CN108763959A - Medical method for protecting privacy, device and computer readable storage medium - Google Patents
Medical method for protecting privacy, device and computer readable storage medium Download PDFInfo
- Publication number
- CN108763959A CN108763959A CN201810562228.8A CN201810562228A CN108763959A CN 108763959 A CN108763959 A CN 108763959A CN 201810562228 A CN201810562228 A CN 201810562228A CN 108763959 A CN108763959 A CN 108763959A
- Authority
- CN
- China
- Prior art keywords
- operational order
- private data
- information
- permission levels
- privacy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- Medical Informatics (AREA)
- Bioethics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Epidemiology (AREA)
- Primary Health Care (AREA)
- Public Health (AREA)
- Medical Treatment And Welfare Office Work (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of medical method for protecting privacy comprising:When receiving the operational order of the first private data, the Permission Levels of the operational order are obtained;Verification information is obtained according to the Permission Levels, determines whether the operational order is verified according to the verification information;When the operational order is verified, it is the second private data to mark first private data;The corresponding operation of the operational order is executed to second private data, and real-time tracing is carried out to second private data.The invention also discloses a kind of medical privacy information protection device and computer readable storage mediums.The present invention realizes different verifications when carrying out different operation to medical private data, and after being operated to the medical treatment private data, carries out data tracking protection, it is ensured that the information security of medical private data avoids the leakage of medical privacy.
Description
Technical field
The present invention relates to a kind of technical field of data processing more particularly to medical method for protecting privacy, device and meters
Calculation machine readable storage medium storing program for executing.
Background technology
Currently, with the gradual universal and development of big data, the leakage problem of privacy of user data is also more prominent.When
Before, in medical system, for the privacy information of patient, there is no perfect secret protection bodies for the data-storage system of hospital
System, is still to be stored to the information of patient by traditional book keeping operation formula system, completely open to attack, so as to cause
It a large amount of privacy leakage and is peddled.It is completely protected since patient privacy information is unable to get system, a large amount of medical treatment is hidden
The accident of private leakage is even more to occur again and again.
The above is only used to facilitate the understanding of the technical scheme, and is not represented and is recognized that the above is existing skill
Art.
Invention content
The main purpose of the present invention is to provide a kind of medical method for protecting privacy, it is intended to solve medical privacy and be easy
The technical issues of leakage.
To achieve the above object, the present invention provides a kind of medical method for protecting privacy, and the medical treatment privacy information is protected
Maintaining method includes the following steps:
When receiving the operational order of the first private data, the Permission Levels of the operational order are obtained;
Verification information is obtained according to the Permission Levels, determines whether the operational order is verified according to the verification information
Pass through;
When the operational order is verified, it is the second private data to mark first private data;
The corresponding operation of the operational order is executed to second private data, and second private data is carried out
Real-time tracing.
In one embodiment, described when receiving the operational order of the first private data, obtain the operational order
Permission Levels the step of further include:
When receiving the operational order of the first private data, determine whether first private data is locking privacy number
According to;
When it is locking private data to determine first private data, the operational order is rejected;
When it is non-locking private data to determine first private data, the Permission Levels of the operational order are obtained.
In one embodiment, described when it is non-locking private data to determine first private data, described in acquisition
The step of Permission Levels of operational order includes:
It parses the operational order and obtains parsing information;
The Permission Levels of the operational order are determined according to the parsing information.
In one embodiment, described the step of determining the Permission Levels of the operational order according to the parsing information, wraps
It includes:
The corresponding action type of the operational order is determined according to the parsing information;
When the action type is sharing operation type, determine that the Permission Levels of the operational order are the first permission grade
Not;
When the action type is unshared action type, determine that the Permission Levels of the operational order are the second permission
Rank.
In one embodiment, the Permission Levels include the first Permission Levels and the second Permission Levels, described according to institute
It states verification information and determines that the step of whether operational order is verified includes:
When the Permission Levels are the first Permission Levels, manager's verification information is obtained, is verified based on the manager
Information verifies the operational order, wherein meets manager's verification information in the authority information of the operational order
Requirement when, determine that the operational order is verified;
When the Permission Levels are the second Permission Levels, manager's verification information and authorized party's verification information, base are obtained
In manager's verification information and authorized party's verification information, the operational order is verified, wherein in the behaviour
When making the authority information that instructs, while meeting the requirement of manager's verification information and authorized party's verification information, determine
The operational order is verified.
In one embodiment, label first private data includes for the step of the second private data:
Obtain the label information of first private data;
First private data is marked according to the label information.
In one embodiment, described and to second private data carry out real-time tracing the step of after, the doctor
Treating method for protecting privacy further includes:
When receiving the operational order again of second private data, the mandate letter of second private data is obtained
Breath;
Based on operational order again described in authorization message verification, it is described operational order is verified again when, according to institute
It states again operational order and respective operations is executed to second private data.
In one embodiment, described and to second private data carry out real-time tracing the step of include:
Obtain the operation label of second private data;
It is marked according to the operation, tracks the courses of action of second private data.
In addition, to achieve the above object, the present invention also provides a kind of medical privacy information protection device, the medical treatment privacy
Information protection device includes:Memory, processor and it is stored in the doctor that can be run on the memory and on the processor
Privacy information protection program is treated, the medical treatment privacy information protection program realizes such as any of the above-described when being executed by the processor
The step of described medical method for protecting privacy.
In addition, to achieve the above object, it is described computer-readable the present invention also provides a kind of computer readable storage medium
Medical privacy information protection program is stored on storage medium, the medical treatment privacy information protection program is real when being executed by processor
The step of existing medical method for protecting privacy as described in any one of the above embodiments.
A kind of medical method for protecting privacy proposed by the present invention, by referring in the operation for receiving the first private data
When enabling, the Permission Levels of the operational order are obtained;Verification information is obtained according to the Permission Levels, according to the verification information
Determine whether the operational order is verified;When the operational order is verified, label first private data is
Second private data;The corresponding operation of the operational order is executed to second private data, and to the second privacy number
According to real-time tracing is carried out, different verifications when carrying out different operation to medical private data are realized, and hidden to the medical treatment
After private data manipulation, data tracking protection is carried out, it is ensured that the information security of medical private data avoids medical privacy
Leakage.
Description of the drawings
Fig. 1 is the medical privacy information protection apparatus structure in the hardware running environment that the embodiment of the present invention is related to
Schematic diagram;
Fig. 2 is the flow diagram of the medical method for protecting privacy first embodiment of the present invention;
Fig. 3 is the flow diagram of the medical method for protecting privacy second embodiment of the present invention;
Fig. 4 is the flow diagram of the medical method for protecting privacy 3rd embodiment of the present invention;
Fig. 5 is the flow diagram of the medical method for protecting privacy fourth embodiment of the present invention;
Fig. 6 is the flow diagram of the present invention the 5th embodiment of medical method for protecting privacy;
Fig. 7 is the flow diagram of the medical method for protecting privacy sixth embodiment of the present invention;
Fig. 8 is the flow diagram of the present invention the 7th embodiment of medical method for protecting privacy;
Fig. 9 is the flow diagram of the present invention the 8th embodiment of medical method for protecting privacy.
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific implementation mode
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
Medical privacy information protection in the hardware running environment being related to as shown in FIG. 1, FIG. 1 is the embodiment of the present invention
The schematic diagram of apparatus structure.
Terminal of the embodiment of the present invention can be PC, can also be smart mobile phone, tablet computer, E-book reader, MP3
(Moving Picture Experts Group Audio Layer III, dynamic image expert's compression standard audio level 3)
Player, MP4 (Moving Picture Experts Group Audio Layer IV, dynamic image expert's compression standard sound
Frequency level 4) the packaged type terminal device with display function such as player, pocket computer.
As shown in Figure 1, the terminal may include:Processor 1001, such as CPU, network interface 1004, user interface
1003, memory 1005, communication bus 1002.Wherein, communication bus 1002 is for realizing the connection communication between these components.
User interface 1003 may include display screen (Display), input unit such as keyboard (Keyboard), optional user interface
1003 can also include standard wireline interface and wireless interface.Network interface 1004 may include optionally that the wired of standard connects
Mouth, wireless interface (such as WI-FI interfaces).Memory 1005 can be high-speed RAM memory, can also be stable memory
(non-volatile memory), such as magnetic disk storage.Memory 1005 optionally can also be independently of aforementioned processor
1001 storage device.
Optionally, terminal can also include camera, RF (Radio Frequency, radio frequency) circuit, sensor, audio
Circuit, WiFi module etc..Wherein, sensor such as optical sensor, motion sensor and other sensors.Specifically, light
Sensor may include ambient light sensor and proximity sensor, wherein ambient light sensor can according to the light and shade of ambient light come
The brightness of display screen is adjusted, proximity sensor can close display screen and/or backlight when mobile terminal is moved in one's ear.As
One kind of motion sensor, gravity accelerometer can detect in all directions the size of (generally three axis) acceleration, quiet
Size and the direction that can detect that gravity when only, the application that can be used to identify mobile terminal posture are (such as horizontal/vertical screen switching, related
Game, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer, tap) etc.;Certainly, mobile terminal can also match
The other sensors such as gyroscope, barometer, hygrometer, thermometer, infrared sensor are set, details are not described herein.
It will be understood by those skilled in the art that the restriction of the not structure paired terminal of terminal structure shown in Fig. 1, can wrap
It includes than illustrating more or fewer components, either combines certain components or different components arrangement.
As shown in Figure 1, as may include that operating system, network are logical in a kind of memory 1005 of computer storage media
Believe module, Subscriber Interface Module SIM and medical privacy information protection program.
In terminal shown in Fig. 1, network interface 1004 is mainly used for connecting background server, is carried out with background server
Data communicate;User interface 1003 is mainly used for connecting client (user terminal), with client into row data communication;And processor
1001 can be used for calling the medical privacy information protection program stored in memory 1005.
When processor 1001 calls the medical privacy information protection program stored in memory 1005, following operation is executed:
When receiving the operational order of the first private data, the Permission Levels of the operational order are obtained;
When receiving the operational order of the first private data, the Permission Levels of the operational order are obtained;
Verification information is obtained according to the Permission Levels, determines whether the operational order is verified according to the verification information
Pass through;
When the operational order is verified, it is the second private data to mark first private data;
The corresponding operation of the operational order is executed to second private data, and second private data is carried out
Real-time tracing.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
When receiving the operational order of the first private data, determine whether first private data is locking privacy number
According to;
When it is locking private data to determine first private data, the operational order is rejected;
When it is non-locking private data to determine first private data, the Permission Levels of the operational order are obtained.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
It parses the operational order and obtains parsing information;
The Permission Levels of the operational order are determined according to the parsing information.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
The corresponding action type of the operational order is determined according to the parsing information;
When the action type is sharing operation type, determine that the Permission Levels of the operational order are the first permission grade
Not;
When the action type is unshared action type, determine that the Permission Levels of the operational order are the second permission
Rank.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
When the Permission Levels are the first Permission Levels, manager's verification information is obtained, is verified based on the manager
Information verifies the operational order, wherein meets manager's verification information in the authority information of the operational order
Requirement when, determine that the operational order is verified;
When the Permission Levels are the second Permission Levels, manager's verification information and authorized party's verification information, base are obtained
In manager's verification information and authorized party's verification information, the operational order is verified, wherein in the behaviour
When making the authority information that instructs, while meeting the requirement of manager's verification information and authorized party's verification information, determine
The operational order is verified.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
Obtain the label information of first private data;
First private data is marked according to the label information.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
When receiving the operational order again of second private data, the mandate letter of second private data is obtained
Breath;
Based on operational order again described in authorization message verification, it is described operational order is verified again when, according to institute
It states again operational order and respective operations is executed to second private data.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
Obtain the operation label of second private data;
It is marked according to the operation, tracks the courses of action of second private data.
The present invention provides a kind of medical method for protecting privacy, is that medical privacy information of the invention is protected with reference to Fig. 2, Fig. 2
The flow diagram of maintaining method first embodiment.
In the present embodiment, which includes:
Step S1000 obtains the permission grade of the operational order when receiving the operational order of the first private data
Not;
In the present embodiment, which is currently stored private data, identity information, contact such as patient
The privacy informations such as mode and medical record information;When receiving the operational order of first private data, then the operational order is obtained
Permission Levels, wherein the operational order to first private data include the inquiry to first private data, modification, insert
The operational orders such as enter, delete.Specifically, when getting the operational order of the first private data, first private data is determined
Whether it is that locking private data then rejects the operational order when it is locking private data to determine first private data;
When it is non-locking private data to determine first private data, the Permission Levels of the operational order are obtained.By parsing the behaviour
Make instruction and obtain corresponding parsing information, it may be determined that the Permission Levels of the operational order;Wherein, according to the parsing information true
The action type of the fixed operational order is sharing operation type, and the Permission Levels of the operational order are the first Permission Levels;True
When the fixed action type is unshared action type, it is determined that the Permission Levels of the operational order are the second Permission Levels.
Step S2000 obtains verification information according to the Permission Levels, determines that the operation refers to according to the verification information
Whether order is verified;
In the present embodiment, when getting Permission Levels, corresponding verification can then be got according to the Permission Levels
Information.Specifically, which includes the first Permission Levels and the second Permission Levels, in the permission grade for getting operational order
Not Wei the first Permission Levels when, then obtain manager's verification information, manager's verification information be currently to first privacy
Data carry out the verification information that preservation side presets storage.The operational order is tested based on manager's verification information
Card, if the authority information of the operational order meets the corresponding requirement of manager's verification information, it is determined that the operational order is verified
Pass through.
When the Permission Levels are the second Permission Levels, then manager's verification information and authorized party's verification information are obtained, it should
Authorized party's verification information is the verification information of first private data owner, based on manager's verification information and the mandate
Square verification information verifies the operational order;If the authority information of the operational order meets manager's verification information simultaneously
Requirement corresponding with authorized party's verification information, it is determined that the operational order is verified.
Step S3000, when the operational order is verified, it is the second privacy number to mark first private data
According to;
In the present embodiment, when the operational order is verified, then first private data is marked, after label
First private data be the second private data.Wherein, it can be stain mode to be marked to first private data
Label carries out stain label so that can be with by the label information by unique label information to first private data
Uniquely get first private data.Specifically, obtain first private data the first handle cursor and this first
The label information of private data is marked the first handle cursor according to the label information, can be obtained marking the when of completing
Get second private data.Wherein, which, which is used for uniquely identifying, is directed toward a certain target resource, by this
One handle cursor can accurately obtain the target resource of the first handle cursor direction;Therefore, the first of user is being got
When private data, then the corresponding first handle cursor of first private data is obtained simultaneously, which is carried out dirty
Point marks, and the first handle cursor after label is then the second handle cursor;Detecting that program passes through the second handle cursor
When reading corresponding first private data, then stain label is carried out to each byte in first private data, after label
First private data be second private data.
Step S4000 executes the corresponding operation of the operational order to second private data, and hidden to described second
Private data carry out real-time tracing.
In the present embodiment, when it is the second private data to mark first private data, then to second private data
The currently corresponding operation of the operational order is executed, the corresponding operation of the current operational order can be the behaviour such as to change, delete, inquire
Make.Further, by obtain second private data operation label can to the courses of action of second private data into
Line trace, wherein operation label is this operation content information to second private data, which is
The information such as the content of the time, operation that operate to second private data, the requesting party of operation are specifically included;It will be in the operation
Hold the operation that information preservation is second private data to mark, it is primary right each time to preserve the operation of second private data
The operation label answered can trace into the courses of action of second private data by obtaining operation label.
The medical method for protecting privacy that the present embodiment proposes, by the operational order for receiving the first private data
When, obtain the Permission Levels of the operational order;Verification information is obtained according to the Permission Levels, it is true according to the verification information
Whether the fixed operational order is verified;When the operational order is verified, it is the to mark first private data
Two private datas;The corresponding operation of the operational order is executed to second private data, and to second private data
Real-time tracing is carried out, realizes different verifications when carrying out different operation to medical private data, and to the medical treatment privacy
After data manipulation, data tracking protection is carried out, it is ensured that the information security of medical private data avoids letting out for medical privacy
Dew.
Based on first embodiment, the second embodiment of the medical method for protecting privacy of the proposition present invention, reference Fig. 3,
In the present embodiment, step S1000 includes:
Step S1100, when receiving the operational order of the first private data, determine first private data whether be
Lock private data;
Step S1200 rejects the operation and refers to when it is locking private data to determine first private data
It enables;
Step S1300 obtains the operational order when it is non-locking private data to determine first private data
Permission Levels.
In the present embodiment, the first private data includes locking private data and non-locking private data, first hidden at this
When private data are locking private data, that is, indicate that first private data forbids any operation to the data;It is first hidden at this
When private data are non-locking data, that is, indicate that first private data allows the relevant operation to the data.
When receiving the operational order of the first private data, then it needs to be determined that whether first private data is that locking is hidden
Private data, specifically, the label information of the first private data can determine whether first private data is locking private data,
If the label information of first private data is locking label, it is determined that first private data is locking private data;If should
The label information of first private data is non-locking label, it is determined that first private data is non-locking private data.True
When fixed first private data is locking private data, then the operational order is rejected;Determining that first private data is
When non-locking private data, the Permission Levels of the operational order are obtained.
The medical method for protecting privacy that the present embodiment proposes, by the operational order for receiving the first private data
When, it determines whether first private data is locking private data, is then determining that first private data is that locking is hidden
When private data, the operational order is rejected, then when it is non-locking private data to determine first private data, is obtained
The Permission Levels for taking the operational order realize the determination to private data corresponding states so that the private data be lock
When determining private data, to the enhanced protection of the private data.
Based on second embodiment, the 3rd embodiment of the medical method for protecting privacy of the proposition present invention, reference Fig. 4,
In the present embodiment, step S1300 includes:
Step S1310 parses the operational order and obtains parsing information;
Step S1320 determines the Permission Levels of the operational order according to the parsing information.
In the present embodiment, if the label information of first private data is non-locking label, it is determined that first privacy
Data are non-locking private data;When it is non-locking private data to determine first private data, the operational order is obtained
Permission Levels.Specifically, when it is non-locking private data to determine first private data, to current first private data pair
The operational order answered is parsed, it is hereby achieved that the corresponding parsing information of the operational order, according to the parsing information
Determine the corresponding Permission Levels of the operational order.
In the parsing information for getting the operational order, the operation class of the operational order is determined according to the parsing information
Type, the action type include sharing operation type and unshared action type;The sharing operation type indicates the current operation
It is the operation for the purpose of the content for sharing first private data to instruct corresponding operation;The unshared action type indicates
Corresponding operate of the current operational order is the not operation for the purpose of the content for sharing first private data.In the operation class
When type is sharing operation type, it is determined that the Permission Levels of the operational order are the first Permission Levels, are determining the action type
For unshared action type when, it is determined that the Permission Levels of the operational order be the second Permission Levels.
The medical method for protecting privacy that the present embodiment proposes obtains parsing information by parsing the operational order,
The Permission Levels that the operational order is determined then according to the parsing information, realize to the Permission Levels of the operational order
It obtains, further realizes and the verification of the medical treatment privacy information is protected according to the Permission Levels.
Based on 3rd embodiment, the fourth embodiment of the medical method for protecting privacy of the proposition present invention, reference Fig. 5,
In the present embodiment, step S1320 includes:
Step S1321 determines the corresponding action type of the operational order according to the parsing information;
Step S1322 determines that the Permission Levels of the operational order are when the action type is sharing operation type
First Permission Levels;
Step S1323 determines the Permission Levels of the operational order when the action type is unshared action type
For the second Permission Levels.
In the present embodiment, when getting the parsing information, determine that the operational order is corresponding according to the parsing information
Action type, wherein the action type includes sharing operation type and unshared action type.Include in the parsing information
The information such as the corresponding requestor information of the operational order, operation target can determine that the current operation refers to according to the parsing information
Enable corresponding action type.When it is sharing operation type to determine the action type, that is, indicate that the current operational order is corresponding
Operation is the operation for the purpose of the content for sharing first private data, it is determined that the Permission Levels of the operational order are first
Permission Levels;When it is unshared action type to determine the action type, that is, indicate the corresponding operation of the current operational order not
It is the operation for the purpose of the content for sharing first private data, it is determined that the Permission Levels of the operational order are the second permission
Rank.
The medical method for protecting privacy that the present embodiment proposes, by determining that the operation refers to according to the parsing information
Corresponding action type is enabled, then when the action type is sharing operation type, determines the permission grade of the operational order
Not Wei the first Permission Levels, then the action type be unshared action type when, determine the permission of the operational order
Rank is the second Permission Levels, realizes the determination to the Permission Levels of the operational order, further realizes in the operation
Different rights verification when instruction is different rights rank.
Based on first embodiment, the 5th embodiment of the medical method for protecting privacy of the proposition present invention, reference Fig. 6,
In the present embodiment, step S2000 includes:
Step S2100 obtains manager's verification information when the Permission Levels are the first Permission Levels, based on described
Manager's verification information verifies the operational order, wherein meets the management in the authority information of the operational order
When the requirement of square verification information, determine that the operational order is verified;
Step S2200 obtains manager's verification information and authorized party tests when the Permission Levels are the second Permission Levels
Information is demonstrate,proved, manager's verification information and authorized party's verification information is based on, the operational order is verified,
In, in the authority information of the operational order, while meeting manager's verification information and authorized party's verification information
It is required that when, determine that the operational order is verified.
In the present embodiment, which is and currently carries out preservation side to first private data to set in advance
Surely the verification information stored, manager's verification information include corresponding manager to the preset power of the first private data
Limit requires;Authorized party's verification information is the verification information of first private data owner, which is usually user
I, authorized party's verification information is when operating first private data, by remotely sending verification information to mandate
The mode of Fang Suoyou terminals is obtained, and can also be obtained by the verification mode that authorized party sets.
When the Permission Levels for getting operational order are the first Permission Levels, then manager's verification information is obtained, is based on
Manager's verification information verifies the operational order.Specifically, when getting manager's verification information, simultaneously
The corresponding authority information of the operational order is obtained, the authority information of the operational order includes the operational order corresponding requests side
The authority information of authority information and the operational order respective operations.If the authority information of the operational order meets manager verification
The corresponding requirement of information, it is determined that the operational order is verified;If the authority information of the operational order does not meet the manager
The corresponding requirement of verification information, it is determined that the operational order authentication failed.When the Permission Levels are the second Permission Levels, then obtain
Manager's verification information and authorized party's verification information are taken, based on manager's verification information and authorized party's verification information to the behaviour
Make instruction to be verified.If the authority information of the operational order meets manager's verification information simultaneously and the authorized party verifies letter
Cease corresponding requirement, it is determined that the operational order is verified;If the authority information of the operational order does not meet the manager and tests
Demonstrate,prove at least one corresponding requirement in information and authorized party's verification information, it is determined that the operational order authentication failed.
The medical method for protecting privacy that the present embodiment proposes, by being the first Permission Levels in the Permission Levels
When, manager's verification information is obtained, the operational order is verified based on manager's verification information, wherein in institute
When stating the authority information of operational order and meeting the requirement of manager's verification information, determines that the operational order is verified, connect
It when the Permission Levels are the second Permission Levels, obtains manager's verification information and authorized party's verification information, based on described
Manager's verification information and authorized party's verification information, verify the operational order, wherein in the operational order
Authority information, while when meeting the requirement of manager's verification information and authorized party's verification information, determining the behaviour
Pass through as command verification, realize the verification of the operational order to different rights rank, further realizes to privacy number
According to different operation when, different degrees of protection.
Based on first embodiment, the sixth embodiment of the medical method for protecting privacy of the proposition present invention, reference Fig. 7,
In the present embodiment, step S3000 includes:
Step S3100 obtains the label information of first private data;
Step S3200 is marked first private data according to the label information.
In the present embodiment, when the operational order is verified, then the label information of first private data, root are obtained
First private data can be marked according to the label information.Specifically, specific interior corresponding to first private data
Hold the content that information should include many bytes, the entire first privacy number can then be got by the first handle cursor
According to;Therefore, when getting the first private data, then the first handle cursor of first private data, first handle are obtained
Cursor is the corresponding handle cursor without label of first private data.By the label information got, to this
First handle cursor is marked, and the first handle cursor after label is then the second handle cursor.Detecting that program passes through
When the second handle cursor reads corresponding first private data, then dirt is carried out to each byte in first private data
Point marks, and first private data after label is second private data.
The medical method for protecting privacy that the present embodiment proposes, the label by obtaining first private data are believed
Breath, first private data is marked then according to the label information, realize by label information to this first
The label of private data further realizes the data tracking to first private data according to the label information.
Based on first embodiment, the 7th embodiment of the medical method for protecting privacy of the proposition present invention, reference Fig. 8,
In the present embodiment, the step of step S4000 after, which further includes:
Step S5000 obtains second private data when receiving the operational order again of second private data
Authorization message;
Step S6000 is verified based on operational order again described in authorization message verification in the operational order again
When, respective operations are executed to second private data according to the operational order again.
In the present embodiment, this again operational order be to second private data again carry out respective operations finger
It enables, when receiving the operational order again of second private data, then obtains the authorization message of second private data.The mandate
Information is the authorization message of the corresponding owner of second private data, can be to the operational order again according to the authorization message
It is verified;When the corresponding Permission Levels of operational order meet the authorization message again for this, that is, determine that operational order is verified again for this
Pass through;When the corresponding Permission Levels of operational order do not meet the authorization message again for this, that is, determine that operational order verification is lost again for this
It loses.Wherein, when determining this operational order being verified again, then according to this, operational order grasps second private data again
Make.For example, for a certain second private data, the authorization message of second private data is that it is highest only to allow Permission Levels
The operation that the requesting party of Permission Levels inquires and changes;Obtain the corresponding Permission Levels of operational order again, wherein this is again
The Permission Levels of the corresponding requesting party of operational order are highest level, and the corresponding operation of operational order is inquiry again for this, it is determined that
The Permission Levels of the operational order again meet the authorization message, that is, determine that operational order is verified again for this.
The medical method for protecting privacy that the present embodiment proposes, by receiving grasping again for second private data
When instructing, the authorization message of second private data is obtained, is then based on operating again described in authorization message verification and refers to
Enable, it is described operational order is verified again when, corresponding behaviour is executed to second private data according to the operational order again
Make, realizes when being operated again to second private data, to the track protection of second private data.
Based on first embodiment, the 8th embodiment of the medical method for protecting privacy of the proposition present invention, reference Fig. 9,
In the present embodiment, step S4000 includes:
Step S4100 obtains the operation label of second private data;
Step S4200 is marked according to the operation, tracks the courses of action of second private data.
It in the present embodiment, can be to the behaviour of second private data by obtaining the operation label of second private data
Make path into line trace, wherein operation label is this operation content information to second private data.Specifically,
Since each byte carries label information in second private data, as long as detecting to carrying label letter
When the data of breath carry out relevant operation, then it can be got according to the label information currently in the operation of second private data
Hold information, which is the content for having specifically included the time, operation that operates to second private data, operates
The information such as requesting party;The operation that the operation content information preservation is second private data is marked, it is second hidden to this each time
The operation of private data preserves primary corresponding operation label, and the second privacy number can be traced by obtaining operation label
According to courses of action.
The medical method for protecting privacy that the present embodiment proposes, by the operation mark for obtaining second private data
Note is marked then according to the operation, is tracked the courses of action of second private data, is realized to the second private data
Path trace so that it is traceable to all operations of private data, protect the information security of private data.
In addition, to achieve the above object, the present invention also proposes a kind of computer readable storage medium, described computer-readable
Medical privacy information protection program is stored on storage medium, the medical treatment privacy information protection program is real when being executed by processor
Now following operation:
When receiving the operational order of the first private data, the Permission Levels of the operational order are obtained;
Verification information is obtained according to the Permission Levels, determines whether the operational order is verified according to the verification information
Pass through;
When the operational order is verified, it is the second private data to mark first private data;
The corresponding operation of the operational order is executed to second private data, and second private data is carried out
Real-time tracing.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
When receiving the operational order of the first private data, determine whether first private data is locking privacy number
According to;
When it is locking private data to determine first private data, the operational order is rejected;
When it is non-locking private data to determine first private data, the Permission Levels of the operational order are obtained.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
It parses the operational order and obtains parsing information;
The Permission Levels of the operational order are determined according to the parsing information.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
The corresponding action type of the operational order is determined according to the parsing information;
When the action type is sharing operation type, determine that the Permission Levels of the operational order are the first permission grade
Not;
When the action type is unshared action type, determine that the Permission Levels of the operational order are the second permission
Rank.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
When the Permission Levels are the first Permission Levels, manager's verification information is obtained, is verified based on the manager
Information verifies the operational order, wherein meets manager's verification information in the authority information of the operational order
Requirement when, determine that the operational order is verified;
When the Permission Levels are the second Permission Levels, manager's verification information and authorized party's verification information, base are obtained
In manager's verification information and authorized party's verification information, the operational order is verified, wherein in the behaviour
When making the authority information that instructs, while meeting the requirement of manager's verification information and authorized party's verification information, determine
The operational order is verified.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
Obtain the label information of first private data;
First private data is marked according to the label information.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
When receiving the operational order again of second private data, the mandate letter of second private data is obtained
Breath;
Based on operational order again described in authorization message verification, it is described operational order is verified again when, according to institute
It states again operational order and respective operations is executed to second private data.
Further, following operation is also realized when the medical privacy information protection program is executed by the processor:
Obtain the operation label of second private data;
It is marked according to the operation, tracks the courses of action of second private data.
It should be noted that herein, the terms "include", "comprise" or its any other variant are intended to non-row
His property includes, so that process, method, article or system including a series of elements include not only those elements, and
And further include other elements that are not explicitly listed, or further include for this process, method, article or system institute it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including this
There is also other identical elements in the process of element, method, article or system.
The embodiments of the present invention are for illustration only, can not represent the quality of embodiment.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on this understanding, technical scheme of the present invention substantially in other words does the prior art
Going out the part of contribution can be expressed in the form of software products, which is stored in one as described above
In storage medium (such as ROM/RAM, magnetic disc, CD), including some instructions use so that a station terminal equipment (can be mobile phone,
Computer, server, air conditioner or network equipment etc.) execute method described in each embodiment of the present invention.
It these are only the preferred embodiment of the present invention, be not intended to limit the scope of the invention, it is every to utilize this hair
Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills
Art field, is included within the scope of the present invention.
Claims (10)
1. it is a kind of medical treatment method for protecting privacy, which is characterized in that it is described medical treatment method for protecting privacy include:
When receiving the operational order of the first private data, the Permission Levels of the operational order are obtained;
Verification information is obtained according to the Permission Levels, it is logical to determine whether the operational order is verified according to the verification information
It crosses;
When the operational order is verified, it is the second private data to mark first private data;
The corresponding operation of the operational order is executed to second private data, and second private data is carried out real-time
Tracking.
2. medical treatment method for protecting privacy as described in claim 1, which is characterized in that described to receive the first privacy number
According to operational order when, the step of Permission Levels for obtaining the operational order further includes:
When receiving the operational order of the first private data, determine whether first private data is locking private data;
When it is locking private data to determine first private data, the operational order is rejected;
When it is non-locking private data to determine first private data, the Permission Levels of the operational order are obtained.
3. medical treatment method for protecting privacy as claimed in claim 2, which is characterized in that described to determine first privacy
When data are non-locking private data, the step of Permission Levels for obtaining the operational order, includes:
It parses the operational order and obtains parsing information;
The Permission Levels of the operational order are determined according to the parsing information.
4. medical treatment method for protecting privacy as claimed in claim 3, which is characterized in that described true according to the parsing information
The step of Permission Levels of the operational order include calmly:
The corresponding action type of the operational order is determined according to the parsing information;
When the action type is sharing operation type, determine that the Permission Levels of the operational order are the first Permission Levels;
When the action type is unshared action type, determine that the Permission Levels of the operational order are the second permission grade
Not.
5. medical treatment method for protecting privacy as described in claim 1, which is characterized in that the Permission Levels include the first power
Rank and the second Permission Levels are limited, it is described to determine that the step of whether operational order is verified is wrapped according to the verification information
It includes:
When the Permission Levels are the first Permission Levels, manager's verification information is obtained, is based on manager's verification information
The operational order is verified, wherein meet wanting for manager's verification information in the authority information of the operational order
When asking, determine that the operational order is verified;
When the Permission Levels are the second Permission Levels, manager's verification information and authorized party's verification information are obtained, is based on institute
Manager's verification information and authorized party's verification information are stated, the operational order is verified, wherein is referred in the operation
The authority information of order, while when meeting the requirement of manager's verification information and authorized party's verification information, determine described in
Operational order is verified.
6. medical treatment method for protecting privacy as described in claim 1, which is characterized in that label the first privacy number
Include according to for the step of the second private data:
Obtain the label information of first private data;
First private data is marked according to the label information.
7. medical treatment method for protecting privacy as described in claim 1, which is characterized in that described and to the second privacy number
After the step of carrying out real-time tracing, the medical treatment method for protecting privacy further includes:
When receiving the operational order again of second private data, the authorization message of second private data is obtained;
Based on operational order again described in authorization message verification, it is described operational order is verified again when, according to it is described again
Operational order executes respective operations to second private data.
8. medical treatment method for protecting privacy as described in claim 1, which is characterized in that described and to the second privacy number
Include according to the step of carrying out real-time tracing:
Obtain the operation label of second private data;
It is marked according to the operation, tracks the courses of action of second private data.
9. a kind of medical treatment privacy information protection device, which is characterized in that the medical treatment privacy information protection device includes:Storage
Device, processor and the medical privacy information protection program that is stored on the memory and can run on the processor, institute
It states and realizes such as medical treatment described in any item of the claim 1 to 8 when medical privacy information protection program is executed by the processor
The step of method for protecting privacy.
10. a kind of computer readable storage medium, which is characterized in that it is hidden to be stored with medical treatment on the computer readable storage medium
Private information protection program, the medical treatment privacy information protection program are realized when being executed by processor as any in claim 1 to 8
Described in medical method for protecting privacy the step of.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810562228.8A CN108763959A (en) | 2018-05-31 | 2018-05-31 | Medical method for protecting privacy, device and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810562228.8A CN108763959A (en) | 2018-05-31 | 2018-05-31 | Medical method for protecting privacy, device and computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108763959A true CN108763959A (en) | 2018-11-06 |
Family
ID=64002412
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810562228.8A Withdrawn CN108763959A (en) | 2018-05-31 | 2018-05-31 | Medical method for protecting privacy, device and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108763959A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113127849A (en) * | 2021-03-14 | 2021-07-16 | 曹庆恒 | Private information using method and system and computer readable storage medium |
-
2018
- 2018-05-31 CN CN201810562228.8A patent/CN108763959A/en not_active Withdrawn
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113127849A (en) * | 2021-03-14 | 2021-07-16 | 曹庆恒 | Private information using method and system and computer readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108347444A (en) | Identity identifying method, device based on block chain and computer readable storage medium | |
| CN107547514A (en) | Identity identifying method, system and computer-readable recording medium | |
| CN107704770A (en) | Sensitive information desensitization method, system, equipment and readable storage medium storing program for executing | |
| CN107315937A (en) | A kind of method for secret protection, mobile terminal and computer-readable recording medium | |
| CN107240157B (en) | Near field communication security control method, mobile terminal and computer readable storage medium | |
| CN108510022A (en) | A kind of Quick Response Code generates, verification method and server | |
| CN110457888B (en) | Verification code input method and device, electronic equipment and storage medium | |
| CN108256303A (en) | Electronic device, auth method and storage medium | |
| CN106255102B (en) | Terminal equipment identification method and related equipment | |
| CN109257336A (en) | It is a kind of based on the encrypted message processing method of block chain, terminal device | |
| CN107317680A (en) | Labeling method, system and the computer-readable recording medium of secured account numbers | |
| CN107506646A (en) | Detection method, device and the computer-readable recording medium of malicious application | |
| CN107861669A (en) | The switching method and mobile terminal of a kind of custom system | |
| CN107395560A (en) | Safety check and its initiation, management method, equipment, server and storage medium | |
| CN108197441A (en) | Flexible screen terminal and its solution lock control method, computer readable storage medium | |
| CN110069229A (en) | Screen sharing method, mobile terminal and computer readable storage medium | |
| CN107770443A (en) | A kind of image processing method, mobile terminal and computer-readable recording medium | |
| CN108206892A (en) | Guard method, device, mobile terminal and the storage medium of contact person's privacy | |
| CN104899488B (en) | Numeric value transfer and device | |
| CN109918944B (en) | Information protection method and device, mobile terminal and storage medium | |
| CN108540458A (en) | A kind of method of client checks, equipment, server and storage medium | |
| CN107426441A (en) | A kind of displaying method of terminal, terminal and computer-readable recording medium | |
| CN107347117A (en) | A kind of message management method, mobile terminal and computer-readable recording medium | |
| CN108763959A (en) | Medical method for protecting privacy, device and computer readable storage medium | |
| CN107346392A (en) | Terminal system change recognition methods, device and readable storage medium storing program for executing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20181106 |
|
| WW01 | Invention patent application withdrawn after publication |