CN109326337B - Model and method for storing and sharing electronic medical record based on block chain - Google Patents
Model and method for storing and sharing electronic medical record based on block chain Download PDFInfo
- Publication number
- CN109326337B CN109326337B CN201811034508.8A CN201811034508A CN109326337B CN 109326337 B CN109326337 B CN 109326337B CN 201811034508 A CN201811034508 A CN 201811034508A CN 109326337 B CN109326337 B CN 109326337B
- Authority
- CN
- China
- Prior art keywords
- data
- medical
- signature
- patient
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Abstract
The invention discloses a safe storage and sharing model and method of electronic medical records based on a block chain, which solve the problems that patients can control the access authority of personal medical data and sensitive medical data can not be safely stored and shared at the present stage. The scheme is realized as follows: the model comprises a data creator, a data owner, cloud storage, a block chain of alliances and a data user, wherein the block chain is a control center. The method comprises the steps of initializing a system; acquiring medical data: storing data by intercepting the signature; data publishing using an improved DPOS consensus mechanism; data sharing based on smart contracts. The invention has the advantages of safety, reliability, privacy protection and safe storage capability, combines the cloud storage technology and the signature intercepting technology, and can realize safe and effective sharing access of data by setting sharing conditions through intelligent contracts by users in the block chain of the alliance, thereby having strong practicability.
Description
Technical Field
The invention belongs to the technical field of information security, and particularly relates to improved technologies such as a stock authorization certification mechanism (DPOS), an intelligent contract, cloud storage and an interceptable signature, in particular to a model and a method for storing and sharing electronic medical records based on a block chain, which can be used for safely storing and sharing data under the block chain technology.
Background
With the rapid development of the internet, cloud computing and internet of things technologies, the data scale is increased rapidly, and the concepts of the internet and health care, medical health big data and the like come along. As an important data source of Medical big data, sharing of Electronic Medical Record (EMR) has great application value in the fields of hospital development, clinical service, clinical scientific research and the like. Actually, in the 90 s of the 20 th century, western countries such as meiying and ying have started to promote research of EMR, while research in this respect in China is started later, and in the opinion published by the common central national institute in 2009, the "establishment of health records of residents is particularly proposed as a key point to promote information-based construction of hospitals".
Electronic Medical Records (EMRs) are data integration systems that are created, stored, and used electronically by medical institutions, focusing on outpatient, inpatient (or healthcare object) clinical care and guidance intervention information. The ultimate goal of electronic medical record development is to achieve information sharing, which is advantageous in that different medical institutions can use this data to correlate with other electronic health record data to facilitate health monitoring, disease diagnosis and treatment, and reduce medical errors. The sharing of the electronic medical records can also realize remote medical treatment and make accurate and timely treatment schemes through consultation of a plurality of hospitals.
However, at the present stage, paper medical records are mainly used and are stored by a centralized medical institution, so that patients have difficulty in acquiring required medical records and medical history conditions, and the quality of medical treatment is affected. Data cannot be shared among medical institutions, and medical research is not facilitated. Moreover, conventional centralized networks are vulnerable to data leaks, such as 8000 thousand patient and related personnel records leaked by Anthem and 450 thousand patient data leaked by UCLA Health. Fortunately, the birth of blockchain technology provides a possibility to solve the medical "islanding information" phenomenon. It provides a new mode of distributed sharing that can remove the intermediate mechanism, increase data security.
Blockchain technology is the underlying support technology for bitcoin, and is considered to be the fifth subversive computational paradigm after mainframe computers, personal computers, the internet, mobile societies. The core technology of the method comprises a distributed ledger technology, an asymmetric encryption algorithm, an intelligent contract and the like, and has the characteristics of decentralization, high-redundancy storage, tamper resistance, high safety and the like. Based on the above characteristics of the block chain technology, the method is widely applied to various fields such as finance, election, medical treatment, supply chain and the like. Wherein the medical health field would likely be the second largest application market behind the financial field. When medical data is shared by the hospital-oriented medical data, all medical record information on the blockchain contains different timestamps and encryption keys, and the medical record data of the patients are stored on the distributed servers in this way. Because the billing process adopts a series of data encryption, signature and integrity verification, the medical record data which is stored in the distribution cannot be tampered at will and can only be recorded in the same server or the medical record of the patient, so that the confidentiality of the medical record data is improved.
However, managing medical data, acquiring, storing, and sharing are not simple tasks, especially privacy concerns. Electronic medical records contain a large amount of personal information, and the use of electronic medical records is clearly regulated by multi-national laws and regulations to take care of patient privacy protection. For example, when a patient purchases a medicine in an e-commerce pharmacy by showing an effective prescription, the patient does not want to reveal information such as the real name and identification number of the patient, the data used for scientific research does not need to know the information such as the real name and identification number of the patient, and the sensitive personal privacy data is deleted from the health data of the patient when the data is used. Therefore, the intercepted signature is very suitable for electronic medical records, and the patient can delete personal private data according to own will and can obtain an effective intercepted signature without interaction.
The blockchain technology can help doctors, patients and researchers to quickly and safely authenticate the authority, and free data access and sharing are achieved. Therefore, the application and research of the current block chain in the medical field are concerned, the Health bank company in switzerland is an innovator of global digital Health, and the absolute safety of Health data storage is ensured by processing the transactions of a Health system in a transparent mode through the block chain. A Health ecosystem comprising a block chain is constructed in a Gem Health joint Philips block chain laboratory, so that the global medical integration is promoted, and the medical Health is more personalized and civilized. In the country, the hospital (regional medical consortium) + blockchain trial project, which is a collaboration of ali health with the Changzhou city, is most compelling. At this stage, however, no specific embodiment or method has been disclosed.
At present, medical institutions mainly use paper medical records and store the paper medical records by medical institutions with centralized characteristics, and patients are difficult to acquire required medical records and medical history conditions, so that the medical quality is influenced. Data cannot be shared among medical institutions, and medical research is not facilitated. The ultimate goal of electronic medical record development is to achieve information sharing, which is advantageous in that different medical institutions can use this data to correlate with other electronic health record data for treatment or scientific research. But traditional centralized networks are vulnerable to attacks, resulting in data leakage. And sensitive information of patients is often involved in the medical data, and the dispersity and information circulation characteristics of the medical data make the block chain of the alliance very suitable. However, the existing stock authorization certification mechanism DPOS is used by 101 institutions, such a DPOS consensus mechanism determines the representative node according to the stock authorization, and it is obvious that the medical field related to the health of patients and medical research cannot determine the representative node according to the selection criteria of the stock authorization, because it needs a medical institution with high medical level and authority as the representative node to judge the validity of the release of the medical data and the access right of the medical data sharing, and only this is scientific, so the existing DPOS mechanism cannot be applied to the medical field.
Disclosure of Invention
The invention aims to overcome the defects and provides a safe storage and sharing model and a safe storage and sharing method of the electronic medical record based on the block chain, which can safely store and share the medical data.
The invention firstly relates to a block chain-based electronic medical record safe storage and sharing model which is characterized by comprising a data creator, a data owner, cloud storage, an alliance block chain and a data user, wherein the data creator firstly sends an electronic medical record of a patient to the data owner; the data owner intercepts data according to an intercepting rule, encrypts the data and stores the encrypted data in the cloud; the data owner distributes the citation of the medical data stored in the cloud in the alliance block chain, and sets access authority by using an intelligent contract; after the data user obtains the access application of the alliance block chain, the data user obtains the data to be accessed after decrypting the data in the cloud storage;
the data creator is a medical institution or doctor, the data owner is a patient, and the data user is a doctor or medical institution or institute or other person desiring to obtain the data.
The invention also relates to a block chain-based electronic medical record safe storage and sharing method, which is used on the block chain-based electronic medical record safe storage and sharing model of claims 1-3, and is characterized by comprising the following steps:
(1) model initialization: a certificate issuing (certification) authority CA in the federation blockchain is responsible for issuing a certificate for each new user, the certificate comprising an account ID, a public-private key pair (PK, SK); medical data such as electronic medical record of personal information of a patient, an examination report and the like are classified according to the medical data, the medical data are refined into M (name, gender, age, identification number, medical history, physical examination or laboratory sheet and medical prescription), and the M (M) is recorded as (M)1,m2,m3,m4,m5,m6,m7};
(2) Data acquisition: the data creator (medical institution) performs the revisable signature after dividing the data M into n segments and sends the signature and the original EMRs to the data owner:
(2a) dividing the electronic medical data M of the patient into n segments, namely: m ═ Mi|i=1,2,…,n};
(2c) For each subdata M of the original data MiCalculating a hash value hi=H(MiIiiiiiiiiii) 1 ≦ i ≦ 7, where CEAS is the truncation rule for the truncatable signature and T is the CEAS marker;
(2d) calculate the subdata MiSignature of δi=(hi-ar)k-1mod(p-1),1≤i≤7;
(2e) Of the output data MGlobal signature deltaFull=(CEAS‖T‖δ1‖δ2‖…‖δ7);
(2f) The data creator combines the raw medical data MiHash value hiGlobal signature deltaFullAfter the CEAS and the mark T are cascaded, the symmetric key of a doctor is used for encryption, and then the encryption key K is used for encryptiondocUsing the public key PK of the patientpatEncrypted and then sent to the patient;
(3) data storage with intercepted signatures: after receiving the medical data sent by the doctor, the data owner (patient) uses the private key SKpatEncryption key K for decrypting medical datadocThen, the original medical data M is decryptediSecond, verify the global signature deltaFullIf the data is correct, the data owner generates a revised signature (intercepting signature) and stores the revised signature and the ciphertext of the original data into the cloud, and the steps are as follows:
(3a) for each sub-data M of the data MiCalculate hi=H(MiII T II I) of CEAS, wherein 1 ≦ i ≦ 7;
(3b) from global signatures δFullTo obtain deltaiAnd verifyWhether or not it is established, i.e.If signature deltaFullIf the verification is passed, executing the following steps, otherwise, returning to failure;
(3c) intercepting the signature of the corresponding subdata by the patient according to CEAS specified by the doctor and the will of the patient;
(3d) the data owner encrypts and stores the intercepted medical data and the corresponding intercepted signature into cloud storage;
(4) data publishing with improved DPOS consensus mechanism: after the patient stores the medical data in the cloud storage, the patient needs to store the metadata, the hash value and the signature in a federation blockchain, and sets access authority by using an intelligent contract, wherein the steps are as follows:
(4a) the patient adopts a unique IDpat(independent of individual identity privacy) register and log on the blockchain;
(4b) for the subdata number i e CI (M'), the patient uses his own private key SKpatFor MetadataiHash value of the original data hiAnd performing common digital signature with the timestamp t to obtain
(4c) Requesting to store the medical record in the blockchain, issuing a request:
(4d) the current value in the block chain network represents that the node receives the transaction request and is responsible for generating an effective block, and block consensus is carried out by using an improved DPOS (distributed DPOS consensus) mechanism;
(5) data sharing based on smart contracts: a data user submits an access application to the blockchain, and needs to provide information such as a public key, an access object, an access purpose and the like of the data user, and the data user utilizes the urls based on CP-ABE access control, namely blockchain access authority authenticationiThe EMRs can be obtained, and the integrity and validity of the original data are verified through the hash value and the signature, and the process comprises the following steps:
(5a) CP-ABE access control;
(5b) medical data sharing in cloud storage;
(5c) data user verification signature deltaExtTo ensure the required raw medical data MiIf the intercepted signature passes verification, the fact that the original medical data are not tampered is indicated, the user can conduct access operation to obtain shared data, and if the verification fails, the user informs a cloud storage manager of the message to conduct processing.
The invention effectively realizes the control of ownership and access authority of the patient on the personal medical data and the safe storage and sharing of the sensitive medical data.
Compared with the prior art, the invention has the following advantages:
1) safety:
the medical data storage of the invention utilizes standard symmetric encryption and asymmetric encryption technologies, and has good resistance to the traditional security attack. For example, through an encryption and authentication mechanism, an attacker cannot open encrypted information through brute force cracking for a short time; the addition of the time stamp is well resistant to replay attacks; in the communication process, the communication node uses a digital signature technology to resist the attack of an attacker pretending to be a legal entity or forging false information; any entity can not forge the digital signature of other entities under the condition that the private key of the signer does not exist; a legitimate entity can verify the sender of the received message by digital signature techniques and verify that the received message has been altered. These techniques can ensure the authenticity and validity of electronic medical data.
2) Reliability:
authoritativeness: the invention is based on the alliance blockchain infrastructure, and the consensus process is controlled by part of the preselected nodes instead of all the nodes of the whole network, thereby greatly reducing the network overhead. Furthermore, with improved DPOS consensus, the selected medical institutions have influence and authority in ranking, thereby ensuring reliability of data sharing.
Tamper-proofing: all information in the federation chain is public and non-tampered, and each data block is stamped with a time stamp and arranged according to a certain time sequence. The distributed consensus mechanism enables trust to be built on the basis of cryptographic algorithms without relying on a trusted third party. Once written into the healthcare chain, the data cannot be tampered with because each tile holds the hash of its previous tile, which is almost impossible if it takes at least over 51% of the total network to modify the data of a tile. The hash of the original data of the medical record is saved in the medical chain of the invention, and any change of the original data can cause the change of the hash value, so that the non-tamper property of the medical record is directly ensured.
3) Privacy protection:
because the electronic medical record of the patient contains many sensitive information, such as name, identification card number, special illness state, etc., the electronic medical record does not need to be publicized. Due to the following technical characteristics, the privacy of the invention is well protected.
Anonymous trading: each node on the blockchain participates anonymously in transactions, and the user may use a different public and private key pair for each transaction. In addition, the consensus mechanism of the blockchain solves the trust problem in the peer-to-peer network, so that data transmission and even transaction can be anonymous, and only the blockchain address of the user needs to be known.
Secondly, cloud storage: the original data of the medical record are encrypted and stored in the cloud storage. In this way, the problem of limited blockchain storage capacity is solved while also greatly reducing the disclosure of raw medical data in the blockchain and securely storing the data.
Third, the signature can be intercepted: the invention adopts the signature which can be intercepted when a doctor signs medical data, and aims to facilitate the patient to intercept the sensitive data of the patient and obtain the effective signature without multiple interactions. The introduction of the signature can be intercepted, reducing the transmission of sensitive data from the beginning. Like ordinary digital signatures, any entity cannot forge the digital signatures of other entities without the private key of the signer.
4) And (4) safe storage:
the security of the storage of data is an important feature of the chain of the medical alliance, in which case the user has ownership of his own medical record and has full control over its use. The process from the production of the data to the use of the data is secure.
The patient encrypts and stores the original data and the signature in the cloud storage under the chain, and the distributed characteristic of the cloud storage ensures the safety of data storage.
And secondly, public information (metadata, hash values and access authority) of the medical records is stored in the block chain and cannot be modified by public. The blockchain is a safe and reliable distributed database, so that the risk that a centralized mechanism is easily attacked to cause data leakage is avoided. And each node on the blockchain stores the same data, so that the single-point attack cannot influence the whole system. The decentralized storage system has good expandability and reliability.
The data sharing authority is predefined in the intelligent contract by the user, only authorized users or mechanisms can access the data, and the access transaction can be recorded. Due to the presence of the time stamp, violations of rules or malicious use of the data can be traced. The user has the right to revoke his access rights and have him accept the audit.
Drawings
FIG. 1 is a general flow chart of an implementation of the present invention;
FIG. 2 is a sub-flow diagram of the signature generation algorithm SIG in the present invention;
FIG. 3 is a sub-flow diagram of the medical record data storage of the present invention;
FIG. 4 is a sub-flow diagram of an interceptable signature algorithm in a medical records data store in accordance with the present invention;
fig. 5 is a sub-flow diagram of the basic ciphertext access control scheme (BCAC) of the present invention.
Detailed Description
Embodiments and effects of the present invention will be described in detail below with reference to the accompanying drawings.
Example 1
At present, paper medical records are mainly used and stored by a medical institution with centralized characteristics, so that patients are difficult to obtain required medical records and medical history conditions, and the medical quality is influenced; data cannot be shared among medical institutions, which is not beneficial to medical research; traditional centralized networks are vulnerable to attacks, resulting in data leakage; the case history data is tampered by people randomly and frequently; the privacy protection of the sensitive information of the patient can not be obtained, and the like. To this end, the invention provides a model for safe storage and sharing of electronic medical records based on a block chain.
The invention relates to a safe storage and sharing model of electronic medical records based on a block chain, which comprises a data creator, a data owner, cloud storage, an alliance block chain and a data user, wherein the data creator firstly sends the electronic medical records of a patient to the data owner; the data owner intercepts data according to an intercepting rule, encrypts the data and stores the encrypted data in a cloud end, namely cloud storage; the data owner distributes the citation of the medical data stored in the cloud in the alliance block chain, and sets access authority by using an intelligent contract; and after the data user receives the access application of the alliance block chain, the data user decrypts the data in the cloud storage to obtain the data to be accessed.
The data creator is a medical institution or doctor, the data owner is a patient, and the data user is a doctor or medical institution or institute or other person desiring to obtain the data.
From the structure of the model, a data creator serves as a data source of the whole model and has a unidirectional data flow direction pointing to a data owner; as a block chain of the alliance of the whole model control center, the block chain has close relation with other four important nodes, namely other four components of the model: the data owner sends a release request and an intelligent contract access authority of the medical record data to the block chain of the alliance, after the block chain of the alliance passes the request, an intelligent contract is set, and a one-way relation that the data owner points to the block chain of the alliance exists between the block chain of the alliance and the intelligent contract; and the data user (including a data creator) sends a data stream of the information requested to be accessed to the alliance block chain, the alliance block chain feeds back the link of the data at the cloud end to the data user after being checked, and the data user and the alliance block chain are in a bidirectional link relationship. The cloud stores medical data of patients, references of the medical data of the patients stored in the block chain of the alliance and other control information, and the cloud and the data link layer of the block chain of the alliance have no direct data flow direction, but have reference connection on the network layer. The cloud end is used as the cloud end of the whole model storage center, the data owner points the encrypted medical data to the cloud end, the cloud end can return the link of the medical data to the data owner, and the data user and the cloud end are in a bidirectional link relation; the data user accesses the cloud end through the data access link returned by the block chain of the alliance, the cloud end can return the medical data to the data user, and the data user and the cloud end are in a bidirectional link relationship.
Example 2
The overall structure of the model for the safe storage and sharing of the electronic medical records based on the block chain is the same as that of the embodiment 1, in the invention, the block chain of the alliance is a control center of the whole model, wherein a certificate issuing (certification) authority CA is responsible for issuing a certificate for each new user (a data creator or a data owner), the certificate comprises an account ID and a public and private key pair (PK, SK), and in order to realize the sharing of the medical data, the data owner firstly needs to register and log in on the block chain of the alliance by adopting a unique identity account number of the data owner; because the storage capacity of the block chain of the alliance is limited, the personal medical records are stored in the cloud storage in an encrypted manner, only references of the data in the cloud storage, namely metadata, hash values and signatures, are reserved in the block chain, and a patient uses the private key SK of the patientpatFor MetadataiHash value of the original data hiAnd a timestamp t, generating a request to store the medical record in the blockchain. The invention adopts an improved DPOS consensus mechanism to carry out block consensus, wherein a current value represents a node RPN to verify each transaction, the current value represents the node RPN in the invention refers to a representative of an authoritative medical institution with high medical level and good credit, the current value represents the node RPN and integrates all collected effective data in the period of time into a data set, then a digital signature of the current value and a hash value of a new data block are attached to form a new data block, and a newly generated data block is broadcasted to other auditing nodes ATNs to be verified, the auditing nodes ATNs in the invention refer to other authoritative medical institutions with high medical level, good credit and being capable of being represented, after each ATN receives the data block, the validity and correctness of the data block are verified through information such as block hash value and digital signature sent by the RPN, and the result of the auditing is attached to the digital signature of the current value and encrypted by a public key of the RPN and sent back to the current value representing point, and the RPN checks the audit replies of all ATNs, and if the number of tickets passing the audit exceeds 51%, the block generation is considered to be successful. The RPN integrates the data block with the public key set of the ATNs of the audit node and the corresponding digital signature and sends the integrated data block to all nodes, and all nodes update data to form an effective block; and setting an intelligent contract according to the access authority set by the data creator.Based on CP-ABE access control, namely block chain access authority authentication, when a data user wants to obtain medical data of a patient, an access application is submitted to a block chain of a alliance, the access application comprises information of a public key of the data user, an access object, an access purpose and the like, if the access application passes, whether preset access conditions of the patient are met is judged according to identity information of a data visitor, if the preset access conditions are met, an intelligent contract is triggered to decrypt metadata by using a private key provided by the patient, ciphertext information of the metadata encrypted by the public key of the data user is returned, medical record data are obtained by using a link of data storage, and the integrity and the validity of original data are verified through a hash value and a signature.
Example 3
The overall structure of the model for safe storage and sharing of the electronic medical record based on the blockchain is the same as that of the embodiment 1-2, and all the quotes of the medical record data on the alliance blockchain contain different time stamps and encryption keys, namely, for the medical subdata, a patient uses the private key SK of the patientpatFor MetadataiHash value of the original data hiAnd performing common digital signature with the timestamp t to obtainAnd then issuing a request to the alliance blockchain, and adopting an improved DPOS consensus mechanism to accept the transaction request and carry out blockchain consensus on the current value representative nodes in the blockchain network. When the value represents the node RPN, each transaction is verified, and all the collected effective data in the period is integrated into a data set (denoted as M)setAnd { Req | t }), the new data block is formed by attaching the digital signature of the new data block and the hash value of the new data block, and the newly generated data block is broadcasted to other auditing nodes ATNs to be verified. After each ATN receives the data block, the validity and the correctness of the data block are verified through information such as the block hash value, the digital signature and the like sent by the RPN, the audit Result (Result) of the ATN is attached to the digital signature of the ATN, and the audit Result (Result) is encrypted by the public key of the RPN and then is sent to the current value representative node as a Reply (Reply). The RPN checks the audit replies of all ATNs, and if the number of tickets passing the audit exceeds 51 percent, the RPN considers that the tickets pass the audit repliesThe block generation is successful. And the RPN integrates the data block with the public key set of the ATNs of the audit node and the corresponding digital signature and sends the integrated data block to all nodes, and all nodes update data. Thereafter, the data blocks will be stored in the federation chain in chronological order, with the value representing the reward that both the node and the node participating in the audit will receive credit. After the request is passed, the patient stores a reference to the medical data on a distributed server. Because the accounting process adopts a series of data encryption, signature and integrity verification, the medical record data stored in a distributed mode cannot be tampered randomly, and therefore the model has the characteristics of decentralization, tamper resistance, high safety and the like.
Example 4
The overall construction of the model for secure storage and sharing of electronic medical records based on blockchains is the same as in examples 1-3,
the invention is also a block chain based method for secure storage and sharing of electronic medical records. The method is used on the model of safe storage and sharing of the electronic medical record based on the block chain, and referring to fig. 1, comprises the following steps:
(1) model initialization: a certificate authority CA in the block chain of the alliance is responsible for issuing a certificate for each new user, wherein the certificate comprises an account ID and a public and private key pair (PK, SK), each new user with encryption and decryption requirements, namely a data creator, a data owner and a data user, needs to be initialized to obtain the own public and private key pair (PK, SK), and in addition, a symmetric encryption key may be needed. The invention adopts the existing signature algorithm capable of intercepting to design the signature, and the use of the digital signature technology can resist the attack of an attacker pretending to be a legal entity or forging false information. The data creator performs the following operations: key generation algorithm GK: let p be one such that in the multiplication loop group ZpThe prime numbers that are difficult to handle by the discrete logarithm problem,is a primitive element, H is a hash function, and an integer is randomly selectedCalculating v ═ ga(mod p), the public key PK of the signerdocPrivate key SK { p, g, v }, anddoc=a。
(2) data creator obtains data: the data creator (medical institution) divides the medical data M into n segments and executes the revisable signature and sends the signature and the original electronic medical record EMRs to the data owner:
(2a) when a patient sees a doctor in a hospital or is examined in medical institutions such as the hospital, a doctor can generate medical data such as an electronic medical record containing personal information of the patient, an examination report and the like for the patient, and a data creator divides the electronic medical data M of the patient into n sections, namely: m ═ Mi1,2, …, n }, including name, sex, age, identification number, medical history, physical examination or laboratory sheet, medical prescription, similar medical record and other medically important information. N here can be flexibly designed according to actual situations and requirements.
(2c) Data creator for each sub-data M of original data MiCalculating a hash value hi=H(MiIiiiiiiii) 1 ≦ i ≦ 7, where CEAS is the truncation rule for the truncatable signature, T is the CEAS flag, and the truncation rule is the rule that the physician maximally preserves the validity of the patient medical data without removing the patient's privacy, such as: the sex and age of a patient are important reference factors influencing a part of pathology, so that a data creator needs to set the sex and age as an object to be intercepted, and the contact way of the name, identification card information, a telephone and the like of the patient is privacy of the patient, and the contact way has no great relation to medical data and can be set as a non-intercepted object. The interception signature of the CEAS can maximally protect the privacy of the patient on the premise of ensuring the validity of the medical data.
(2d) The data creator calculates each sub-data MiThe signature of (a), namely: deltai=(hi-ar)k-1mod(p-1),1≤i≤7。
(2e) The data creator obtains the global signature δ of the complete data MFull=(CEAS‖T‖δ1‖δ2‖…‖δ7)。
(2f) The data creator combines the raw medical data MiHash value hiGlobal signature deltaFullAfter the CEAS and the mark T are cascaded, the symmetric key of a doctor is used for encryption, and then the encryption key K is used for encryptiondocUsing the public key PK of the patientpatAfter encryption, the data are sent to the patient together, namely:
the medical data is symmetrically encrypted, and the key for symmetric encryption is asymmetrically encrypted. An attacker cannot open the encrypted information through brute force cracking in a short time, so that the medical data has good resistance to the traditional security attack.
(3) Data storage with intercepted signatures: after receiving the medical data and encrypted key from the data creator, the data owner (patient) uses its own private key SKpatEncryption key K for decrypting medical datadocThen, the original medical data M is decryptediSecond, verify the global signature deltaFullIf the data is correct, the data owner generates a revised signature (an intercepted signature) and stores the intercepted signature and the ciphertext of the original data into the cloud, and the steps are as follows:
(3a) decrypting each subdata M of the data M by the data owneriThen, the hash value h of each subdata is calculatedi=H(MiII | T | i) of CEAS, wherein 1 ≦ i ≦ 7.
(3b) From global signatures δFullEach subdata M is obtainediIs a signature deltaiAnd verify Whether or not the above-mentioned conditions are satisfied,
namely, it isIf signature deltaFullIf the verification is passed, the following steps are executed, otherwise, failure is returned. The data owner can verify the identity of the sender of the received medical data and verify whether the obtained medical data is modified through a digital signature technology, and the technology can guarantee the authenticity and validity of the electronic medical data.
(3c) The patient follows the interception rules CEAS prescribed by the doctor and his privacy protection will, such as: the patient wants to protect his name and address, which in turn satisfies the interception rules CEAS, so he can hide this part of the data. The signature of the corresponding subdata is intercepted, so that the patient can conveniently protect the sensitive data of the patient, and the effective signature can be obtained without multiple interactions. The introduction of the signature can be intercepted, reducing the transmission of patient sensitive data from the outset.
(3d) The data owner encrypts and stores the intercepted medical data and the corresponding intercepted signature into cloud storage, and the original medical data are encrypted and stored in the cloud storage under the link, so that a foundation is laid for sharing the medical data. In this way, the problem of limited blockchain storage capacity is solved, meanwhile, the disclosure of original medical data in the blockchain is greatly reduced, the data is stored safely, and the safety of data storage is ensured due to the distributed characteristic of cloud storage.
(4) Data publishing with improved DPOS consensus mechanism: after the medical data is stored in the cloud by the patient, in order to really realize the sharing of the medical data safely and reliably, the patient needs to store the quote of the medical data, namely metadata, a hash value and a signature in a federation block chain, and set the access right by using an intelligent contract. All information in the federation chain is public and non-tampered, and each data block is stamped with a time stamp and arranged according to a certain time sequence. The distributed consensus mechanism enables trust to be built on the basis of cryptographic algorithms without relying on a trusted third party. Once written into the federation blockchain, data cannot be tampered with because each chunk holds the hash of its previous chunk, which is almost impossible if at least over 51% of the network effort is required to modify the data of a chunk. The hash of the original data of the medical record is saved in the medical chain of the invention, and any change of the original data can cause the change of the hash value, so that the non-tamper property of the medical record is directly ensured. The steps of data publishing in the model are as follows:
(4a) the data owner adopts the unique ID after registering on the block chain of the alliancepat(independent of privacy of individual identity) logs on to the federation blockchain.
(4b) The data owner has the sub-data number i e CI (M'), and the patient uses the private key SK of the patientpatFor MetadataiHash value of the original data hiDigitally signing with the timestamp t to obtainWherein the addition of the time stamp is well resistant to replay attacks.
(4c) The data owner requests that a reference to the medical data be stored in the blockchain, issues a request Req:
the block chain is a safe and reliable distributed database, and the risk of data leakage caused by the fact that a centralized mechanism is easily attacked is avoided. And each node on the block chain stores the same data, so that the single-point attack does not influence the whole system, and the decentralized storage system has good expandability and reliability.
(4d) The present invention is based on the alliance blockchain infrastructure, and the consensus process is controlled by part of the preselected nodes, not all nodes of the whole network, thereby greatly reducing the network overhead. The consensus mechanism of the blockchain solves the trust problem in the peer-to-peer network, so that data transmission and even transaction can be anonymous, and only the blockchain address of the user needs to be known. The invention adopts an improved DPOS consensus mechanism to carry out block consensus, and the selected medical institution has influence and authority on ranking, thereby ensuring the reliability of data sharing
(5) Data sharing based on smart contracts: along with the social progress, people pay more and more attention to their health, and besides the progress of medical technology, the improvement of the medical level of the society is also the sharing of medical data which cannot be ignored. The medical data is the record of pathological conditions, treatment conditions and treatment history of the patient, and has important reference value for further treatment of the patient, medical research of the pathological conditions by scientific research institutions and treatment of other patients with the same pathological conditions or similar pathological conditions, so that the importance of data sharing is self-evident. A data user needs to acquire medical data of a patient, submits an access application to a blockchain, provides information such as a public key, an access object and an access purpose of the data user, authenticates access authority of the blockchain based on CP-ABE access control, and utilizes a data access link urliThe EMRs of the electronic medical record data can be obtained, and the integrity and the validity of the original data are verified through the hash value and the signature, and the process comprises the following steps:
(5a) the block chain access authority is authenticated, the data sharing authority is completely predefined in an intelligent contract by a data owner, only authorized users or organizations can access the data, and each access transaction is recorded. Due to the existence of the time stamp, the behavior of violating the rules or maliciously using the data can be traced, and the user has the right to revoke the access right and accept the audit.
(5b) Medical data sharing in cloud storage, the identity of the data user may be the doctor or nurse responsible for the treatment of the data creator, a scientific research institution for medical research, and a patient with the same or similar pathology in order to assist in their treatment.
(5c) The data user needs to verify the signatureδExtTo ensure the required raw medical data MiIf the intercepted signature passes verification, the original medical data M is indicated to be not tampered, the user can carry out access operation to obtain shared data, and if the intercepted signature fails verification, the original medical data M is indicated to be not tamperediThe validity and integrity of the data are destroyed, and the data user informs the cloud storage manager of the message for processing.
The medical data is sent and stored, the reference of the medical data is stored in the alliance block chain and other processes, and the symmetric encryption technology and the asymmetric encryption technology are utilized, so that the traditional security attack resistance is good. During data transmission, the communication node uses a digital signature technology to resist the attack of an attacker pretending to be a legal entity or forging false information. Because the accounting process of the block chain of the alliance adopts a series of data encryption, signature and integrity verification, the medical record data stored in a distributed mode cannot be tampered randomly. These techniques can ensure the authenticity and validity of electronic medical data. In addition, the implementation of the intelligent contract effectively guarantees the access ownership of the data owner to the medical data of the data owner. In a word, the safe storage and sharing model of the electronic medical record based on the block chain can effectively ensure the safe storage and sharing of the data medical treatment.
Example 5
The overall structure of the model for safe storage and sharing of the electronic medical record based on the block chain is the same as that of the embodiment 1-4, in the step (3c), the patient intercepts the signature of the corresponding subdata according to the CEAS specified by the doctor and the will of the patient, and the process is carried out according to the following steps:
(3c1) the interception subset CI (M') is constructed according to the CEAS specified by the physician.
(3c2) Generating an intercepted sub data set M '{ M ═ according to the intercepted subset CI (M')i|i∈CI(M′)}。
(3c3) For each i ∈ CI (M'), from δFullTo take out deltai。
(3c4) Generating a truncated signature deltaExt=(CEAS‖CI(M′)‖T‖δ1‖δ2‖…‖δf) Wherein δiAnd (i ═ 1,2, …, f) is the signature of the corresponding child data in CI (M').
The patient intercepts the signature of the corresponding subdata according to the intercepting rule CEAS specified by the doctor and the intention of the patient, and the protection of the sensitive data of the patient on the patient is realized to the maximum extent on the premise of meeting the intercepting rule CEAS.
Example 6
The overall structure of the model for safe storage and sharing of electronic medical records based on the block chain is the same as that of the embodiment 1-5, an improved DPOS consensus mechanism is adopted in the step (4d) for block consensus, and the original DPOS adopting the share authorization certification mechanism is improved into the DPOS consensus mechanism aiming at the medical field. The method comprises the following specific steps:
(4d1) when the value represents the node RPN, each transaction is verified, and all the collected effective data in the period is integrated into a data set (denoted as M)setAnd (Req | t }), attaching the digital signature of the node and the hash value of the new data block to form a new data block, and broadcasting the newly generated data block Records to other auditing nodes ATNs to be verified, wherein the process is specifically expressed as follows:
(4d2) after each ATN receives the data block, the validity and the correctness of the data block are verified through information such as a block hash value, a digital signature and the like sent by the RPN, an audit Result (Result) of the ATN is attached to a digital signature of the ATN, and the audit Result (Result) is encrypted by a public key of the RPN and then sent to a current value representative node as a Reply (Reply), wherein the process is specifically expressed as follows:
(4d3) the RPN checks the audit replies of all ATNs, if the number of tickets passing the audit exceeds 51%, the block is considered to be successfully generated, the RPN integrates the data block together with the public key set of the ATNs of the audit node and the corresponding digital signature and sends the integrated data block to all nodes, all the nodes update data, and then the data block is stored in a alliance chain in time sequence, the value represents that the nodes and the nodes participating in the audit all obtain the reward of credit points, and the process is specifically expressed as follows:
the invention adopts an improved DPOS consensus mechanism to carry out block consensus, and improves the original DPOS adopting a share authorization certification mechanism into a DPOS consensus mechanism aiming at the medical field. The medical institutions selected by the invention have influence and authority in ranking, and the reliability of data sharing is ensured.
Example 7
The overall structure of the model for safe storage and sharing of electronic medical records based on the blockchain is the same as that in embodiments 1 to 6, and the access authority authentication of the blockchain in the step (5a) specifically comprises the following steps:
(5a1) a node N initiates a medical data sharing request transaction Req to a block chain, wherein the request contains a public key PK of the node NNObject account IDpatData access destination obj, access content MiAnd the time t, when the node N identity is checked by the value node, the transaction information is recorded into the block chain after the verification is passed, and the process is specifically expressed as follows:
N→RPN:Req=(PKN||IDpat‖obj‖Mi‖t),
note that: here MiM representing node N requesting access to patient onlyiData, if part of the data is accessed, is represented as (M)i1,2, …), denoted by M if a node wants to access all the data for that patient.
(5a2) Executing an intelligent contract: the intelligent contract is automatically executed, whether preset access conditions of patients are met is judged according to the identity information of the node N, and if the preset access conditions are met, the patient ID for the intelligent contract is triggeredpatThe provided private key decrypts the metadata and returns it to the secret that encrypted the metadata using the public key of node NText information:
(5a3) extracting data storage positions: after receiving the ciphertext information, the node N decrypts the ciphertext information by using the private key thereof to obtain the MetadataiAnd extracting the storage location urls thereiniAnd cloud removing, storing and searching the required original data.
According to the block chain access authority authentication method, the block chain access authority authentication, namely the data sharing authority, is predefined in an intelligent contract by a data owner, and only a user or an organization (a doctor, a nurse, a patient or a medical organization) authorized by the data owner can access data, so that the protection of the data owner on the medical privacy of the owner and the control of the data access authority are effectively guaranteed.
Example 8
The overall structure of the block chain-based electronic medical record secure storage and sharing model is the same as that in embodiments 1 to 7, and the specific implementation steps of the process of encrypting and storing the medical data and the corresponding intercepted signature to the cloud storage by the data owner in the step (3d) are as follows:
(3d1) user randomly generating document key Kpat。
(3d2) Running a symmetric encryption algorithm E, and using a secret key K for the subdata number i epsilon CI (MpatEncryption (M)i‖hiII) t), wherein t is a time stamp, and the sub-data ciphertext is obtained
(3d3) Running symmetric encryption algorithm E, K is encrypted using master key UMKpatObtain a key ciphertext EUMK(Kpat)。
(3d4) Cipher text of dataThe signature delta can be interceptedExtAnd key ciphertext EUMK(Kpat) By medical data categoryUploading the data to cloud storage, and returning the data to a storage position urls and a time stamp t corresponding to the patient, wherein the two form Metadatai(t | urls), that is, the data uploaded by the user to the cloud storage is:
the invention uses the symmetric encryption algorithm and the asymmetric encryption algorithm, and can effectively ensure that the medical data is safely protected in the storage process.
Example 9
The overall structure of the model for safe storage and sharing of the electronic medical record based on the blockchain is the same as that of the embodiment 1-8, and the specific steps of sharing the medical data in the cloud storage in the step (5b) are as follows:
(5b2) The data consumer runs symmetric algorithm E, decrypts E using master key UMKUMK(Kpat) To solve the encryption key Kpat。
(5b3) The data consumer runs a symmetric algorithm E, using a secret key KpatDecryptionObtaining raw medical data (M)i‖hiT) and truncated signature δExt。
The invention uses the symmetric encryption algorithm, and can effectively ensure that the medical data is safely protected in the reading process.
Example 10
The overall structure of the model for safe storage and sharing of electronic medical record based on block chain is the same as that of the embodiment 1-9, and the signature delta for verifying the data user in the step (5c)ExtTo ensure the required raw medical data MiThe specific steps of effectiveness and completeness are as follows:
(5c1) The verifier verifies firstIf yes, executing the following steps, otherwise, returning failure, and indicating the medical data MiThe effectiveness and integrity of the system is compromised.
(5c2) For each medical subdata sequence number i belongs to CI (M'), h is calculatedi=H(MiIiiiiiiii) of CEAS by verifyingIf true, to verify the truncated signature deltaExtThe correctness of the operation.
The invention uses the digital signature, and can effectively verify the validity and the integrity of the read medical data.
Embodiments and effects of the present invention will be further described below with reference to the accompanying drawings.
Example 11
The overall construction of the model for secure storage and sharing of electronic medical records based on blockchains is the same as in examples 1-10,
referring to fig. 1, the implementation steps of the invention are as follows:
step 1, system initialization: the certificate authority CA is responsible for issuing certificates for each new user, including an account ID, a public and private key pair (PK, SK). When a patient is seen in a hospital or examined in a medical institution such as a hospital, a doctor generates medical data such as an electronic medical record and an examination report containing personal information of the patient for the patient, classifies the medical data according to the medical data, and refines the medical data into M ═ name, gender, age, identification number, medical history, physical examination or laboratory sheet and medical prescription }, wherein the medical data are divided into 7 types, namely n is 7 and M is { M ═ 7 in the example1,m2,m3,m4,m5,m6,m7}。
The invention adopts the existing signature algorithm capable of intercepting to design the signature, and a data creator executes the following operations: key generation algorithm GK: let p be one such that in a multiplication loop groupZpThe prime numbers that are difficult to handle by the discrete logarithm problem,is a primitive element. Randomly selecting integersCalculating v ═ ga(mod p), the public key PK of the signerdocPrivate key SK { p, g, v }, anddoc=a。
step 2, data acquisition: the data creator performs the revisable signature after dividing the data M into 7 segments.
Referring to fig. 2, the data acquisition is specifically implemented as follows:
(2b) For each subdata M of the original data MiCalculating a hash value hi=H(Mi‖CEAS‖T‖i),1≤i≤7。
(2c) Calculate the subdata MiSignature of δi=(hi-ar)k-1mod(p-1),1≤i≤7。
(2d) Global signature delta of output data MFull=(CEAS‖T‖δ1‖δ2‖…‖δ7)。
And 3, data storage: and the data owner generates a revised signature and stores the revised signature and the original data ciphertext into the cloud. After receiving the medical data sent by the doctor, the patient uses the private key SKpatEncryption key K for decrypting medical datadocThen, the original medical data M is decryptediFirst, the global signature δ is verifiedFullThe correctness of (2):
referring to fig. 3, the specific implementation steps of the signature verification of the received data are as follows:
(3a) for each sub-data M of the data MiCalculate hi=H(MiII | T | i) of CEAS, wherein 1 ≦ i ≦ 7.
(3b) From global signatures δFullTo obtain deltaiAnd verifyWhether or not the above-mentioned conditions are satisfied,
If signature deltaFullIf the verification is passed, the following steps are executed, otherwise, failure is returned.
(3c) The patient intercepts the signature of the corresponding subdata according to CEAS specified by the doctor and the will of the patient.
Referring to fig. 4, the specific implementation steps of the data interception signature process are as follows:
(3c1) the interception subset CI (M') is constructed according to the CEAS specified by the physician.
(3c2) Generating an intercepted sub data set M '{ M ═ according to the intercepted subset CI (M')i|i∈CI(M′)}。
(3c3) For each i ∈ CI (M'), from δFullTo take out deltai。
(3c4) Generating a truncated signature deltaExt=(CEAS‖CI(M′)‖T‖δ1‖δ2‖…‖δf) Wherein δiAnd (i ═ 1,2, …, f) is the signature of the corresponding child data in CI (M').
(3d) And the data owner encrypts and stores the intercepted medical data and the corresponding intercepted signature into a cloud storage, respectively stores the medical data and the corresponding intercepted signature into corresponding folders according to categories, and adopts a basic ciphertext access control scheme (BCAC).
Referring to fig. 5, the specific implementation steps of data storage are as follows:
(3d1) user randomly generating document key Kpat。
(3d2) Running a symmetric encryption algorithm E, and using a secret key K for the subdata number i epsilon CI (MpatEncryption (M)i‖hiIit), where t is the time stamp, resulting in the ciphertext
(3d3) Running symmetric encryption algorithm E, K is encrypted using master key UMKpatObtain the ciphertext EUMK(Kpat)。
(3d4) Will be provided withδExt,EUMK(Kpat) Sequentially uploading the medical data to cloud storage according to the medical data category, returning the medical data to a corresponding storage position urls and a time stamp t of a patient, and forming Metadatai═ t (urls |). Namely, the data uploaded to the cloud storage by the user is as follows:
and 4, data release: after the intercepted medical data is stored in the cloud storage by the patient, in order to realize the sharing of the medical data, the patient only needs to store the metadata, the hash value and the signature into the union block chain, and set the access right by using the intelligent contract.
(4a) The patient adopts a unique IDpat(independent of privacy of personal identity) is registered and logged on the blockchain.
(4b) For the subdata number i e CI (M'), the patient uses his own private key SKpatFor MetadataiHash value of the original data hiAnd performing common digital signature with the timestamp t to obtain
(4c) The medical record is requested to be stored in the blockchain. Issuing a request:
(4d) the present invention adopts an improved DPOS consensus mechanism to carry out block consensus, and the specific steps are as follows:
(4d1) when the value represents the node RPN, each transaction is verified, and all the collected effective data in the period is integrated into a data set (denoted as M)setAnd { Req | t }), the new data block is formed by attaching the digital signature of the new data block and the hash value of the new data block, and the newly generated data block is broadcasted to other auditing nodes ATNs to be verified. The above process is specifically described as follows:
(4d2) after each ATN receives the data block, the validity and the correctness of the data block are verified through information such as the block hash value, the digital signature and the like sent by the RPN, the audit Result (Result) of the ATN is attached to the digital signature of the ATN, and the audit Result (Result) is encrypted by the public key of the RPN and then is sent to the current value representative node as a Reply (Reply). The above process is specifically described as follows:
(4d3) and the RPN checks the audit replies of all ATNs, and if the number of tickets passing the audit exceeds 51%, the block generation is considered to be successful. And the RPN integrates the data block with the public key set of the ATNs of the audit node and the corresponding digital signature and sends the integrated data block to all nodes, and all nodes update data. Thereafter, the data blocks will be stored in the federation chain in chronological order, with the value representing the reward that both the node and the node participating in the audit will receive credit. The above process is specifically described as follows:
step 5, data sharing: the data user submits an access application to the blockchain, and the public key, the access object, the access destination and other information of the data user are provided. Utilizing urls based on CP-ABE access controliThe EMRs are obtained and passedThe hash value and signature verify the integrity and validity of the original data. The process comprises the following steps:
(5a) blockchain access rights authentication (CP-ABE access control):
(5a1) a node N initiates a medical data sharing request transaction Req to a block chain, wherein the request contains a public key PK of the node NNAccess object account IDpatData access destination obj, access content MiAnd the time t, when the node N identity is checked by the value node, the transaction information is recorded into the block chain after the verification is passed. The above process is specifically described as follows:
N→RPN:Req=(PKN||IDpat||Metadatai||Mi||t)
note that: here MiM representing node N requesting access to patient onlyiData; if part of the data is accessed, the data is expressed as (M)i1,2, …); if the node wants to access all the data of the patient, it is denoted by M.
(5a2) Executing an intelligent contract: the intelligent contract is automatically executed, whether preset access conditions of patients are met is judged according to the identity information of the node N, and if the preset access conditions are met, the patient ID for the intelligent contract is triggeredpatThe provided private key decrypts the metadata and returns to the ciphertext information that encrypted the metadata using the public key of node N:
(5a3) extracting data storage positions: after receiving the ciphertext information, the node N decrypts the ciphertext information by using the private key thereof to obtain MetadataiAnd extracting the storage location urls thereiniAnd cloud removing, storing and searching the required original data.
(5b) Medical data sharing in cloud storage:
(5b2) Running symmetric algorithm E, decrypting E using master key UMKUMK(Kpat) To solve the encryption key Kpat。
(5b3) Running symmetric algorithm E, using secret key KpatDecryptionObtaining raw medical data (M)i‖hiT) and truncated signature δExt。
(5c) Data user verification signature deltaExtTo ensure the required raw medical data MiEffectiveness and integrity of (c):
(5c1) the verifier verifies firstAnd if so, executing the following steps, otherwise, returning to failure.
(5c2) For each i ∈ CI (M'), calculate hi=H(MiIiiiiiiii) of CEAS by verifying If true, to verify the truncated signature deltaExtThe correctness of the operation.
If the intercepted signature is verified, indicating that the original medical data has not been tampered with, the user may perform his specific access operation. If the verification fails, the user may notify the cloud storage manager of the message for processing.
In summary, the model and the method for safely storing and sharing the electronic medical record based on the blockchain disclosed by the invention mainly solve the problems that the patient can control the access authority of the personal medical data and the sensitive medical data can not be safely stored and shared at the present stage. The model comprises a data creator, a data owner, cloud storage, a block chain of alliances and a data user, wherein the block chain is a control center. The scheme comprises the following steps: 1) initializing a system: the CA authority is responsible for issuing certificates for each new user, including account ID, public and private key pair (PK, SK); 2) data acquisition: the data creator divides the data M into n segments, then executes the revisable signature and sends the signature and the original EMRs to the data owner; 3) data storage: the data owner generates a revised signature and stores the revised signature and the original data ciphertext into the cloud; 4) data release: the data owner uploads information such as index ciphertext, a hash value, a signature and the like to obtain an effective block after the linkage block chain is approved; 5) data sharing: the data user submits an access application to the blockchain, and the public key, the access object, the access destination and other information of the data user are provided. And after the verification is passed, based on block chain access authority authentication, obtaining an access link of the medical data and reading the medical data at the cloud end. And verifies the integrity and validity of the original data by the hash value and the signature. The invention meets basic security requirements, reliability, privacy protection and secure storage capability, combines the cloud storage technology and the interceptable signature, realizes the secure and effective shared access of data by setting the sharing conditions through the intelligent contract by the user in the block chain of the alliance, and has strong practicability.
Claims (7)
1. A safe storage and sharing method of electronic medical records based on a block chain is characterized by comprising the following steps:
(1) initialization: a certificate authority CA in the federation blockchain is responsible for issuing a certificate for each new user, the certificate comprising an account ID, a public-private key pair (PK, SK); the medical data of the electronic medical record and the examination report of the personal information of the patient are classified according to the medical data, and the detailed medical data are M ═ M { name, gender, age, identification number, medical history, physical examination or laboratory sheet and medical prescription }, and are recorded as M ═ M { (M)1,m2,m3,m4,m5,m6,m7};
(2) Data acquisition: the data creator performs the revisable signature after dividing the data M into n segments and sends the signature and the original EMRs to the data owner:
(2a) partitioning electronic medical data M of a patientIs n segments, namely: m ═ Mi|i=1,2,…,n};
(2c) For each subdata M of the original data MiCalculating a hash value hi=H(MiI is more than or equal to 1 and less than or equal to 7, wherein CEAS is an interception rule capable of intercepting a signature, and T is a CEAS mark;
(2d) calculate the subdata MiSignature of δi=(hi-ar)k-1mod(p-1),1≤i≤7;
(2e) Global signature delta of output data MFull=(CEAS||T||δ1||δ2||…||δ7);
(2f) The data creator combines the raw medical data MiHash value hiGlobal signature deltaFullAfter the CEAS and the mark T are cascaded, the symmetric key of a doctor is used for encryption, and then the encryption key K is used for encryptiondocUsing the public key PK of the patientpatAfter encryption, the data are sent to the patient together, namely:
(3) data storage with intercepted signatures: after receiving the medical data sent by the doctor, the data owner uses the private key SKpatEncryption key K for decrypting medical datadocThen, the original medical data M is decryptediSecond, verify the global signature deltaFullIf the correctness is correct, the data owner generates an intercepted signature and stores the intercepted signature and the ciphertext of the original data into the cloud end, and the steps are as follows:
(3a) for each sub-data M of the data MiCalculate hi=H(MiI | CEAS | | T | | | i), wherein i is more than or equal to 1 and less than or equal to 7;
(3b) from global signatures δFullTo obtain deltaiAnd verifyWhether or not the above-mentioned conditions are satisfied,
namely, it isIf signature deltaFullIf the verification is passed, executing the following steps, otherwise, returning to failure;
(3c) intercepting the signature of the corresponding subdata by the patient according to CEAS specified by the doctor and the will of the patient;
(3d) the data owner encrypts and stores the intercepted medical data and the corresponding intercepted signature into cloud storage;
(4) data publishing with improved DPOS consensus mechanism: after the patient stores the medical data in the cloud storage, the patient needs to store the metadata, the hash value and the signature in a federation blockchain, and sets access authority by using an intelligent contract, wherein the steps are as follows:
(4a) the patient adopts a unique IDpatRegistering and logging on a blockchain;
(4b) for the subdata number i e CI (M'), the patient uses his own private key SKpatFor MetadataiHash value of the original data hiAnd performing common digital signature with the timestamp t to obtain
(4c) Requesting to store the medical record in the blockchain, issuing a request:
(4d) the current value in the block chain network represents that the node receives the transaction request and is responsible for generating an effective block, and block consensus is carried out by using an improved DPOS (distributed DPOS consensus) mechanism;
(5) data sharing based on smart contracts: the data consumer submits an access request to the blockchainProviding its own public key, accessing object, accessing destination information, based on CP-ABE access control, using urlsiThe EMRs can be obtained, and the integrity and validity of the original data are verified through the hash value and the signature, and the process comprises the following steps:
(5a) CP-ABE access control;
(5b) medical data sharing in cloud storage;
(5c) data user verification signature deltaExtTo ensure the required raw medical data MiEffectiveness and integrity of;
if the intercepted signature passes verification, the fact that the original medical data are not tampered is indicated, the user can conduct access operation to obtain shared data, and if the verification does not pass, the user informs a cloud storage manager of the message to conduct processing.
2. The method for safe storage and sharing of blockchain-based electronic medical records according to claim 1, wherein in the step (3c), the patient intercepts the signature of the corresponding subdata according to the CEAS specified by the doctor and his/her will, and the steps are performed as follows:
(3c1) constructing a interception subset CI (M') according to the CEAS specified by the doctor;
(3c2) generating an intercepted sub data set M '{ M ═ according to the intercepted subset CI (M')i|i∈CI(M′)};
(3c3) For each i ∈ CI (M'), from δFullTo take out deltai;
(3c4) Generating a truncated signature deltaExt=(CEAS||CI(M′)||T||δ1||δ2||…||δf) Wherein δiAnd (i ═ 1,2, …, f) is the signature of the corresponding child data in CI (M').
3. The method for safe storage and sharing of block chain-based electronic medical records according to claim 1, wherein the block consensus is performed by using a modified DPOS consensus mechanism in the step (4d), and the specific steps are as follows:
(4d1) when the value represents the node RPN, each transaction is verified, and all the collected effective numbers in the period of time are countedAccording to which it is integrated into a data set, denoted MsetAnd (2) attaching a digital signature of the node and a hash value of the new data block to form a new data block, and broadcasting the newly generated data block to other auditing nodes ATNs to be verified, wherein the process is specifically expressed as follows:
(4d2) after each ATN receives the data block, the validity and the correctness of the data block are verified through the block hash value and the digital signature information sent by the RPN, the auditing result of the data block is attached with the digital signature of the ATN, the data block is encrypted by the public key of the RPN and then is sent to the current value representing node as a return, and the process is specifically expressed as follows:
(4d3) the RPN checks the audit replies of all ATNs, if the number of tickets passing the audit exceeds 51%, the block is considered to be successfully generated, the RPN integrates the data block together with the public key set of the ATNs of the audit node and the corresponding digital signature and sends the integrated data block to all nodes, all the nodes update data, and then the data block is stored in a alliance chain in time sequence, the value represents that the nodes and the nodes participating in the audit all obtain the reward of credit points, and the process is specifically expressed as follows:
4. the method for secure storage and sharing of blockchain-based electronic medical records according to claim 1, wherein the specific steps of the block chain access right authentication in step (5a) are as follows:
(5a1) sharing access request: node N initiates a medical data sharing request to the blockchainTransaction Req, the request including its own public key PKNObject account IDpatData access destination obj, access content MiAnd time t information, when the node N identity is checked by the value node, the transaction information is recorded into the block chain after the verification is passed, and the process is specifically expressed as follows:
N→RPN:Req=(PKN||IDpat||obj||Mi||t),
note that: here MiM representing node N requesting access to patient onlyiData i 1,2, …, and if partial data is accessed, M is denotediIf the node wants to access all the data of the patient, the node is represented by M;
(5a2) executing an intelligent contract: the intelligent contract is automatically executed, whether preset access conditions of patients are met is judged according to the identity information of the node N, and if the preset access conditions are met, the patient ID for the intelligent contract is triggeredpatThe provided private key decrypts the metadata and returns to the ciphertext information that encrypted the metadata using the public key of node N:
(5a3) reading a data storage location: after receiving the ciphertext information, the node N decrypts the ciphertext information by using the private key thereof to obtain the MetadataiAnd extracting the storage location urls thereiniAnd cloud removing, storing and searching the required original data.
5. A safe storage and sharing system of block chain-based electronic medical record, which is realized according to any one of the safe storage and sharing methods of block chain-based electronic medical record of claims 1-4, and is characterized by comprising a data creator, a data owner, cloud storage, a block chain of alliances and a data user, wherein the data creator firstly sends the electronic medical record of a patient to the data owner; the data owner intercepts data according to an intercepting rule, encrypts the data and stores the encrypted data in the cloud; the data owner distributes the citation of the medical data stored in the cloud in the alliance block chain, and sets access authority by using an intelligent contract; after the data user obtains the access application of the alliance block chain, the data user obtains the data to be accessed after decrypting the data in the cloud storage;
the data creator is a medical institution or doctor, the data owner is a patient, and the data user is a doctor or medical institution or institute or other person desiring to obtain the data.
6. The blockchain-based electronic medical records secure storage and sharing system according to claim 5, wherein the federation blockchain is a control center of the entire model, wherein the certificate authority CA is responsible for issuing a certificate for each new user, the new user being either a data creator or a data owner, the certificate including an account ID, a public-private key pair (PK, SK), the data owner registering and logging on the federation blockchain with its own unique identity account; only references to data in cloud storage are reserved due to the limited storage capacity of the block chain of the federation; adopting an improved DPOS (distributed data processing system) consensus mechanism to perform block consensus, wherein a current value in an alliance block chain represents a node to receive a transaction request and is responsible for generating an effective block; setting access authority by using an intelligent contract; based on CP-ABE access control, data consumers want to utilize urlsiWhen EMRs are obtained, an access application is required to be submitted to a block chain of the alliance, the access application comprises a public key of the access application, an access object and target information, and the integrity and the validity of original data are verified through a hash value and a signature.
7. The blockchain-based electronic medical record secure storage and sharing system according to claim 5, wherein all references to medical record data on a federation blockchain will contain different timestamps and encryption keys.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811034508.8A CN109326337B (en) | 2018-09-06 | 2018-09-06 | Model and method for storing and sharing electronic medical record based on block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811034508.8A CN109326337B (en) | 2018-09-06 | 2018-09-06 | Model and method for storing and sharing electronic medical record based on block chain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109326337A CN109326337A (en) | 2019-02-12 |
CN109326337B true CN109326337B (en) | 2021-09-03 |
Family
ID=65264739
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811034508.8A Active CN109326337B (en) | 2018-09-06 | 2018-09-06 | Model and method for storing and sharing electronic medical record based on block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109326337B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20230090453A1 (en) * | 2020-10-30 | 2023-03-23 | KnowBe4, Inc. | Systems and methods for determination of level of security to apply to a group before display of user data |
Families Citing this family (122)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20210375409A1 (en) * | 2018-10-19 | 2021-12-02 | Longenesis Ltd. | Systems and methods for blockchain-based health data validation and access management |
CN110022216B (en) * | 2019-02-18 | 2022-02-01 | 西安链融科技有限公司 | Efficient asynchronous Byzantine consensus method with low communication complexity and network communication platform |
CN110010213A (en) * | 2019-02-18 | 2019-07-12 | 深圳壹账通智能科技有限公司 | Electronic health record storage method, system, device, equipment and readable storage medium storing program for executing |
CN109743406A (en) * | 2019-02-26 | 2019-05-10 | 北京工业大学 | A kind of Internet of Things trust data service model based on block chain |
CN109768987B (en) * | 2019-02-26 | 2022-01-28 | 重庆邮电大学 | Block chain-based data file safe and private storage and sharing method |
CN109768867A (en) * | 2019-03-08 | 2019-05-17 | 上海一健事信息科技有限公司 | A method of the data access control based on block chain technology |
CN109934012A (en) * | 2019-03-20 | 2019-06-25 | 福建师范大学 | Medical records secure storage access method based on block chain network |
CN110049016B (en) * | 2019-03-21 | 2022-02-18 | 深圳壹账通智能科技有限公司 | Data query method, device, system, equipment and storage medium of block chain |
EP3610383B1 (en) | 2019-03-21 | 2021-07-07 | Advanced New Technologies Co., Ltd. | Data isolation in blockchain networks |
CN109948367B (en) * | 2019-03-27 | 2022-12-06 | 南京星链高科技发展有限公司 | Medical data authorization method based on block chain technology |
CN110071966B (en) * | 2019-03-29 | 2022-01-04 | 广州中国科学院软件应用技术研究所 | Block chain networking and data processing method based on cloud platform |
SG11201908982QA (en) | 2019-03-29 | 2019-10-30 | Alibaba Group Holding Ltd | Managing sensitive data elements in a blockchain network |
CN110148475B (en) * | 2019-04-03 | 2023-10-27 | 平安科技(深圳)有限公司 | Medical information sharing method and device, readable storage medium and server |
CN110059280A (en) * | 2019-04-04 | 2019-07-26 | 中山大学 | A kind of information issuing method based on block chain |
WO2020206695A1 (en) * | 2019-04-12 | 2020-10-15 | Hangzhou Nuowei Information Technology Co., Ltd. | System for decentralized ownership and secure sharing of personalized health data |
CN110083604B (en) * | 2019-04-17 | 2021-10-08 | 上海脆皮网络科技有限公司 | Data right confirming method and device |
CN111508575A (en) * | 2019-04-19 | 2020-08-07 | 中国医学科学院阜外医院 | Medical system integrating big data |
CN110084071A (en) * | 2019-04-24 | 2019-08-02 | 苏州国利岳康软件科技有限公司 | Physical examination secure storage method of data based on block chain |
CN110097935A (en) * | 2019-04-24 | 2019-08-06 | 杭州宇链科技有限公司 | A kind of medical rescue platform based on block chain |
CN110233828B (en) * | 2019-05-14 | 2022-01-04 | 深圳市科迈爱康科技有限公司 | Mobile office method and device based on block chain |
SG11202002166PA (en) * | 2019-05-21 | 2020-04-29 | Alibaba Group Holding Ltd | Methods and devices for storing and processing electronic medical record on blockchain |
CN110166476B (en) * | 2019-05-30 | 2021-09-17 | 中国联合网络通信集团有限公司 | Anti-brute force cracking method and device |
CN110222518B (en) * | 2019-05-30 | 2021-09-17 | 北京工业大学 | Trusted authority access control method based on block chain |
CN110299195B (en) * | 2019-06-11 | 2023-05-30 | 中国矿业大学 | Electronic medical record sharing system with privacy protection based on alliance chain and application method |
CN110197084B (en) * | 2019-06-12 | 2021-07-30 | 上海联息生物科技有限公司 | Medical data joint learning system and method based on trusted computing and privacy protection |
CN110400642A (en) * | 2019-06-12 | 2019-11-01 | 梁胤豪 | A kind of medical data shared system and design method based on block chain technology |
CN110321721B (en) * | 2019-07-02 | 2021-03-30 | 石家庄铁道大学 | Block chain-based electronic medical record access control method |
CN110489430B (en) * | 2019-07-03 | 2020-07-17 | 特斯联(北京)科技有限公司 | Tracing method and system based on data block signature and verification |
CN110417750B (en) * | 2019-07-09 | 2020-07-03 | 北京健网未来科技有限公司 | Block chain technology-based file reading and storing method, terminal device and storage medium |
CN110445840B (en) * | 2019-07-09 | 2020-07-03 | 北京健网未来科技有限公司 | File storage and reading method based on block chain technology |
CN111863168A (en) * | 2019-07-11 | 2020-10-30 | 中国医学科学院阜外医院 | Hardware system with exchange protocol |
CN111835762A (en) * | 2019-07-11 | 2020-10-27 | 中国医学科学院阜外医院 | Hardware system based on asymmetric key algorithm |
CN110322940B (en) * | 2019-07-15 | 2023-06-27 | 山东浪潮智慧医疗科技有限公司 | Access authorization method and system for medical data sharing |
CN110414203B (en) * | 2019-07-26 | 2022-06-17 | 郑州大学 | Internet medical identity authentication method based on block chain technology |
CN110457958A (en) * | 2019-08-22 | 2019-11-15 | 重庆华医康道科技有限公司 | A kind of sharing method and its system of doctors and patients' Dynamic data exchange management based on block chain |
US11126752B2 (en) * | 2019-09-04 | 2021-09-21 | Fresenius Medical Care Holdings, Inc. | Authentication of medical device computing systems by using metadata signature |
CN110602089B (en) * | 2019-09-11 | 2021-08-10 | 腾讯科技(深圳)有限公司 | Block chain-based medical data storage method, device, equipment and storage medium |
CN110600096B (en) * | 2019-09-16 | 2023-06-30 | 上海保险交易所股份有限公司 | Medical data management method and system and computer storage medium |
CN111049902B (en) * | 2019-09-16 | 2021-08-13 | 腾讯科技(深圳)有限公司 | Data storage method, device, storage medium and equipment based on block chain network |
CN110598435B (en) * | 2019-09-17 | 2021-11-19 | 上海保险交易所股份有限公司 | Method, apparatus and readable medium for managing insurance agent history through blockchain |
CN110808958A (en) * | 2019-10-07 | 2020-02-18 | 复旦大学 | Medicine separation management system based on CP-ABE and block chain |
CN110797099B (en) * | 2019-10-28 | 2022-06-17 | 河北北方学院 | Medical data sharing method and system based on block chain |
CN110727737B (en) * | 2019-10-29 | 2022-10-18 | 南京邮电大学 | Intelligent medical data storage method based on multilevel block chain system architecture |
CN110781153B (en) * | 2019-10-30 | 2020-08-04 | 中道新职坊科技发展有限公司 | Cross-application information sharing method and system based on block chain |
EP4070519A1 (en) * | 2019-12-03 | 2022-10-12 | Sony Group Corporation | Method, computer program and data sharing system for sharing user-specific data of a user |
CN111047295B (en) * | 2019-12-13 | 2023-04-07 | 红云红河烟草(集团)有限责任公司 | Data acquisition method for cigarette shred manufacturing process |
CN110995751B (en) * | 2019-12-18 | 2022-02-22 | 北京择天众康科技有限公司 | Big data intelligent medical treatment and old age care service method and system based on block chain |
CN111062721B (en) * | 2019-12-31 | 2023-12-12 | 南京金宁汇科技有限公司 | Signature method, system and storage medium applied to blockchain |
CN113065951A (en) * | 2020-01-02 | 2021-07-02 | 苏州同济区块链研究院有限公司 | Transaction method, system, device, equipment and medium based on block chain |
CN112541034A (en) * | 2020-01-02 | 2021-03-23 | 北京融信数联科技有限公司 | Government affair data sharing method based on alliance chain technology |
CN111311257A (en) * | 2020-01-20 | 2020-06-19 | 福州数据技术研究院有限公司 | Medical data sharing excitation method and system based on block chain |
CN111274273A (en) * | 2020-01-22 | 2020-06-12 | 北京瑞卓喜投科技发展有限公司 | Contract intelligent method and system and storage medium |
CN111352999A (en) * | 2020-03-06 | 2020-06-30 | 九次方大数据信息集团有限公司 | National data circulation and data right confirming method and platform based on block chain |
CN111461710B (en) * | 2020-03-06 | 2023-06-23 | 重庆邮电大学 | Distributed account book access control method based on alliance chain |
CN113536388B (en) * | 2020-04-16 | 2023-02-28 | 中移物联网有限公司 | Data sharing method and system based on block chain |
CN111682934B (en) * | 2020-04-21 | 2023-08-01 | 国网天津市电力公司电力科学研究院 | Method and system for storing, accessing and sharing comprehensive energy metering data |
CN111599423B (en) * | 2020-04-24 | 2023-03-21 | 广东职业技术学院 | Block chain-based electronic medical record access method and system |
CN111526200B (en) * | 2020-04-27 | 2023-05-09 | 远光软件股份有限公司 | Data storage access method and system based on blockchain and cloud platform |
CN111581292B (en) * | 2020-05-18 | 2023-12-15 | 中国工业互联网研究院 | Industrial Internet data asset right-determining and trading method and platform |
CN111832069B (en) * | 2020-06-05 | 2023-08-29 | 广东科学技术职业学院 | Multi-block chain on-chain data storage system and method based on cloud computing |
CN111831743B (en) * | 2020-06-05 | 2023-11-14 | 广东科学技术职业学院 | Block chain data storage system and method based on cloud storage |
CN111884805B (en) * | 2020-06-24 | 2023-08-01 | 易联众信息技术股份有限公司 | Data hosting method and system based on blockchain and distributed identity |
CN111863165B (en) * | 2020-06-28 | 2023-07-14 | 石家庄铁道大学 | Medical information sharing authentication method based on block chain |
CN111901302B (en) * | 2020-06-28 | 2022-02-25 | 石家庄铁道大学 | Medical information attribute encryption access control method based on block chain |
CN111831662B (en) * | 2020-07-24 | 2021-01-12 | 深圳市网通兴技术发展有限公司 | Medical data information processing method and system |
CN111966749B (en) * | 2020-08-04 | 2021-08-17 | 中国科学院上海微系统与信息技术研究所 | Data processing method and device, electronic equipment and storage medium |
CN111967028B (en) * | 2020-08-04 | 2021-05-25 | 中国科学院上海微系统与信息技术研究所 | Data interaction system |
CN111916173B (en) * | 2020-08-07 | 2023-08-25 | 安徽师范大学 | Medical data safety sharing system and method based on IPFS and alliance chain |
CN111916172B (en) * | 2020-08-07 | 2023-08-29 | 安徽师范大学 | Medical data sharing system based on blockchain intelligent contract |
CN112019348B (en) * | 2020-08-26 | 2022-02-11 | 合肥工业大学 | Smart phone cloud positioning method based on block chain privacy protection |
CN112163191A (en) * | 2020-09-15 | 2021-01-01 | 广东工业大学 | Education resource sharing method and system based on national secret block chain |
CN112530531B (en) * | 2020-09-24 | 2023-11-21 | 扬州大学 | Electronic medical record storage and sharing method based on double-block chain |
CN111933292B (en) * | 2020-09-27 | 2021-01-29 | 浙江杜比医疗科技有限公司 | Block chain-based hospital body and medical data interaction method and storage medium |
CN112349368A (en) * | 2020-09-29 | 2021-02-09 | 福建西岸康健管理有限公司 | Electronic health record authorization sharing and management system based on medical block chain |
CN112261112B (en) * | 2020-10-16 | 2023-04-18 | 华人运通(上海)云计算科技有限公司 | Information sharing method, device and system, electronic equipment and storage medium |
CN112181922B (en) * | 2020-10-22 | 2023-10-03 | 中山大学 | Block chain data sharing method, system, device and medium |
CN112380543B (en) * | 2020-10-23 | 2024-03-19 | 重庆大学 | Electronic medical data privacy protection and safe sharing system based on blockchain |
CN112447291B (en) * | 2020-11-23 | 2023-03-28 | 四川大学华西医院 | Block chain-based method for sharing hospital data |
CN112149080B (en) * | 2020-11-24 | 2021-03-12 | 国网江苏省电力有限公司苏州供电分公司 | Authorization information verification system and method |
CN112562811B (en) * | 2020-12-15 | 2023-09-15 | 昆明理工大学 | Block chain-based electronic medical data secure sharing method for thin clients |
CN112565289B (en) * | 2020-12-21 | 2022-06-24 | 北京航空航天大学 | System and method for credible issuing and verifying of medical certificate based on block chain |
WO2022134119A1 (en) * | 2020-12-26 | 2022-06-30 | 西安科锐盛创新科技有限公司 | Blockchain-based electronic medical record sharing method and electronic device |
CN112560070B (en) * | 2020-12-28 | 2024-03-22 | 杭州趣链科技有限公司 | Data sharing method with auditing function |
CN112635010B (en) * | 2020-12-28 | 2023-07-07 | 扬州大学 | Data storage and sharing method under edge computing based on double block chains |
CN112559456B (en) * | 2020-12-28 | 2022-07-05 | 杭州趣链科技有限公司 | Data sharing method with privacy protection auditing and deleting functions |
CN112733164B (en) * | 2021-01-07 | 2023-12-08 | 中南大学 | Case sharing method, system and private key storage medium based on blockchain |
CN112735551B (en) * | 2021-01-15 | 2023-01-31 | 山东科技大学 | Medical record storage sharing model based on H-Algorand consensus mechanism and implementation method thereof |
CN112766965B (en) * | 2021-01-25 | 2022-09-02 | 天津理工大学 | Privacy protection data sharing method based on intelligent contracts |
CN112765640A (en) * | 2021-01-29 | 2021-05-07 | 重庆卡歌科技有限公司 | Data sharing method based on block chain technology |
CN112927819A (en) * | 2021-02-02 | 2021-06-08 | 杭州云嘉健康管理有限公司 | 5G cloud consulting room system |
CN112908440A (en) * | 2021-02-07 | 2021-06-04 | 深圳万海思数字医疗有限公司 | Health management data sharing method and device and remote medical platform |
CN112837776A (en) * | 2021-03-05 | 2021-05-25 | 成都库珀区块链科技有限公司 | Block chain data privacy security protection method based on prescription transfer platform |
CN112951356B (en) * | 2021-03-23 | 2023-03-31 | 电子科技大学 | Cross-modal medical data joint sharing method based on alliance chain |
CN113066563A (en) * | 2021-04-02 | 2021-07-02 | 青岛科技大学 | Credible medical bad information reporting processing system |
CN112989111B (en) * | 2021-04-20 | 2021-09-10 | 南京百伦斯智能科技有限公司 | Video storage management method and system based on block chain |
CN113539510A (en) * | 2021-04-23 | 2021-10-22 | 江苏大学 | Novel infectious disease discovery and management and control system based on intelligent contract |
CN113268756A (en) * | 2021-06-01 | 2021-08-17 | 上海交通大学医学院附属仁济医院 | Patient sharing and quality control system based on block chain technology and human assisted reproduction technology |
CN113507360B (en) * | 2021-06-26 | 2024-01-09 | 暨南大学 | System and method for exchanging and sharing technical big data based on blockchain |
CN113468570A (en) * | 2021-07-15 | 2021-10-01 | 湖北央中巨石信息技术有限公司 | Private data sharing method based on intelligent contract |
CN113689228A (en) * | 2021-07-16 | 2021-11-23 | 杭州医康慧联科技股份有限公司 | Integral data management method based on block chain |
CN113570461A (en) * | 2021-07-23 | 2021-10-29 | 北京芯安微电子技术有限公司 | User data transaction system based on block chain |
CN113538149B (en) * | 2021-07-28 | 2024-02-27 | 浙江数秦科技有限公司 | Multi-source data fusion platform based on block chain |
CN113488128A (en) * | 2021-07-28 | 2021-10-08 | 平安国际智慧城市科技股份有限公司 | Block chain-based electronic medical record retrieval method and device and related equipment |
CN113535663A (en) * | 2021-08-09 | 2021-10-22 | 恒安嘉新(北京)科技股份公司 | Data sharing processing method, device, equipment and medium based on block chain |
CN113764060B (en) * | 2021-09-09 | 2023-09-22 | 安徽师范大学 | Medical data management system based on double-block chain and patient authorized medical record sharing method |
CN113889208B (en) * | 2021-09-17 | 2023-12-01 | 郑州轻工业大学 | Block chain-based on-and-off-chain medical data sharing method, device and equipment |
CN113645368A (en) * | 2021-10-14 | 2021-11-12 | 深圳市云创精密医疗科技有限公司 | Data image encryption processing method for high-precision medical treatment |
CN113851203B (en) * | 2021-12-01 | 2022-02-15 | 南京可信区块链与算法经济研究院有限公司 | Neonate eye fundus screening collaborative learning method and system based on POS mechanism |
CN113990429B (en) * | 2021-12-29 | 2022-03-15 | 医典云(南京)数据科技有限公司 | Electronic medical record data protection method and device |
CN114726533B (en) * | 2022-03-23 | 2023-12-01 | 扬州大学 | Method for detecting and deleting redundant data in edge computing environment based on block chain |
CN115277040B (en) * | 2022-03-23 | 2024-03-08 | 山东新一代信息产业技术研究院有限公司 | Medical health data storage and sharing method and system based on blockchain technology |
CN114844675B (en) * | 2022-03-31 | 2024-04-09 | 四川链向科技集团有限公司 | Block chain data exchange method for Internet of things |
CN115033912B (en) * | 2022-04-20 | 2023-04-25 | 郑州轻工业大学 | Medical data cross-equipment anonymous verification method, device and equipment based on blockchain |
CN114565326B (en) * | 2022-04-29 | 2022-08-30 | 深圳市誉兴通科技股份有限公司 | Medicine management method and system based on Internet of things |
CN114818010B (en) * | 2022-06-23 | 2022-09-16 | 南京理工大学 | Block chain medical record safe storage and sharing method based on double-chain structure |
CN115297118B (en) * | 2022-10-09 | 2023-01-31 | 北京航空航天大学杭州创新研究院 | Data sharing method and data sharing system based on block chain |
CN115440332B (en) * | 2022-11-07 | 2023-02-10 | 南京邮电大学 | Clinical test data storage and sharing method based on public chain and alliance chain |
CN116978502A (en) * | 2023-06-21 | 2023-10-31 | 中山大学肿瘤防治中心(中山大学附属肿瘤医院、中山大学肿瘤研究所) | Blockchain-based paperless examination and approval method, system and storage medium for clinical trial |
CN116506123B (en) * | 2023-06-27 | 2023-09-15 | 广州信安数据有限公司 | Multi-subject data community construction method, medium and system based on convention protocol |
CN116644478B (en) * | 2023-07-27 | 2024-03-26 | 深圳达实旗云健康科技有限公司 | Medical data privacy protection method and device, electronic equipment and readable storage medium |
CN116707835B (en) * | 2023-08-09 | 2023-10-17 | 北京信创达科技有限公司 | Method and system for realizing patient information interaction based on blockchain |
CN117037988A (en) * | 2023-08-22 | 2023-11-10 | 广州视景医疗软件有限公司 | Electronic medical record storage method and device based on blockchain |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106603544A (en) * | 2016-12-22 | 2017-04-26 | 中国科学技术大学 | Data storage and cloud control method capable of lightweight auditing |
CN106682530A (en) * | 2017-01-10 | 2017-05-17 | 杭州电子科技大学 | Method and device for medical information sharing privacy protection based on blockchain technology |
CN107579979A (en) * | 2017-09-07 | 2018-01-12 | 成都理工大学 | The sharing query method of electronic health record based on block chain technology |
CN108063752A (en) * | 2017-11-02 | 2018-05-22 | 暨南大学 | A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology |
CN108462568A (en) * | 2018-02-11 | 2018-08-28 | 西安电子科技大学 | A kind of secure file storage and sharing method based on block chain |
-
2018
- 2018-09-06 CN CN201811034508.8A patent/CN109326337B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106603544A (en) * | 2016-12-22 | 2017-04-26 | 中国科学技术大学 | Data storage and cloud control method capable of lightweight auditing |
CN106682530A (en) * | 2017-01-10 | 2017-05-17 | 杭州电子科技大学 | Method and device for medical information sharing privacy protection based on blockchain technology |
CN107579979A (en) * | 2017-09-07 | 2018-01-12 | 成都理工大学 | The sharing query method of electronic health record based on block chain technology |
CN108063752A (en) * | 2017-11-02 | 2018-05-22 | 暨南大学 | A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology |
CN108462568A (en) * | 2018-02-11 | 2018-08-28 | 西安电子科技大学 | A kind of secure file storage and sharing method based on block chain |
Non-Patent Citations (1)
Title |
---|
基于CES的电子病历签名系统研究与实现;王昌达;《计算机工程》;20100816;第1-5节 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20230090453A1 (en) * | 2020-10-30 | 2023-03-23 | KnowBe4, Inc. | Systems and methods for determination of level of security to apply to a group before display of user data |
Also Published As
Publication number | Publication date |
---|---|
CN109326337A (en) | 2019-02-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109326337B (en) | Model and method for storing and sharing electronic medical record based on block chain | |
CN110321721B (en) | Block chain-based electronic medical record access control method | |
Shi et al. | Applications of blockchain in ensuring the security and privacy of electronic health record systems: A survey | |
Zhou et al. | Med-PPPHIS: blockchain-based personal healthcare information system for national physique monitoring and scientific exercise guiding | |
Nagasubramanian et al. | Securing e-health records using keyless signature infrastructure blockchain technology in the cloud | |
Guo et al. | Secure attribute-based signature scheme with multiple authorities for blockchain in electronic health records systems | |
Yang et al. | A blockchain-based approach to the secure sharing of healthcare data | |
CN111448565B (en) | Data authorization based on decentralised identification | |
US7869591B1 (en) | System and method for secure three-party communications | |
Ying et al. | A lightweight policy preserving EHR sharing scheme in the cloud | |
CN109409100B (en) | Information storage and sharing platform applied to medical data | |
CN110299195A (en) | The electronic health record shared system and application method with secret protection based on alliance's chain | |
CN112530531A (en) | Electronic medical record storage and sharing method based on double block chains | |
Razaque et al. | Privacy preservation models for third-party auditor over cloud computing: A survey | |
US20230083642A1 (en) | Methods and systems for managing user data privacy | |
Ghorbel et al. | Accountable privacy preserving attribute-based access control for cloud services enforced using blockchain | |
Garg | Decentralized transaction mechanism based on smart contracts | |
Ramesh et al. | Blockchain based efficient tamper-proof EHR storage for decentralized cloud-assisted storage | |
Babu et al. | MediBlocks: secure exchanging of electronic health records (EHRs) using trust-based blockchain network with privacy concerns | |
Ghayvat et al. | Sharif: Solid pod-based secured healthcare information storage and exchange solution in internet of things | |
Srivastava et al. | Attack resistant blockchain-based healthcare record system using modified RSA Algorithm | |
Liu et al. | A fine‐grained medical data sharing scheme based on federated learning | |
Mittal et al. | A novel two-level secure access control approach for blockchain platform in healthcare | |
Deng et al. | Towards a cross‐context identity management framework in e‐health | |
CN115883214A (en) | Electronic medical data sharing system and method based on alliance chain and CP-ABE |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |