInfo
- Publication number
- CN107635018A CN107635018A CN201711051952.6A CN201711051952A CN107635018A CN 107635018 A CN107635018 A CN 107635018A CN 201711051952 A CN201711051952 A CN 201711051952A CN 107635018 A CN107635018 A CN 107635018A
- Authority
- CN
- China
- Prior art keywords
- key
- medical
- ciphertext
- bgk
- patient
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000003860 storage Methods 0.000 title claims abstract description 46
- 238000004422 calculation algorithm Methods 0.000 claims description 48
- 238000000034 method Methods 0.000 claims description 35
- 230000008569 process Effects 0.000 claims description 18
- 239000011159 matrix material Substances 0.000 claims description 11
- 238000004364 calculation method Methods 0.000 claims description 8
- 238000013507 mapping Methods 0.000 claims description 6
- 238000006243 chemical reaction Methods 0.000 claims description 4
- 230000009466 transformation Effects 0.000 claims description 4
- 238000012795 verification Methods 0.000 claims description 4
- 125000004122 cyclic group Chemical group 0.000 claims description 3
- 238000012546 transfer Methods 0.000 claims description 3
- 230000007246 mechanism Effects 0.000 abstract description 7
- 238000010586 diagram Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 8
- 238000004590 computer program Methods 0.000 description 7
- 238000001514 detection method Methods 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 5
- 238000013475 authorization Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 238000000605 extraction Methods 0.000 description 3
- 238000003745 diagnosis Methods 0.000 description 2
- 230000036541 health Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 238000012946 outsourcing Methods 0.000 description 2
- 208000017667 Chronic Disease Diseases 0.000 description 1
- 206010010071 Coma Diseases 0.000 description 1
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 150000001875 compounds Chemical class 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 201000010099 disease Diseases 0.000 description 1
- 208000037265 diseases, disorders, signs and symptoms Diseases 0.000 description 1
- 208000002173 dizziness Diseases 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000008030 elimination Effects 0.000 description 1
- 238000003379 elimination reaction Methods 0.000 description 1
- 230000002349 favourable effect Effects 0.000 description 1
- 239000007943 implant Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 208000010125 myocardial infarction Diseases 0.000 description 1
- 230000003121 nonmonotonic effect Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012552 review Methods 0.000 description 1
Landscapes
- Medicines Containing Antibodies Or Antigens For Use As Internal Diagnostic Agents (AREA)
- Medical Treatment And Welfare Office Work (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a kind of cross-domain medical cloud storage system for supporting urgent access control and safe duplicate removal, the password of patient set one and the urgent access key based on the password, and password is informed into programmed emergency;Patient specifies access strategy and urgent access after key encrypts the medical document of oneself to store to public cloud;User registers to medical institutions and obtains anonymous Identity and attribute key, and obtain corresponding proxy signature key and be sent to public cloud, public cloud generates the part ciphertext of encryption medical document according to proxy signature key, and user obtains encrypting medical document in plain text according to attribute key and part ciphertext;Programmed emergency obtains urgent access key to decrypt the encryption medical document of patient using password;Public cloud and the private clound of medical institutions interact, and perform the copy that safe deduplication operation eliminates encryption medical document.The present invention supports urgent access, employs safe duplicate removal mechanism to delete the redundancy ciphertext comprising identical message so as to save memory space and transport overhead.
Description
Technical Field
The invention relates to the technical field of cloud storage, in particular to a cross-domain medical cloud storage system supporting emergency access control and safe duplication elimination.
Background
The development of internet of things (IoT) technology has made it possible for medical institutions to provide high-quality, more convenient, and more widespread medical services. Medical institutions can implant tiny sets of wireless sensor nodes into patients (or attached to the surface of the patient's skin) to monitor their health and collect important physiological data, which aids in emergency medical rescue and chronic disease detection. The elderly can enjoy modern medical services anytime and anywhere using wearable or implantable medical sensors.
After the medical IoT network collects the medical data, the medical data is transmitted to a data center for storage and disease diagnosis. To protect the privacy of the patient, the medical documents need to be encrypted before transmission to prevent eavesdropping on the public channel. The data owner defines authorization attributes and relationships by enforcing access policies on the protected data. Only the user (e.g., doctor, nurse, anesthesiologist, or patient's family) who possesses the attribute key has the authority to decrypt the ciphertext. This method is called attribute-based encryption (ABE).
In modern medical systems, a patient with a difficult condition may be diagnosed and treated in different hospitals. Therefore, there is a need to implement a cross-domain secure data sharing system to facilitate patient treatment between different hospitals. The doctor at hospital B can review the exam report generated at hospital a. Encrypted medical documents generated by different hospitals are sent to a public cloud server for storage, and the encrypted medical documents are accessed by users. The patient defines a cross-domain access policy for his encrypted medical records. Each medical professional registers with their medical institution to obtain a key for decrypting the patient's encrypted document.
Emergency situations such as car accidents or sudden coma of the patient may occur in the medical system. In these emergency situations, electronic medical documents of the patient need to be acquired to save their lives. While emergency personnel on site are likely to not have access to the patient's encrypted medical documents. Security mechanisms that protect data privacy may hinder emergency treatment of patients. It is therefore crucial to design an emergency access method for emergency situations, which enables access to electronic medical documents even if emergency personnel do not have the associated attribute key. At the same time, the emergency access rights should be controllable and protected against malicious access by an attacker.
Different medical personnel may use different access policies to encrypt the same medical data. The ciphertext is transmitted to a public cloud server, and a large amount of storage space is occupied. In order to save storage space and transmission overhead, an effective method is to eliminate redundant ciphertexts containing the same message in the cloud server, and the method is called safe deduplication.
In 2009 Brucker et al proposed an access control model with emergency access functionality and a security architecture that supports emergency access. They then integrate the emergency access mechanism into an attribute-based encryption scheme to implement a security log system for analyzing the user's behavior during emergency access. Marinovic et al propose a new emergency access model named Rampole that adds integrity constraints in the decision-making process so that a decision-maker can manage emergency access privileges in a fine-grained manner. Maw et al devised an emergency access model for wireless sensor medical networks and involved the problem of access rights management across medical domains. However, these studies only give basic architectures and no specific solution. In 2016, zhang et al proposed a password-based emergency access scheme based on two-factor encryption: password-based encryption and master private key-based encryption.
In 2013, bellare et al proposed message locked encryption (message locked encryption) to implement secure deduplication and can derive encryption and decryption keys from messages. In 2014, li et al proposed a system for managing aggregated keys in secure deduplication. The system is implemented by the key technology and is based on a secret sharing scheme. Later, they proposed a secure deduplication system in a hybrid cloud architecture (including public and private clouds) and able to resist collusion attacks. In 2015, liu et al constructed a novel secure deduplication system based on a password authenticated key exchange protocol. Since these security deduplication systems do not take into account the issue of access control, cui et al propose a security deduplication system based on attribute access control using zero knowledge proof.
In 2007, ostrovsky proposed an attribute-based encryption algorithm such that the user's key could represent both monotonic (monotone) and non-monotonic (non-monotone) access policies. To reduce the decryption computation overhead, green et al propose outsourcing decryption methods so that users can recover messages using lightweight computing. In order to detect the correctness of the converted ciphertext, people research verifiable outsourcing decryption and provide an effective way for correctness verification. The traitor tracing problem in ABE was studied to recover the identity of a malicious user. One has studied the security search problem in ABE: the user sends the keyword trapdoors to the cloud server to search, and the cloud server returns the ciphertext containing the same keyword. Yang et al propose a time domain attribute based access control scheme to protect cloud-based video content sharing that embeds time into the ciphertext and key to achieve time control. To reduce trust in a single authority center, the ABE scheme of multiple authority centers has been studied.
Disclosure of Invention
Aiming at the prior art, the invention provides a cross-domain medical cloud storage system supporting emergency access control and safe duplicate removal, which supports emergency access control and safe duplicate removal and solves the problems of data redundancy, high storage overhead and the like.
In order to achieve the purpose, the technical scheme of the invention is as follows: a cross-domain medical cloud storage system supporting emergency access control and safe duplicate removal comprises a key generation center, a medical institution and a public cloud;
the key generation center is used for generating public parameters and a main private key of the cross-domain medical cloud storage system, detecting the medical quality of the medical institution and generating a public key/private key for the medical institution;
the medical institution distributes an attribute set according to the characteristics of the user, generates an attribute key, and executes storage and calculation service for the user through a private cloud;
the public cloud is used for storing medical documents of patients of different medical institutions and responding to data access inquiry; the patient acquires medical service through a medical institution, sets a password and an emergency access key based on the password, and informs an emergency contact of the password; the patient appoints an access strategy and an emergency access key to encrypt medical documents of the patient and then store the medical documents to the public cloud; the emergency contact list is managed by a private cloud of the medical institution;
the method comprises the steps that a user registers in a medical institution to obtain an anonymous identity and an attribute key, obtains a corresponding proxy key according to the anonymous identity and the attribute key and sends the proxy key to a public cloud, the public cloud generates a part of ciphertext of an encrypted medical document according to the proxy key, and the user obtains a plaintext of the encrypted medical document according to the attribute key and the part of ciphertext;
the emergency contact acquires the emergency access key by using the password to decrypt the encrypted medical document of the patient;
the public cloud interacts with a private cloud of the medical institution to perform a secure deduplication operation to eliminate copies of encrypted medical documents.
Further, the key generation center inputs security parameters 1 κ The public parameters and the main private key of the system are generated by adopting a GlobalSetup algorithm, which specifically comprises the following steps:
GlobalSetup(1 κ ) → (PP, MSK): random selection hash function for key generation center Secure symmetric encryption/decryption algorithm SEnc/SDec and symmetric key spaceThe key generation center then selects a cyclic groupGenerating element ofAnd a random numberCalculate Y = e (g) 1 ,g 2 ) η Setting a common parameter PP = (g, g) 1 ,g 2 ,g 3 ,Y,H 1 ,H 2 SEnc/SDec), setting a master private key MSK = η; wherein,p is a prime number of the compound,represents fromAnd selecting a random value eta. Further, when the ith medical institution registers to the cross-domain medical cloud storage system, the key generation center checks the medical quality of the ith medical institution; if qualified, the key generation center assigns an identity MI to the facility i And generates a public key PK therefor i And a private key SK i Cross-domain medical cloud storage system public PK i SK is transmitted via a secure channel i To medical institutions MI i In particularThe following were used: MI (MI) in keygen i ,MSK)→(PK i ,SK i ): key generation center random selectionBased on the master private key MSK and the identity MI of the medical institution i Is calculated to obtain
MI i Public key PK i :
MI i Private key SK i :
MI i Is PK i =(pk i,1 ,pk i,2 ) The private key is SK i =(K i,1 ,K i,2 ,K i,3 ,K i,4 ,K i,5 )。
Further, when the jth user U i,j To medical institutions MI i During registration, the medical institution verifies the identity of the user U i,j Distributing anonymous identitiesAnd hide its true identity, depending on the user identity, MI i Assigning a set of attribute collectionsTo characterize the user and for anonymous identity PID i,j User generated attribute key SK i,j The method comprises the following steps:medical institution MI i Random selectionSetting v i,j =v i +v' i,j Calculating the user's attribute key SK i,j :
sk i,j,3 =g t ,
U i,j The attribute key of (A) isWhereinTo representThe number of attributes of the user.
Further, a random number is selectedPID based on user anonymous identity i,j And attribute key SK i,j Computing proxy key DK i,j And sending to the public cloud, calculating as follows:
DK 3 =(sk i,j,3 ) τ =(g t ) τ
the user's proxy key is
Further, the emergency access key generation method is as follows:
the patient sets a password pw i,j And emergency access key BGK based on the password i,j Using the password pw i,j Generating an emergency access key, BGK i,j Auxiliary information (BGK) i,j,1 ,BGK i,j,2 ) BGK i,j,1 Sending the BGK to public cloud i,j,2 To medical institutions MI i Private cloud, emergency contact utilizing password pw i,j And auxiliary information (BGK) i,j,1 ,BGK i,j,2 ) Recovering to obtain BGK (emergency access key) i,j (ii) a The concrete implementation is as follows: BGK (PID) i,j ,pw i,j )→(BGK i,j,1 ,BGK i,j,2 ): random selectionΨ,Ψ 1 ∈ R G, setting a BGK (emergency access key) i,j = Ψ, PID based on the anonymous identity of the patient i,j And password pw i,j And (3) calculating:
further, emergency contacts are in contact with the public cloud and medical institutions MI i Interacts according to the anonymous identity PID of the patient i,j Password pw i,j And auxiliary information BGK i,j,1 ,BGK i,j,2 Obtaining an emergency access key BGK i,j The specific process is as follows: extract.BGK (PID) i,j ,pw i,j ,BGK i,j,1 ,BGK i,j,2 )→BGK i,j : emergency contact selection random numberCalculating outAnd sends it to the public cloud and medical institution MI i (ii) a Public cloud selection of random numbersComputingAnd transmits it to the medical structure MI i (ii) a Medical institution MI i Selecting random numbersComputingAnd send it to the public cloud; public cloud computingAnd will be (A) 1 ,W 1 ) Sending the information to an emergency contact; medical institution MI i ComputingAnd will be (A) 2 ,W 2 ) Sending the information to an emergency contact; by calculating BGK i,j =Ψ=(W 1 ·W 2 )·(A 1 ·A 2 ) ξ An emergency access key is obtained.
Further, the way that the patient specifies the access policy and the emergency access key to encrypt his medical document is: patient embedding access policy in the process of encrypting medical document MAccess policy based on medical document MMedical institution MI i Public key PK i Anonymous identity of the patient PID i,j And emergency access key BGK i,j Obtaining the ciphertext CT and the transformation key TK i,j And the proof information pf is specifically realized as:ρ will matrixIs mapped to the medical institution, delta is the matrixIs mapped to an attribute of the row vector of (c),is thatLine x of (1), patient random selectionLet v = (z, v) 2 ,...v n ) T ,w=(0,w 2 ,...,w n ) T Let us order λ x And w x Respectively representZ and 0, sign<·>, represents inner product operation, calculates conversion key
The patient isX in each row of the random selectionFor the medical document M, a document number is setComputing the elements of the ciphertext CT:
Υ=H 2 (Ψ,PID i,j ,FID),
whereinAfter M represents0, ciphertext CT = (C) M ,C -1 ,C 0 ,{C 1,x ,C 2,x ,C 3,x ,C 4,x } x∈[l] ) (ii) a Where x ∈ [ l ]]Represents that x is more than or equal to 1 and is less than or equal to l which is a matrixThe number of rows of (c);
random selectionCalculating the CT certification information pf:
θ=H 1 (C M ,C -1 ,C 0 ,{C 1,x ,C 2,x ,C 3,x ,C 4,x } x∈[l] ,D 1 ,D 2 ,D 3 ,B 1 ,B 2 ),D 4 =r 1 -θ·H 1 (M),D 5 =r 2 -θ·H 1 (γ), proof information pf = (D) 1 ,D 2 ,D 3 ,D 4 ,D 5 θ), patient handle (PID) i,j FID, CT, pf) to the public cloud, and the TK for the key conversion i,j To medical institutions MI i And the proof information pf is used for enabling the public cloud to distinguish different ciphertexts which are encrypted by the same plaintext information.
Further, the secure deduplication operation comprises:
the method comprises the following steps: detecting whether the ciphertext is valid:
ValidityTest (CT, pf) → 1/0: and calculating by the public cloud according to the ciphertext CT and the proof information pf:
θ'=H 1 (C M ,C -1 ,C 0 ,{C 1,x ,C 2,x ,C 3,x ,C 4,x } x∈[l] ,D 1 ,D 2 ,D 3 ,B 1 ',B 2 ')
verifying whether the equation theta' = theta is established or not, if so, outputting 1 to represent that the ciphertext is valid, otherwise, outputting 0 to represent that the ciphertext is invalid;
step two: detecting whether the ciphertext contains the same medical document:
MsgTest(pf 1 ,pf 2 ) → 1/0: let pf 1 =(D 1 ,D 2 ,D 3 ,D 4 ,D 5 ,θ),pf 2 =(D 1 ',D 2 ',D 3 ',D 4 ',D 5 ', θ'), the public cloud proves information pf according to the ciphertext 1 And pf 2 Verification of equation e (D) 1 ,D 2 ')=e(D 1 ',D 2 ) If yes, outputting 1 to show that the two ciphertexts are in the same plaintext encryption form, otherwise outputting 0;
step three: re-encrypting the ciphertext using the combined access policy, such that a user having access to the original ciphertext may also access the encrypted data:
assume that the ciphertext and corresponding access policy areMedical institution MI i Deriving a combined access policyAnd utilizing a combined access policyRe-encrypting the ciphertext to generate a new ciphertext CT', bundle (CT) 1 ,...,CT m ) The ciphertext with the smallest document number is denoted as CT, assuming CT = CT 1 ,FID=FID 1 :
Medical institution MI i PID based on anonymous identity of patient i,j TK for converting secret key i,j Ciphertext CTAnd combining access policiesComputing a new ciphertext CT', whereinρ' willIs mapped to the medical institution, δ' willThe row of (a) is mapped to an attribute,to representThe x-th row of (a) is,random selectionLet v ' = (z ', v ' 2 ,...v' n ) T ,w'=(0,w' 2 ,...,w' n ) T In whichOrder toλ' x And w' x Respectively representZ and 0 fraction corresponding to the x-th row of (1), medical institution MI i Is composed ofX in each row of the random selectionAnd computes ciphertext CT '= (C' M ,C' -1 ,C' 0 ,{C' 1,x ,C' 2,x ,C' 3,x ,C' 4,x } x∈[l] ):C' M =C M ,C' 0 =C 0 ·Y z =Υ·Y z' ,
Due to the fact that To obtainUsing a transfer key TK i,j Calculating element C' 1,x :
Further, the specific way for the user to obtain the plaintext of the encrypted medical document by using the attribute key is as follows:
public cloud-based proxy key DK i,j Partially decrypting the ciphertext and generating a partial ciphertext CT p :
PartialDec(CT,DK i,j )→CT p : public cloud according to cipher text CT and proxy key DK i,j ComputingSo that
CT partial cipher text p =(C M ,C 0 ,C T ) Sending the data to a user;
Dec 1 (CT p ,SK i,j ) → M/. T: user with attribute key according to partial cipher text CT p =(C M ,C 0 ,C T ) And attribute key SK i,j Recovered to obtainAnd M' = SDec (H) 2 (Υ),C M ) (ii) a If it is notOutputting the medical document M; otherwise output ^ T, whereAfter M representsAnd 0.
Compared with the prior art, the invention has the following beneficial effects:
(1) Cross-domain fine-grained access control: the invention uses the encryption algorithm with cross-domain access strategy based on the attribute to encrypt the medical record of the patient, so that the authorized user (including the patient, the medical staff or the friends and relatives of the patient) in the system can access the medical record.
(2) Password-based emergency access: the invention provides an emergency access mechanism, a password and a group of emergency contacts are preset by a patient, and in an emergency situation, the emergency contacts can acquire an emergency access key by using the password so as to recover all medical data of the patient, so that the emergency access mechanism is favorable for timely treating the patient.
(3) Safe de-weighting: the invention supports the safe duplicate removal of the encrypted data based on the attribute, effectively saves the storage space and reduces the transmission cost between the public cloud and the user, and the duplicate removal operation comprises three stages: firstly, detecting whether a ciphertext is valid; secondly, detecting whether the ciphertext contains the same medical document; and finally, re-encrypting the ciphertext by using the combined access strategy, so that an authorized user capable of accessing the original ciphertext can access the encrypted data.
Drawings
FIG. 1 is a system framework diagram of the present invention;
FIG. 2 is a diagram of the system set up process of the present invention;
FIG. 3 is a key generation process for a medical facility of the present invention;
FIG. 4 is a user attribute key generation process of the present invention;
FIG. 5 is a proxy key generation process of the present invention;
FIG. 6 is a password-based emergency access key generation process of the present invention;
fig. 7 is a process of password-based emergency access key extraction according to the present invention.
Detailed Description
The invention is further explained below with reference to the drawings and the embodiments.
The invention relates to a cross-domain medical cloud storage system supporting emergency access control and safe duplicate removal, which comprises a key generation center, a medical institution and a public cloud;
the key generation center is used for generating public parameters and a main private key of the cross-domain medical cloud storage system, detecting the medical quality of the medical institution and generating a public key/private key for the medical institution;
the medical institution distributes an attribute set according to the characteristics of the user, generates an attribute key, and executes storage and calculation service for the user through the private cloud;
the public cloud is used for storing medical documents of patients of different medical institutions and responding to data access inquiry;
the patient acquires medical service through a medical institution, sets a password and an emergency access key based on the password, and informs an emergency contact of the password; the patient appoints an access strategy and an emergency access key to encrypt medical documents of the patient and then store the medical documents to the public cloud; the emergency contact list is managed by a private cloud of the medical institution;
the method comprises the steps that a user registers in a medical institution to obtain an anonymous identity and an attribute key, obtains a corresponding proxy key according to the anonymous identity and the attribute key and sends the proxy key to a public cloud, the public cloud generates a part of ciphertext of an encrypted medical document according to the proxy key, and the user obtains a plaintext of the encrypted medical document according to the attribute key and the part of ciphertext;
the emergency contact acquires an emergency access key by using the password to decrypt the encrypted medical document of the patient;
the public cloud interacts with a private cloud of the medical institution to perform a secure deduplication operation to eliminate copies of the encrypted medical documents.
The specific implementation process is as follows:
as shown in fig. 1, the system framework of the present invention includes the following entities of various types, and the features and functions of each entity are described as follows:
key Generation Center (KGC): the KGC is a trusted third-party entity and is responsible for generating system public parameters and generating a master private key and carrying out secret storage; the KGC is also responsible for detecting the medical quality of the medical institution and generating public/private keys for it.
Medical Institution (MI): the medical institution registers and acquires a public key/private key pair with the KGC, is responsible for treating patients and managing the patients and medical staff in the medical field, distributes a group of attribute sets according to the characteristics of the patients and the medical staff and generates an attribute key, and executes storage and calculation services for the users through a private cloud, such as emergency contact list storage, cipher text re-encryption, emergency access key extraction and the like of the patients. Data owner (based on medical internet of things): the data owner is typically a patient and the medical internet of things system is responsible for monitoring physiological data of the patient. Implanting several small wireless sensors in the patient or attached to the surface of the patient's skin to continuously monitor the patient's physiological parameters and send them to the aggregation node; medical data of a patient is recorded in an electronic medical document, in order to protect privacy of the patient, the medical document is encrypted into a ciphertext, an access policy is specified for the ciphertext so as to perform access control, only an authorized user can recover the document, then the protected medical document is outsourced to a public cloud for storage, and in order to deal with an emergency, the patient presets a password, an emergency access key and a set of emergency contacts (such as his main doctor, family or friend). The emergency access key may be used to decrypt all encrypted medical documents of the patient. The patient securely hands the password to an Emergency Contact (ECP). When the patient encounters an emergency, the ECP may derive the emergency access key from the password and recover the patient's medical documentation. The private cloud of the medical institution is responsible for managing ECP lists of patients. Public cloud: the public cloud is responsible for storing medical documents of data owners from different medical institutions and responding to data access queries; according to the attributes of the data user and the access policy of the encrypted document, the public cloud can detect whether the user has the right to access the data, and provide partial decryption service for the user to reduce the calculation burden of the user. To eliminate copies of encrypted medical documents, the public cloud interacts with the private cloud of the medical institution to perform secure deduplication operations to save storage space.
The data user: a data user (e.g., a medical person or a patient's friend, relative) registers with a medical institution to obtain an attribute key, and the user sends a data access query to the public cloud to obtain an encrypted medical document and decrypts it using the attribute key.
Emergency Contact (ECP): the patient securely shares the password to the emergency contact and the ECP uses the password to obtain the emergency access key to decrypt the patient's medical documents when the patient is in a dangerous condition.
1. System set-up
FIG. 2 shows the system setup process, KGC inputs security parameters 1 κ The GlobalSetup algorithm generates the public parameters PP and the master private key MSK of the system. Common parameter PP in systemIt is disclosed that KGC secretly stores MSK.
GlobalSetup(1 κ ) → (PP, MSK): the KGC executes the algorithm. KGC randomly selects a hash functionSecure symmetric encryption/decryption algorithm SEnc/SDec and symmetric key spaceKGC selection cycle groupGenerating element ofAnd a random numberCalculate Y = e (g) 1 ,g 2 ) η . KGC sets the common parameter PP = (g, g) 1 ,g 2 ,g 3 ,Y,H 1 ,H 2 secc/SDec), MSK = η is set. Wherein,p is a prime number,represents fromAnd selecting a random value eta. 2. Key generation for medical institutions
When the ith medical institution registers with the system, the KGC checks if it is a qualified institution, as shown in fig. 3. If qualified, the KGC assigns an identity MI to the medical facility i And generates a public key PK therefor i And a private key SK i . System publication PK i SK is transmitted via a secure channel i To MI i 。
KeyGen.MI(MI i ,MSK)→(PK i ,SK i ): the KGC executes the algorithm. Input of algorithm is main private key MSK and identity MI of medical institution i . KGC random selectionAnd is calculated to obtain
MI i Public key PK i :
MI i SK private key i :
MI i Is PK i =(pk i,1 ,pk i,2 ) The private key is SK i =(K i,1 ,K i,2 ,K i,3 ,K i,4 ,K i,5 )。
3. User key generation
As shown in FIG. 4, when the jth user U i,j To medical institutions MI i When registering, the medical institution first verifies his identity. The user may be a patient, doctor, nurse, or other persona. In order to protect the privacy of the user, MI i For the user U i,j Distributing anonymous identitiesAnd hide its true identity. Based on user identity, MI i Assigning a set of attribute setsTo describe the characteristics of the user. Then MI i For anonymous identities to PID i,j User generated attribute key SK i,j 。
Medical institution MI i The algorithm is executed. The input to the algorithm is the medical institution MI i Identity of the user, anonymous identity PID of the user i,j ,MI i Private key SK i And attributes of the userMI i Random selectionSetting v i,j =v i +v' i,j (v i Unknown), calculate PID i,j Is generated by an attribute key SK i,j :
sk i,j,3 =g t ,
U i,j IsWhereinTo represent The number of attributes of the user.
4. Proxy key generation
As shown in fig. 5, wherePhase, user (anonymous identity is PID) i,j ) Generating a proxy key DK i,j And sends it to the public cloud. The public cloud converts the ciphertext by using the proxy key, so that the user can recover the medical document only by light-weight calculation. Meanwhile, the public cloud cannot acquire plaintext information of the medical document.
KeyGen.Del(PID i,j ,SK i,j )→DK i,j : the user executes the algorithm. The input of the algorithm is anonymous identity PID of the user i,j And a private key SK i,j . User selection of random numbersCalculating authorization Key DK i,j :
DK 3 =(sk i,j,3 ) τ =(g t ) τ ,
The user's proxy key isThe user sends its secret to the public cloud.
5. Password-based emergency access key generation
The emergency access key generation process shown in fig. 6 is intended for use when a patient encounters an emergency (e.g., a sudden change)Dizzy or heart attack) provides effective data access, the patient presets a password-based emergency access key BGK i,j It can be used to decrypt encrypted medical documents that are all of the patient. Patient (anonymous identity PID) i,j ) Setting password pw i,j And emergency access key BGK i,j . The patient specifies a set of emergency contacts (e.g. his attending physician, family or friend) and secretly tells them the password pw i,j . The emergency contact may utilize the password pw i,j The emergency access key for the patient is recovered. The private cloud of the medical facility where the patient is located is responsible for storing the emergency contact list. Patient access password pw i,j Generating an emergency access key, BGK i,j Auxiliary information (BGK) i,j,1 ,BGK i,j,2 ) And sends it to the public cloud and the MI, respectively i A private cloud. The emergency contact may utilize the password pw i,j Obtaining emergency access key BGK by recovering auxiliary information i,j 。
KeyGen.BGK(PID i,j ,pw i,j )→(BGK i,j,1 ,BGK i,j,2 ): the patient executes the algorithm. The input to the algorithm is the anonymous identity PID of the patient i,j And a password pw i,j . Patient random selectionΨ,Ψ 1 ∈ R G, setting an emergency access key BGK i,j = Ψ, calculate:
BGK for patients i,j,1 Sending the BGK to public cloud i,j,2 To medical institutions MI i A private cloud.
6. Password-based emergency access key extraction
When the patient (anonymous identity PID) i,j ) In the event of an emergency, the patient needs to have quick access to his encrypted medical documentation to give him immediate and effective treatment. Medical institution MI i Will contact his designated emergency contacts who know the emergency access key BGK with the patient i,j Corresponding password pw i,j . Emergency contact with public cloud and MI i The private cloud carries out interaction to obtain an emergency access key BGK i,j 。
Extract.BGK(PID i,j ,pw i,j ,BGK i,j,1 ,BGK i,j,2 )→BGK i,j : the emergency contacts of the patient, the public cloud, and the medical institution interactively execute the algorithm. Anonymous identity PID entered into a patient i,j Password pw i,j And auxiliary information BGK i,j,1 ,BGK i,j,2 BGK outputs BGK i,j The interaction process of the algorithm is shown in fig. 7.
(1) Emergency contact selection random numberCalculating outAnd sends it to the public cloud and MI i 。
(2) Public cloud selection random numberComputingAnd transmits it to MI i 。
(3) Medical institution MI i Selecting random numbersCalculating outAnd sends it to the public cloud.
(4) Public cloud computingAnd will be (A) 1 ,W 1 ) And sending to the emergency contact.
(5) Medical institution MI i Calculating outAnd will (A) 2 ,W 2 ) And sending to the emergency contact.
(6) User BGK calculation i,j =Ψ=(W 1 ·W 2 )·(A 1 ·A 2 ) ξ An emergency access key is obtained.
7. Encryption
When the medical internet of things generates a medical document, a patient encrypts the document M into a ciphertext and embeds an access policy in the encryption processCipher-output and conversion key TK of encryption algorithm i,j And certification information pf. According to a combined access strategy, a safe deduplication algorithm utilizes a transformed key TK i,j And (5) encrypting the ciphertext again. The proving information pf enables the public cloud to distinguish different ciphertexts encrypted by the same plaintext information. TK for patient i,j To MI i The public cloud is responsible for storage (CT, pf).
The patient executes the algorithm. The input of the algorithm is a medical document M, and the access strategyMI i Public key PK i Anonymous identity PID of a patient i,j And emergency access key BGK i,j In whichρ will matrixMapping the row vector to the medical institution, delta mapping the matrixThe row vector of (2) maps to the attribute.Is thatRow x.
Patient random selectionLet v = (z, v) 2 ,...v n ) T ,w=(0,w 2 ,...,w n ) T . Order to They are respectively representedZ and 0 share (share), symbol, corresponding to row x<·> represents inner product operation. Patient computed transformation key
The patient isX in each row of the random selectionFor the electronic medical document M, the patient sets the document numberCalculating elements of CT;
Υ=H 2 (Ψ,PID i,j ,FID),
C 0 =Υ·Y z =Υ·e(g 1 ,g 2 ) η · z ,
whereinAfter M represents0, ciphertext CT = (C) M ,C -1 ,C 0 ,{C 1,x ,C 2,x ,C 3,x ,C 4,x } x∈[l] )。
Then, the patients randomly selectCalculating the CT certification information pf:
D 2 =g s ,
θ=H 1 (C M ,C -1 ,C 0 ,{C 1,x ,C 2,x ,C 3,x ,C 4,x } x∈[l] ,D 1 ,D 2 ,D 3 ,B 1 ,B 2 ),
D 4 =r 1 -θ·H 1 (M),
D 5 =r 2 -θ·H 1 (Υ)。
proof of information pf = (D) 1 ,D 2 ,D 3 ,D 4 ,D 5 θ), patient handle (PID) i,j FID, CT, pf) to the public cloud, secretly transmitting TK i,j To MI i 。
8. Safe deduplication
(1) Ciphertext validity detection
In the safe duplicate removal process, the public cloud firstly checks whether the stored ciphertext is valid. And outputting 1 by the ciphertext validity detection algorithm to show that the ciphertext is valid, and otherwise, outputting 0.
ValidityTest (CT, pf) → 1/0: the public cloud executes the algorithm. The inputs to the algorithm are the ciphertext CT and the proof information pf. Public cloud computing
θ'=H 1 (C M ,C -1 ,C 0 ,{C 1,x ,C 2,x ,C 3,x ,C 4,x } x∈[l] ,D 1 ,D 2 ,D 3 ,B 1 ',B 2 '),
It is verified whether the equation θ' = θ is established. If true, the algorithm outputs 1, otherwise 0 is output.
(2) Information isocratic detection
If the validity detection algorithm has verified that both ciphertexts are valid, the information equality detection algorithm will detect whether they are in the form of ciphertexts of the same plaintext. If so, the algorithm outputs 1, otherwise outputs 0.
MsgTest(pf 1 ,pf 2 ) → 1/0: the public cloud executes the algorithm. The input of the algorithm is the certification information pf of the ciphertext 1 And pf 2 . Assuming pf 1 =(D 1 ,D 2 ,D 3 ,D 4 ,D 5 ,θ),pf 2 =(D 1 ',D 2 ',D 3 ',D 4 ',D 5 ', θ'). Public cloud verification equation e (D) 1 ,D 2 ')=e(D 1 ',D 2 ) Whether or not this is true. If yes, the algorithm outputs 1 to indicate that the two ciphertexts are in the encrypted form of the same plaintext, otherwise 0 is output.
(3) Re-encrypted ciphertext
If a group of ciphertext sets are verified to contain the same information and belong to the same data blockOn the other hand, the public cloud performs secure deduplication operations. Assume that the ciphertext and corresponding access policy are
Medical institution MI i Firstly, these access policies are combined into a group(combination of Access policiesMI i Utilizing combined access policiesThe ciphertext is re-encrypted to generate a new ciphertext CT'. Thus, ciphertext (CT) 1 ,...,CT m ) Any predefined user of (2) can access the new ciphertext CT'. Handle (CT) 1 ,...,CT m ) The ciphertext with the minimum document number is marked as CT. Let CT = CT 1 ,FID=FID 1 。
Medical institution MI i The algorithm is executed. The input to the algorithm is the anonymous identity PID of the patient i,j TK for converting secret key i,j Ciphertext CT and combined access strategyWhereinρ' willIs mapped to the medical institution, δ' willThe rows of (2) map to attributes.To representThe x-th row of (a),
MI i random selectionLet v ' = (z ', v ' 2 ,...v' n ) T ,w'=(0,w' 2 ,...,w' n ) T Wherein(z unknown). Order toThey are respectively representedRow x of (a) corresponds to z and 0 shares (share). MI i Is composed ofX in each row of the random selectionAnd calculates the ciphertext
CT'=(C' M ,C' -1 ,C' 0 ,{C' 1,x ,C' 2,x ,C' 3,x ,C' 4,x } x∈[l] ):
C' M =C M ,
C' 0 =C 0 ·Y z =Υ·Y z' ,
Due to the fact thatCan obtain
Using a transfer key TK i,j Can calculate element C' 1,x :
Obviously, C' 1,x Structure of (2) and C in the original ciphertext 1,x Has consistency.
9. Partial decryption
To reduce the computational burden on the user, the public cloud utilizes a proxy key DK i,j Partially decrypting the ciphertext and generating a partial ciphertext CT p . In this process, the public cloud cannot acquire plaintext information M of the ciphertext.
PartialDec(CT,DK i,j )→CT p : the public cloud executes the algorithm. The input of the algorithm is ciphertext CT and authorization key DK i,j . Public cloud computingSo thatComputing
And will be
CT p =(C M ,C 0 ,C T ) And sending the data to the user.
10. Decryption and authentication with attribute keys
Possession of an Attribute Key SK i,j By a decryption algorithm Dec 1 And recovering to obtain the medical document M.
Dec 1 (CT p ,SK i,j ) → M/. T: the user in possession of the attribute key executes the algorithm. The input of the algorithm is partial cipher text CT p =(C M ,C 0 ,C T ) And attribute key SK i,j The user resumes obtainingAnd M' = SDec (H) 2 (Υ),C M ). If it is usedIndicating that the partial decryption algorithm executed by the public cloud is correct, and outputting a medical document M by the algorithm; otherwise, output ≠ T.
11. Decryption and authentication with emergency access key
Extracting an emergency access key BGK by an emergency contact by using algorithm extract i,j And using a decryption algorithm Dec 2 The patient's medical document is decrypted.
Dec 2 (PID i,j ,FID,C M ,BGK i,j ) → M/. Or [. T ]: the emergency contact of the patient executes the algorithm. The input to the algorithm is the anonymous identity PID of the patient i,j Document number FID and cipher textC M And emergency access key BGK i,j Recovering the emergency contact person to upsilon = H 2 (BGK i,j ,PID i,j FID) and M' = SDec (H) 2 (Υ),C M ) If, ifIndicating that an emergency contact has correctly extracted BGK i,j Outputting a medical document M by an algorithm; otherwise, output ≠ T.
12. Access policy
Definition 1 (access architecture): defining a set of entities { P } 1 ,...,P n H, if any set B and C satisfies: when in useAnd isTime of flightThenOne access structure is { P 1 ,...,P n Non-empty subset ofFor example Is called an authorization set, is notA set in (2) is referred to as an unauthorized set. Definition 2: (Linear secret sharing scheme (LSSS)). Entity collectionsTo the secret ofScheme Π is called linearityAbove) if and only if: 1. share of each party (share) formingThe vector of (c). 2. There is a matrix M of l × n called the generator matrix of pi shares (share). The ith line of l, M is marked by ρ (i) (ρ is { 1.,. Multidot., l } to) for all i = 1.,. MultidotA function of). Let vector v = (s, r) 2 ,...r n ) Where s is the secret to be sharedRandom selectionMv is the component vector ((Mv) of the secret s according to Π i Belonging to ρ (i)). By definition, each LSSS has linear reconstruction properties. Suppose Π is the Access StructureLSSS of (1), orderIs an arbitrary set of grants, defining I = { I: ρ (I) ∈ S }, whereAccording to Π, if anySo that { lambda i } i∈I Is a valid share of any secret s, then there is Σ i∈I w i λ i And (5) s. For an unauthorized set, there is no such constant. The invention uses a LSSS matrix (M, rho) to express access policies associated with ciphertextBut not shown.
13. Bilinear group
AlgorithmInputting security parameter lambda and outputting prime order bilinear mapping parameterWhereinAndis a multiplicative cyclic group of prime order p, g isThe generator of (1). MappingIs a bilinear map. The bilinear map e has three attributes: (1) bilinear:and isWith e (u) a ,v b )=e(uv) ab 。
(2) Non-degeneration: e (g, g) ≠ 1. (3) calculability: e can be obtained by efficient calculation.
The internet of things (IOT) technology allows medical devices in a wireless medical sensor network to be connected to the internet, which brings great convenience to daily health monitoring and diagnosis of patients and the elderly. Since the patient's medical information is very sensitive, it needs to be encrypted before transmission and storage. The invention provides a cross-domain medical cloud storage system supporting emergency access control and safe deduplication, which supports data sharing and access of cross-medical domains. In the encryption phase, the invention encrypts the medical document using a cross-domain access policy so that medical personnel from different medical domains can access it. Emergency situations may occur in medical applications, for example, a patient suddenly falls down and needs emergency rescue. To address emergency situations, the present invention provides a password-based emergency access mechanism that can decrypt any encrypted medical documents of a patient to save the patient's life. In addition, the invention adopts a safe deduplication mechanism to delete redundant ciphertext containing the same message, thereby saving storage space and transmission overhead.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart block or blocks
Instructions which execute on the programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above are preferred embodiments of the present invention, and all changes made according to the technical solutions of the present invention that produce functional effects do not exceed the scope of the technical solutions of the present invention belong to the protection scope of the present invention.
Claims (10)
1. A cross-domain medical cloud storage system supporting emergency access control and safe duplicate removal is characterized by comprising a key generation center, a medical institution and a public cloud;
the key generation center is used for generating public parameters and a main private key of the cross-domain medical cloud storage system, detecting the medical quality of the medical institution and generating a public key/private key for the medical institution;
the medical institution distributes an attribute set according to the characteristics of the user, generates an attribute key, and executes storage and calculation service for the user through a private cloud;
the public cloud is used for storing medical documents of patients of different medical institutions and responding to data access inquiry; the patient acquires medical service through a medical institution, sets a password and an emergency access key based on the password, and informs an emergency contact of the password; the patient appoints an access strategy and an emergency access key to encrypt medical documents of the patient and then store the medical documents to the public cloud; the emergency contact list is managed by a private cloud of the medical institution;
the method comprises the steps that a user registers in a medical institution to obtain an anonymous identity and an attribute key, obtains a corresponding proxy key according to the anonymous identity and the attribute key and sends the proxy key to a public cloud, the public cloud generates a part of ciphertext of an encrypted medical document according to the proxy key, and the user obtains a plaintext of the encrypted medical document according to the attribute key and the part of ciphertext;
the emergency contact acquires an emergency access key by using the password to decrypt the encrypted medical document of the patient;
the public cloud interacts with a private cloud of the medical institution, and performs a secure deduplication operation to eliminate copies of the encrypted medical documents.
2. The cross-domain medical cloud storage system supporting emergency access control and security deduplication as claimed in claim 1, wherein the key generation center inputs security parameter 1 κ Generating public parameters and a main private key of the system by using a GlobalSetup algorithm, which comprises the following specific steps:
GlobalSetup(1 κ ) → (PP, MSK): random selection hash function for key generation center Secure symmetric encryption/decryption algorithm SEnc/SDec and symmetric key spaceThe key generation center then selects a cyclic groupGenerating element ofAnd a random number Calculate Y = e (g) 1 ,g 2 ) η Setting a common parameter PP = (g, g) 1 ,g 2 ,g 3 ,Y,H 1 ,H 2 SEnc/SDec), setting a master private key MSK = η; wherein,p is a prime number,represents fromAnd selecting a random value eta.
3. The cross-domain medical cloud storage system supporting emergency access control and security deduplication as claimed in claim 2, wherein the key generation center checks medical quality of the ith medical institution when registering with the cross-domain medical cloud storage system; if qualified, the key generation center assigns an identity MI to the facility i And generates a public key PK therefor i And a private key SK i Cross-domain medical cloud storage system public PK i SK is transmitted via a secure channel i MI to medical institutions i The method comprises the following steps: MI (MI) in keygen i ,MSK)→(PK i ,SK i ): key generation center random selectionBased on the master private key MSK and the identity MI of the medical institution i Is calculated to obtain
MI i Public key PK i :
MI i SK private key i :
MI i Is PK i =(pk i,1 ,pk i,2 ) The private key is SK i =(K i,1 ,K i,2 ,K i,3 ,K i,4 ,K i,5 )。
4. The cross-domain medical cloud storage system supporting emergency access control and security deduplication as claimed in claim 3, wherein when jth user U is present i,j To medical institutions MI i During registration, the medical institution verifies the identity of the user U i,j Distributing anonymous identitiesAnd hide its true identity, depending on the user identity, MI i Assigning a set of attribute collectionsTo characterize the user and for anonymous identity PID i,j User generated attribute key SK i,j The method comprises the following steps:
medical institution MI i Random selectionSetting v i,j =v i +v' i,j Calculating the user's attribute key SK i,j :
sk i,j,3 =g t ,
U i,j The attribute key of (A) isWhereinTo represent The number of attributes of the user.
5. The cross-domain medical cloud storage system supporting emergency access control and security deduplication of claim 4, wherein a random number is selectedPID based on user anonymous identity i,j And attribute key SK i,j Computing proxy Key DK i,j And sending to the public cloud, calculating as follows:
DK 3 =(sk i,j,3 ) τ =(g t ) τ
the user's proxy key is
6. The cross-domain medical cloud storage system supporting emergency access control and security deduplication as claimed in claim 2, wherein the emergency access key generation manner is:
the patient sets a password pw i,j And emergency access key BGK based on the password i,j Using the password pw i,j Generating an emergency access key, BGK i,j Auxiliary information (BGK) i,j,1 ,BGK i,j,2 ) BGK i,j,1 Sending the BGK to public cloud i,j,2 To medical institutions MI i Private cloud, emergency contact utilizes password pw i,j And auxiliary information (BGK) i,j,1 ,BGK i,j,2 ) Recovering to obtain BGK (emergency access key) i,j (ii) a The concrete implementation is as follows:
KeyGen.BGK(PID i,j ,pw i,j )→(BGK i,j,1 ,BGK i,j,2 ): random selectionΨ,Ψ 1 ∈ R G, setting an emergency access key BGK i,j Psi, PID according to the anonymous identity of the patient i,j And a password pw i,j And (3) calculating:
7. the cross-domain medical cloud storage system supporting emergency access control and security deduplication of claim 6, wherein the emergency contact is MI with a public cloud and a medical institution i Interacts according to the anonymous identity PID of the patient i,j Password pw i,j And auxiliary information BGK i,j,1 ,BGK i,j,2 Obtaining an emergency access key BGK i,j The specific process comprises the following steps:
Extract.BGK(PID i,j ,pw i,j ,BGK i,j,1 ,BGK i,j,2 )→BGK i,j : random number for emergency contact selectionCalculating outAnd sends it to the public cloud and medical institution MI i (ii) a Public cloud selection random numberCalculating outAnd transmits it to the medical structure MI i (ii) a Medical institution MI i Selecting random numbersCalculating outAnd sends it to the public cloud; public cloud computingAnd will (A) 1 ,W 1 ) Sending the information to an emergency contact; medical institution MI i Calculating outAnd will (A) 2 ,W 2 ) Sending the information to an emergency contact; by calculating BGK i,j =Ψ=(W 1 ·W 2 )·(A 1 ·A 2 ) ξ An emergency access key is obtained.
8. The cross-domain medical cloud storage system supporting emergency access control and security deduplication as claimed in claim 2, wherein the patient-specified access policy and emergency access key encrypt their medical documents in a manner that: patient embedding access policy in the process of encrypting medical document MAccess policy based on medical document MMedical institution MI i Public key PK i Anonymous identity PID of a patient i,j And emergency access key BGK i,j Obtaining the ciphertext CT and the transformation key TK i,j And proving information pf, which is specifically realized as follows:ρ will matrixMapping the row vector to the medical institution, delta mapping the matrixThe row vector of (a) is mapped to an attribute,is thatThe x-th row of (a),
patient random selectionLet v = (z, v) 2 ,...v n ) T ,w=(0,w 2 ,...,w n ) T Let us order λ x And w x Respectively representX-th row of (c) corresponds to z and 0, sign<·>, represents inner product operation, calculates conversion key
The patient isIn each row x is randomly selectedFor the medical document M, a document number is setComputing the elements of the ciphertext CT:
Υ=H 2 (Ψ,PID i,j ,FID),
C 0 =Υ·Y z =Υ·e(g 1 ,g 2 ) η·z , whereinAfter M represents0, ciphertext CT = (C) M ,C -1 ,C 0 ,{C 1,x ,C 2,x ,C 3,x ,C 4,x } x∈[l] ) (ii) a Wherein x ∈ [ l ]]Denotes that x is more than or equal to 1 and l is a matrixThe number of rows of (c);
random selectionCalculating the CT certification information pf:
D 2 =g s ,θ=H 1 (C M ,C -1 ,C 0 ,{C 1,x ,C 2,x ,C 3,x ,C 4,x } x∈[l] ,D 1 ,D 2 ,D 3 ,B 1 ,B 2 ),D 4 =r 1 -θ·H 1 (M),D 5 =r 2 -θ·H 1 (γ), proof information pf = (D) 1 ,D 2 ,D 3 ,D 4 ,D 5 θ), patient handle (PID) i,j FID, CT, pf) to the public cloud, and the TK of the transformation key i,j To medical institutions MI i And the proof information pf is used for enabling the public cloud to distinguish different ciphertexts encrypted by the same plaintext information.
9. The cross-domain medical cloud storage system supporting emergency access control and secure deduplication of claim 8, wherein secure deduplication operations comprise:
the method comprises the following steps: and detecting whether the ciphertext is valid:
ValidityTest (CT, pf) → 1/0: and the public cloud calculates according to the ciphertext CT and the proof information pf:
θ'=H 1 (C M ,C -1 ,C 0 ,{C 1,x ,C 2,x ,C 3,x ,C 4,x } x∈[l] ,D 1 ,D 2 ,D 3 ,B 1 ',B 2 ')
verifying whether the equation theta' = theta is established or not, if so, outputting 1 to represent that the ciphertext is valid, otherwise, outputting 0 to represent that the ciphertext is invalid;
step two: detecting whether the ciphertext contains the same medical document:
MsgTest(pf 1 ,pf 2 ) → 1/0: let pf 1 =(D 1 ,D 2 ,D 3 ,D 4 ,D 5 ,θ),pf 2 =(D 1 ',D 2 ',D 3 ',D 4 ',D 5 ', theta') of public cloud according to the certification information pf of the cipher text 1 And pf 2 Verification of equation e (D) 1 ,D 2 ')=e(D 1 ',D 2 ) If yes, outputting 1 to show that two ciphertexts are in the same plain text encryption form, otherwise, outputtingOutputting 0;
step three: re-encrypting the ciphertext using the combined access policy, so that a user who can access the original ciphertext can also access the encrypted data:
assume that the ciphertext and corresponding access policy areMedical institution MI i Deriving a combined access policyAnd utilizing a combined access policyRe-encrypting the ciphertext to generate a new ciphertext CT', bundle (CT) 1 ,...,CT m ) The ciphertext with the smallest document number is denoted as CT, assuming CT = CT 1 ,FID=FID 1 :
Medical institution MI i PID based on anonymous identity of patient i,j TK for converting secret key i,j Ciphertext CT and combined access strategyComputing a new ciphertext CT', whereinρ' willIs mapped to the medical institution, delta' willIs mapped to an attribute of the row(s),representThe x-th row of (a) is,random selectionLet v ' = (z ', v ' 2 ,...v' n ) T ,w'=(0,w' 2 ,...,w' n ) T WhereinOrder toλ' x And w' x Respectively representZ and 0 fraction corresponding to the x-th row of (1), medical institution MI i Is composed ofIn each row x is randomly selectedAnd computes ciphertext CT '= (C' M ,C' -1 ,C' 0 ,{C' 1,x ,C' 2,x ,C' 3,x ,C' 4,x } x∈[l] ):
C' M =C M ,C' 0 =C 0 ·Y z =Υ·Y z' , Due to the fact that To obtainUsing a transfer key TK i,j Calculating element C' 1,x :
10. The cross-domain medical cloud storage system supporting emergency access control and security deduplication as claimed in claim 8, wherein the specific way for the user to obtain the plaintext of the encrypted medical document by using the attribute key is as follows: public cloud-based proxy key DK i,j Partially decrypting the ciphertext and generating a partial ciphertext CT p :
PartialDec(CT,DK i,j )→CT p : public cloud according to cipher text CT and proxy key DK i,j ComputingSo that CT of partial cryptograph p =(C M ,C 0 ,C T ) Sending the data to a user;
Dec 1 (CT p ,SK i,j ) → M/. T: user root with attribute keyAccording to partial cipher text CT p =(C M ,C 0 ,C T ) And attribute key SK i,j Recovered to obtainAnd M' = SDec (H) 2 (Υ),C M ) (ii) a If it is usedOutputting the medical document M; otherwise output ^ T, whereAfter M representsAnd 0.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711051952.6A CN107635018B (en) | 2017-10-30 | 2017-10-30 | Cross-domain medical cloud storage system supporting emergency access control and safe deduplication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711051952.6A CN107635018B (en) | 2017-10-30 | 2017-10-30 | Cross-domain medical cloud storage system supporting emergency access control and safe deduplication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107635018A true CN107635018A (en) | 2018-01-26 |
| CN107635018B CN107635018B (en) | 2021-05-18 |
Family
ID=61107055
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711051952.6A Active CN107635018B (en) | 2017-10-30 | 2017-10-30 | Cross-domain medical cloud storage system supporting emergency access control and safe deduplication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107635018B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109194523A (en) * | 2018-10-01 | 2019-01-11 | 西安电子科技大学 | The multi-party diagnostic model fusion method and system, cloud server of secret protection |
| CN109922128A (en) * | 2019-01-08 | 2019-06-21 | 中金数据(武汉)超算技术有限公司 | A kind of data safety exchange method suitable for across cloud service deployment environment |
| CN111324898A (en) * | 2020-01-20 | 2020-06-23 | 福州大学 | Block chain-based electronic medical document dual-access control system |
| CN111756777A (en) * | 2020-08-28 | 2020-10-09 | 腾讯科技(深圳)有限公司 | Data transmission method, data processing device, data processing apparatus, and computer storage medium |
| CN112735566A (en) * | 2020-12-28 | 2021-04-30 | 武汉联影医疗科技有限公司 | Medical image management method and device, computer equipment and storage medium |
| CN115460228A (en) * | 2021-05-21 | 2022-12-09 | 湖南网数科技有限公司 | Medical data access control method and system |
| CN117294465A (en) * | 2023-08-11 | 2023-12-26 | 广州大学 | Attribute encryption system and method based on cross-domain communication |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080016370A1 (en) * | 2006-05-22 | 2008-01-17 | Phil Libin | Secure ID checking |
| CN104683351A (en) * | 2015-03-17 | 2015-06-03 | 西安电子科技大学 | System and method for controlling anonymous hospitalizing and security access of medical information based on property |
| CN106254374A (en) * | 2016-09-05 | 2016-12-21 | 电子科技大学 | A kind of cloud data public audit method possessing duplicate removal function |
| CN107104982A (en) * | 2017-05-26 | 2017-08-29 | 福州大学 | Have traitor tracing function in mobile electron medical treatment can search for encryption system |
-
2017
- 2017-10-30 CN CN201711051952.6A patent/CN107635018B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080016370A1 (en) * | 2006-05-22 | 2008-01-17 | Phil Libin | Secure ID checking |
| CN104683351A (en) * | 2015-03-17 | 2015-06-03 | 西安电子科技大学 | System and method for controlling anonymous hospitalizing and security access of medical information based on property |
| CN106254374A (en) * | 2016-09-05 | 2016-12-21 | 电子科技大学 | A kind of cloud data public audit method possessing duplicate removal function |
| CN107104982A (en) * | 2017-05-26 | 2017-08-29 | 福州大学 | Have traitor tracing function in mobile electron medical treatment can search for encryption system |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109194523A (en) * | 2018-10-01 | 2019-01-11 | 西安电子科技大学 | The multi-party diagnostic model fusion method and system, cloud server of secret protection |
| CN109194523B (en) * | 2018-10-01 | 2021-07-30 | 西安电子科技大学 | Privacy protection multi-party diagnosis model fusion method and system and cloud server |
| CN109922128A (en) * | 2019-01-08 | 2019-06-21 | 中金数据(武汉)超算技术有限公司 | A kind of data safety exchange method suitable for across cloud service deployment environment |
| CN111324898A (en) * | 2020-01-20 | 2020-06-23 | 福州大学 | Block chain-based electronic medical document dual-access control system |
| CN111324898B (en) * | 2020-01-20 | 2023-04-07 | 福州大学 | Block chain-based electronic medical document dual-access control system |
| CN111756777A (en) * | 2020-08-28 | 2020-10-09 | 腾讯科技(深圳)有限公司 | Data transmission method, data processing device, data processing apparatus, and computer storage medium |
| CN111756777B (en) * | 2020-08-28 | 2020-11-17 | 腾讯科技(深圳)有限公司 | Data transmission method, data processing device, data processing apparatus, and computer storage medium |
| CN112735566A (en) * | 2020-12-28 | 2021-04-30 | 武汉联影医疗科技有限公司 | Medical image management method and device, computer equipment and storage medium |
| CN115460228A (en) * | 2021-05-21 | 2022-12-09 | 湖南网数科技有限公司 | Medical data access control method and system |
| CN115460228B (en) * | 2021-05-21 | 2024-09-27 | 湖南网数科技有限公司 | Medical data access control method and system |
| CN117294465A (en) * | 2023-08-11 | 2023-12-26 | 广州大学 | Attribute encryption system and method based on cross-domain communication |
| CN117294465B (en) * | 2023-08-11 | 2024-06-07 | 广州大学 | Attribute encryption system and method based on cross-domain communication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107635018B (en) | 2021-05-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Yang et al. | Privacy-preserving smart IoT-based healthcare big data storage and self-adaptive access control system | |
| CN107635018B (en) | Cross-domain medical cloud storage system supporting emergency access control and safe deduplication | |
| Au et al. | A general framework for secure sharing of personal health records in cloud system | |
| Yang et al. | Lightweight break-glass access control system for healthcare Internet-of-Things | |
| Pussewalage et al. | Privacy preserving mechanisms for enforcing security and privacy requirements in E-health solutions | |
| CN108040056B (en) | Safe medical big data system based on Internet of things | |
| WO2019090988A1 (en) | Cryptography attribute-based access control method and system based on dynamic rule | |
| Chen et al. | An infrastructure framework for privacy protection of community medical internet of things: Transmission protection, storage protection and access control | |
| Hu et al. | Securing communications between external users and wireless body area networks | |
| Pussewalage et al. | A patient-centric attribute based access control scheme for secure sharing of personal health records using cloud computing | |
| CN105897742B (en) | Anonymous Identity base access control method applied to electronic health care network | |
| CN107579980A (en) | Lightweight double call control system in medical Internet of Things | |
| Du et al. | A medical information service platform based on distributed cloud and blockchain | |
| Chandrakar et al. | Cloud-based authenticated protocol for healthcare monitoring system | |
| CN112364376A (en) | Attribute agent re-encryption medical data sharing method | |
| CN115134132A (en) | Certificateless identity anonymous privacy protection medical data integrity verification method | |
| CN110752024A (en) | Online medical diagnosis service system based on privacy protection | |
| Olakanmi et al. | FEACS: A fog enhanced expressible access control scheme with secure services delegation among carers in E-health systems | |
| Sun et al. | A privacy-aware and traceable fine-grained data delivery system in cloud-assisted healthcare IIoT | |
| CN115378966A (en) | Intelligent medical online service system and intelligent medical online service method | |
| CN105656881B (en) | A kind of electronic health record can verify that outsourcing storage and retrieval system and method | |
| CN115473743A (en) | Searchable medical data sharing method for resisting internal keyword guessing attack | |
| Liu et al. | Black-box accountable authority cp-abe scheme for cloud-assisted e-health system | |
| Nait Hamoud et al. | Implementing a secure remote patient monitoring system | |
| CN116996215A (en) | Key negotiation system and method under medical digital twin environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |