CN109326337B - Model and method for storing and sharing electronic medical record based on block chain - Google Patents

Model and method for storing and sharing electronic medical record based on block chain Download PDF

Info

Publication number
CN109326337B
CN109326337B CN201811034508.8A CN201811034508A CN109326337B CN 109326337 B CN109326337 B CN 109326337B CN 201811034508 A CN201811034508 A CN 201811034508A CN 109326337 B CN109326337 B CN 109326337B
Authority
CN
China
Prior art keywords
data
medical
signature
patient
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811034508.8A
Other languages
Chinese (zh)
Other versions
CN109326337A (en
Inventor
刘景伟
李鑫
李晓璐
孙蓉
裴庆祺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201811034508.8A priority Critical patent/CN109326337B/en
Publication of CN109326337A publication Critical patent/CN109326337A/en
Application granted granted Critical
Publication of CN109326337B publication Critical patent/CN109326337B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Abstract

The invention discloses a safe storage and sharing model and method of electronic medical records based on a block chain, which solve the problems that patients can control the access authority of personal medical data and sensitive medical data can not be safely stored and shared at the present stage. The scheme is realized as follows: the model comprises a data creator, a data owner, cloud storage, a block chain of alliances and a data user, wherein the block chain is a control center. The method comprises the steps of initializing a system; acquiring medical data: storing data by intercepting the signature; data publishing using an improved DPOS consensus mechanism; data sharing based on smart contracts. The invention has the advantages of safety, reliability, privacy protection and safe storage capability, combines the cloud storage technology and the signature intercepting technology, and can realize safe and effective sharing access of data by setting sharing conditions through intelligent contracts by users in the block chain of the alliance, thereby having strong practicability.

Description

Model and method for storing and sharing electronic medical record based on block chain
Technical Field
The invention belongs to the technical field of information security, and particularly relates to improved technologies such as a stock authorization certification mechanism (DPOS), an intelligent contract, cloud storage and an interceptable signature, in particular to a model and a method for storing and sharing electronic medical records based on a block chain, which can be used for safely storing and sharing data under the block chain technology.
Background
With the rapid development of the internet, cloud computing and internet of things technologies, the data scale is increased rapidly, and the concepts of the internet and health care, medical health big data and the like come along. As an important data source of Medical big data, sharing of Electronic Medical Record (EMR) has great application value in the fields of hospital development, clinical service, clinical scientific research and the like. Actually, in the 90 s of the 20 th century, western countries such as meiying and ying have started to promote research of EMR, while research in this respect in China is started later, and in the opinion published by the common central national institute in 2009, the "establishment of health records of residents is particularly proposed as a key point to promote information-based construction of hospitals".
Electronic Medical Records (EMRs) are data integration systems that are created, stored, and used electronically by medical institutions, focusing on outpatient, inpatient (or healthcare object) clinical care and guidance intervention information. The ultimate goal of electronic medical record development is to achieve information sharing, which is advantageous in that different medical institutions can use this data to correlate with other electronic health record data to facilitate health monitoring, disease diagnosis and treatment, and reduce medical errors. The sharing of the electronic medical records can also realize remote medical treatment and make accurate and timely treatment schemes through consultation of a plurality of hospitals.
However, at the present stage, paper medical records are mainly used and are stored by a centralized medical institution, so that patients have difficulty in acquiring required medical records and medical history conditions, and the quality of medical treatment is affected. Data cannot be shared among medical institutions, and medical research is not facilitated. Moreover, conventional centralized networks are vulnerable to data leaks, such as 8000 thousand patient and related personnel records leaked by Anthem and 450 thousand patient data leaked by UCLA Health. Fortunately, the birth of blockchain technology provides a possibility to solve the medical "islanding information" phenomenon. It provides a new mode of distributed sharing that can remove the intermediate mechanism, increase data security.
Blockchain technology is the underlying support technology for bitcoin, and is considered to be the fifth subversive computational paradigm after mainframe computers, personal computers, the internet, mobile societies. The core technology of the method comprises a distributed ledger technology, an asymmetric encryption algorithm, an intelligent contract and the like, and has the characteristics of decentralization, high-redundancy storage, tamper resistance, high safety and the like. Based on the above characteristics of the block chain technology, the method is widely applied to various fields such as finance, election, medical treatment, supply chain and the like. Wherein the medical health field would likely be the second largest application market behind the financial field. When medical data is shared by the hospital-oriented medical data, all medical record information on the blockchain contains different timestamps and encryption keys, and the medical record data of the patients are stored on the distributed servers in this way. Because the billing process adopts a series of data encryption, signature and integrity verification, the medical record data which is stored in the distribution cannot be tampered at will and can only be recorded in the same server or the medical record of the patient, so that the confidentiality of the medical record data is improved.
However, managing medical data, acquiring, storing, and sharing are not simple tasks, especially privacy concerns. Electronic medical records contain a large amount of personal information, and the use of electronic medical records is clearly regulated by multi-national laws and regulations to take care of patient privacy protection. For example, when a patient purchases a medicine in an e-commerce pharmacy by showing an effective prescription, the patient does not want to reveal information such as the real name and identification number of the patient, the data used for scientific research does not need to know the information such as the real name and identification number of the patient, and the sensitive personal privacy data is deleted from the health data of the patient when the data is used. Therefore, the intercepted signature is very suitable for electronic medical records, and the patient can delete personal private data according to own will and can obtain an effective intercepted signature without interaction.
The blockchain technology can help doctors, patients and researchers to quickly and safely authenticate the authority, and free data access and sharing are achieved. Therefore, the application and research of the current block chain in the medical field are concerned, the Health bank company in switzerland is an innovator of global digital Health, and the absolute safety of Health data storage is ensured by processing the transactions of a Health system in a transparent mode through the block chain. A Health ecosystem comprising a block chain is constructed in a Gem Health joint Philips block chain laboratory, so that the global medical integration is promoted, and the medical Health is more personalized and civilized. In the country, the hospital (regional medical consortium) + blockchain trial project, which is a collaboration of ali health with the Changzhou city, is most compelling. At this stage, however, no specific embodiment or method has been disclosed.
At present, medical institutions mainly use paper medical records and store the paper medical records by medical institutions with centralized characteristics, and patients are difficult to acquire required medical records and medical history conditions, so that the medical quality is influenced. Data cannot be shared among medical institutions, and medical research is not facilitated. The ultimate goal of electronic medical record development is to achieve information sharing, which is advantageous in that different medical institutions can use this data to correlate with other electronic health record data for treatment or scientific research. But traditional centralized networks are vulnerable to attacks, resulting in data leakage. And sensitive information of patients is often involved in the medical data, and the dispersity and information circulation characteristics of the medical data make the block chain of the alliance very suitable. However, the existing stock authorization certification mechanism DPOS is used by 101 institutions, such a DPOS consensus mechanism determines the representative node according to the stock authorization, and it is obvious that the medical field related to the health of patients and medical research cannot determine the representative node according to the selection criteria of the stock authorization, because it needs a medical institution with high medical level and authority as the representative node to judge the validity of the release of the medical data and the access right of the medical data sharing, and only this is scientific, so the existing DPOS mechanism cannot be applied to the medical field.
Disclosure of Invention
The invention aims to overcome the defects and provides a safe storage and sharing model and a safe storage and sharing method of the electronic medical record based on the block chain, which can safely store and share the medical data.
The invention firstly relates to a block chain-based electronic medical record safe storage and sharing model which is characterized by comprising a data creator, a data owner, cloud storage, an alliance block chain and a data user, wherein the data creator firstly sends an electronic medical record of a patient to the data owner; the data owner intercepts data according to an intercepting rule, encrypts the data and stores the encrypted data in the cloud; the data owner distributes the citation of the medical data stored in the cloud in the alliance block chain, and sets access authority by using an intelligent contract; after the data user obtains the access application of the alliance block chain, the data user obtains the data to be accessed after decrypting the data in the cloud storage;
the data creator is a medical institution or doctor, the data owner is a patient, and the data user is a doctor or medical institution or institute or other person desiring to obtain the data.
The invention also relates to a block chain-based electronic medical record safe storage and sharing method, which is used on the block chain-based electronic medical record safe storage and sharing model of claims 1-3, and is characterized by comprising the following steps:
(1) model initialization: a certificate issuing (certification) authority CA in the federation blockchain is responsible for issuing a certificate for each new user, the certificate comprising an account ID, a public-private key pair (PK, SK); medical data such as electronic medical record of personal information of a patient, an examination report and the like are classified according to the medical data, the medical data are refined into M (name, gender, age, identification number, medical history, physical examination or laboratory sheet and medical prescription), and the M (M) is recorded as (M)1,m2,m3,m4,m5,m6,m7};
(2) Data acquisition: the data creator (medical institution) performs the revisable signature after dividing the data M into n segments and sends the signature and the original EMRs to the data owner:
(2a) dividing the electronic medical data M of the patient into n segments, namely: m ═ Mi|i=1,2,…,n};
(2b) Randomly selecting an integer
Figure BDA0001790531730000031
Calculating r ═ gk(mod p);
(2c) For each subdata M of the original data MiCalculating a hash value hi=H(MiIiiiiiiiiii) 1 ≦ i ≦ 7, where CEAS is the truncation rule for the truncatable signature and T is the CEAS marker;
(2d) calculate the subdata MiSignature of δi=(hi-ar)k-1mod(p-1),1≤i≤7;
(2e) Of the output data MGlobal signature deltaFull=(CEAS‖T‖δ1‖δ2‖…‖δ7);
(2f) The data creator combines the raw medical data MiHash value hiGlobal signature deltaFullAfter the CEAS and the mark T are cascaded, the symmetric key of a doctor is used for encryption, and then the encryption key K is used for encryptiondocUsing the public key PK of the patientpatEncrypted and then sent to the patient;
(3) data storage with intercepted signatures: after receiving the medical data sent by the doctor, the data owner (patient) uses the private key SKpatEncryption key K for decrypting medical datadocThen, the original medical data M is decryptediSecond, verify the global signature deltaFullIf the data is correct, the data owner generates a revised signature (intercepting signature) and stores the revised signature and the ciphertext of the original data into the cloud, and the steps are as follows:
(3a) for each sub-data M of the data MiCalculate hi=H(MiII T II I) of CEAS, wherein 1 ≦ i ≦ 7;
(3b) from global signatures δFullTo obtain deltaiAnd verify
Figure BDA0001790531730000041
Whether or not it is established, i.e.
Figure BDA0001790531730000042
If signature deltaFullIf the verification is passed, executing the following steps, otherwise, returning to failure;
(3c) intercepting the signature of the corresponding subdata by the patient according to CEAS specified by the doctor and the will of the patient;
(3d) the data owner encrypts and stores the intercepted medical data and the corresponding intercepted signature into cloud storage;
(4) data publishing with improved DPOS consensus mechanism: after the patient stores the medical data in the cloud storage, the patient needs to store the metadata, the hash value and the signature in a federation blockchain, and sets access authority by using an intelligent contract, wherein the steps are as follows:
(4a) the patient adopts a unique IDpat(independent of individual identity privacy) register and log on the blockchain;
(4b) for the subdata number i e CI (M'), the patient uses his own private key SKpatFor MetadataiHash value of the original data hiAnd performing common digital signature with the timestamp t to obtain
Figure BDA0001790531730000043
(4c) Requesting to store the medical record in the blockchain, issuing a request:
Figure BDA0001790531730000044
(4d) the current value in the block chain network represents that the node receives the transaction request and is responsible for generating an effective block, and block consensus is carried out by using an improved DPOS (distributed DPOS consensus) mechanism;
(5) data sharing based on smart contracts: a data user submits an access application to the blockchain, and needs to provide information such as a public key, an access object, an access purpose and the like of the data user, and the data user utilizes the urls based on CP-ABE access control, namely blockchain access authority authenticationiThe EMRs can be obtained, and the integrity and validity of the original data are verified through the hash value and the signature, and the process comprises the following steps:
(5a) CP-ABE access control;
(5b) medical data sharing in cloud storage;
(5c) data user verification signature deltaExtTo ensure the required raw medical data MiIf the intercepted signature passes verification, the fact that the original medical data are not tampered is indicated, the user can conduct access operation to obtain shared data, and if the verification fails, the user informs a cloud storage manager of the message to conduct processing.
The invention effectively realizes the control of ownership and access authority of the patient on the personal medical data and the safe storage and sharing of the sensitive medical data.
Compared with the prior art, the invention has the following advantages:
1) safety:
the medical data storage of the invention utilizes standard symmetric encryption and asymmetric encryption technologies, and has good resistance to the traditional security attack. For example, through an encryption and authentication mechanism, an attacker cannot open encrypted information through brute force cracking for a short time; the addition of the time stamp is well resistant to replay attacks; in the communication process, the communication node uses a digital signature technology to resist the attack of an attacker pretending to be a legal entity or forging false information; any entity can not forge the digital signature of other entities under the condition that the private key of the signer does not exist; a legitimate entity can verify the sender of the received message by digital signature techniques and verify that the received message has been altered. These techniques can ensure the authenticity and validity of electronic medical data.
2) Reliability:
authoritativeness: the invention is based on the alliance blockchain infrastructure, and the consensus process is controlled by part of the preselected nodes instead of all the nodes of the whole network, thereby greatly reducing the network overhead. Furthermore, with improved DPOS consensus, the selected medical institutions have influence and authority in ranking, thereby ensuring reliability of data sharing.
Tamper-proofing: all information in the federation chain is public and non-tampered, and each data block is stamped with a time stamp and arranged according to a certain time sequence. The distributed consensus mechanism enables trust to be built on the basis of cryptographic algorithms without relying on a trusted third party. Once written into the healthcare chain, the data cannot be tampered with because each tile holds the hash of its previous tile, which is almost impossible if it takes at least over 51% of the total network to modify the data of a tile. The hash of the original data of the medical record is saved in the medical chain of the invention, and any change of the original data can cause the change of the hash value, so that the non-tamper property of the medical record is directly ensured.
3) Privacy protection:
because the electronic medical record of the patient contains many sensitive information, such as name, identification card number, special illness state, etc., the electronic medical record does not need to be publicized. Due to the following technical characteristics, the privacy of the invention is well protected.
Anonymous trading: each node on the blockchain participates anonymously in transactions, and the user may use a different public and private key pair for each transaction. In addition, the consensus mechanism of the blockchain solves the trust problem in the peer-to-peer network, so that data transmission and even transaction can be anonymous, and only the blockchain address of the user needs to be known.
Secondly, cloud storage: the original data of the medical record are encrypted and stored in the cloud storage. In this way, the problem of limited blockchain storage capacity is solved while also greatly reducing the disclosure of raw medical data in the blockchain and securely storing the data.
Third, the signature can be intercepted: the invention adopts the signature which can be intercepted when a doctor signs medical data, and aims to facilitate the patient to intercept the sensitive data of the patient and obtain the effective signature without multiple interactions. The introduction of the signature can be intercepted, reducing the transmission of sensitive data from the beginning. Like ordinary digital signatures, any entity cannot forge the digital signatures of other entities without the private key of the signer.
4) And (4) safe storage:
the security of the storage of data is an important feature of the chain of the medical alliance, in which case the user has ownership of his own medical record and has full control over its use. The process from the production of the data to the use of the data is secure.
The patient encrypts and stores the original data and the signature in the cloud storage under the chain, and the distributed characteristic of the cloud storage ensures the safety of data storage.
And secondly, public information (metadata, hash values and access authority) of the medical records is stored in the block chain and cannot be modified by public. The blockchain is a safe and reliable distributed database, so that the risk that a centralized mechanism is easily attacked to cause data leakage is avoided. And each node on the blockchain stores the same data, so that the single-point attack cannot influence the whole system. The decentralized storage system has good expandability and reliability.
The data sharing authority is predefined in the intelligent contract by the user, only authorized users or mechanisms can access the data, and the access transaction can be recorded. Due to the presence of the time stamp, violations of rules or malicious use of the data can be traced. The user has the right to revoke his access rights and have him accept the audit.
Drawings
FIG. 1 is a general flow chart of an implementation of the present invention;
FIG. 2 is a sub-flow diagram of the signature generation algorithm SIG in the present invention;
FIG. 3 is a sub-flow diagram of the medical record data storage of the present invention;
FIG. 4 is a sub-flow diagram of an interceptable signature algorithm in a medical records data store in accordance with the present invention;
fig. 5 is a sub-flow diagram of the basic ciphertext access control scheme (BCAC) of the present invention.
Detailed Description
Embodiments and effects of the present invention will be described in detail below with reference to the accompanying drawings.
Example 1
At present, paper medical records are mainly used and stored by a medical institution with centralized characteristics, so that patients are difficult to obtain required medical records and medical history conditions, and the medical quality is influenced; data cannot be shared among medical institutions, which is not beneficial to medical research; traditional centralized networks are vulnerable to attacks, resulting in data leakage; the case history data is tampered by people randomly and frequently; the privacy protection of the sensitive information of the patient can not be obtained, and the like. To this end, the invention provides a model for safe storage and sharing of electronic medical records based on a block chain.
The invention relates to a safe storage and sharing model of electronic medical records based on a block chain, which comprises a data creator, a data owner, cloud storage, an alliance block chain and a data user, wherein the data creator firstly sends the electronic medical records of a patient to the data owner; the data owner intercepts data according to an intercepting rule, encrypts the data and stores the encrypted data in a cloud end, namely cloud storage; the data owner distributes the citation of the medical data stored in the cloud in the alliance block chain, and sets access authority by using an intelligent contract; and after the data user receives the access application of the alliance block chain, the data user decrypts the data in the cloud storage to obtain the data to be accessed.
The data creator is a medical institution or doctor, the data owner is a patient, and the data user is a doctor or medical institution or institute or other person desiring to obtain the data.
From the structure of the model, a data creator serves as a data source of the whole model and has a unidirectional data flow direction pointing to a data owner; as a block chain of the alliance of the whole model control center, the block chain has close relation with other four important nodes, namely other four components of the model: the data owner sends a release request and an intelligent contract access authority of the medical record data to the block chain of the alliance, after the block chain of the alliance passes the request, an intelligent contract is set, and a one-way relation that the data owner points to the block chain of the alliance exists between the block chain of the alliance and the intelligent contract; and the data user (including a data creator) sends a data stream of the information requested to be accessed to the alliance block chain, the alliance block chain feeds back the link of the data at the cloud end to the data user after being checked, and the data user and the alliance block chain are in a bidirectional link relationship. The cloud stores medical data of patients, references of the medical data of the patients stored in the block chain of the alliance and other control information, and the cloud and the data link layer of the block chain of the alliance have no direct data flow direction, but have reference connection on the network layer. The cloud end is used as the cloud end of the whole model storage center, the data owner points the encrypted medical data to the cloud end, the cloud end can return the link of the medical data to the data owner, and the data user and the cloud end are in a bidirectional link relation; the data user accesses the cloud end through the data access link returned by the block chain of the alliance, the cloud end can return the medical data to the data user, and the data user and the cloud end are in a bidirectional link relationship.
Example 2
The overall structure of the model for the safe storage and sharing of the electronic medical records based on the block chain is the same as that of the embodiment 1, in the invention, the block chain of the alliance is a control center of the whole model, wherein a certificate issuing (certification) authority CA is responsible for issuing a certificate for each new user (a data creator or a data owner), the certificate comprises an account ID and a public and private key pair (PK, SK), and in order to realize the sharing of the medical data, the data owner firstly needs to register and log in on the block chain of the alliance by adopting a unique identity account number of the data owner; because the storage capacity of the block chain of the alliance is limited, the personal medical records are stored in the cloud storage in an encrypted manner, only references of the data in the cloud storage, namely metadata, hash values and signatures, are reserved in the block chain, and a patient uses the private key SK of the patientpatFor MetadataiHash value of the original data hiAnd a timestamp t, generating a request to store the medical record in the blockchain. The invention adopts an improved DPOS consensus mechanism to carry out block consensus, wherein a current value represents a node RPN to verify each transaction, the current value represents the node RPN in the invention refers to a representative of an authoritative medical institution with high medical level and good credit, the current value represents the node RPN and integrates all collected effective data in the period of time into a data set, then a digital signature of the current value and a hash value of a new data block are attached to form a new data block, and a newly generated data block is broadcasted to other auditing nodes ATNs to be verified, the auditing nodes ATNs in the invention refer to other authoritative medical institutions with high medical level, good credit and being capable of being represented, after each ATN receives the data block, the validity and correctness of the data block are verified through information such as block hash value and digital signature sent by the RPN, and the result of the auditing is attached to the digital signature of the current value and encrypted by a public key of the RPN and sent back to the current value representing point, and the RPN checks the audit replies of all ATNs, and if the number of tickets passing the audit exceeds 51%, the block generation is considered to be successful. The RPN integrates the data block with the public key set of the ATNs of the audit node and the corresponding digital signature and sends the integrated data block to all nodes, and all nodes update data to form an effective block; and setting an intelligent contract according to the access authority set by the data creator.Based on CP-ABE access control, namely block chain access authority authentication, when a data user wants to obtain medical data of a patient, an access application is submitted to a block chain of a alliance, the access application comprises information of a public key of the data user, an access object, an access purpose and the like, if the access application passes, whether preset access conditions of the patient are met is judged according to identity information of a data visitor, if the preset access conditions are met, an intelligent contract is triggered to decrypt metadata by using a private key provided by the patient, ciphertext information of the metadata encrypted by the public key of the data user is returned, medical record data are obtained by using a link of data storage, and the integrity and the validity of original data are verified through a hash value and a signature.
Example 3
The overall structure of the model for safe storage and sharing of the electronic medical record based on the blockchain is the same as that of the embodiment 1-2, and all the quotes of the medical record data on the alliance blockchain contain different time stamps and encryption keys, namely, for the medical subdata, a patient uses the private key SK of the patientpatFor MetadataiHash value of the original data hiAnd performing common digital signature with the timestamp t to obtain
Figure BDA0001790531730000091
And then issuing a request to the alliance blockchain, and adopting an improved DPOS consensus mechanism to accept the transaction request and carry out blockchain consensus on the current value representative nodes in the blockchain network. When the value represents the node RPN, each transaction is verified, and all the collected effective data in the period is integrated into a data set (denoted as M)setAnd { Req | t }), the new data block is formed by attaching the digital signature of the new data block and the hash value of the new data block, and the newly generated data block is broadcasted to other auditing nodes ATNs to be verified. After each ATN receives the data block, the validity and the correctness of the data block are verified through information such as the block hash value, the digital signature and the like sent by the RPN, the audit Result (Result) of the ATN is attached to the digital signature of the ATN, and the audit Result (Result) is encrypted by the public key of the RPN and then is sent to the current value representative node as a Reply (Reply). The RPN checks the audit replies of all ATNs, and if the number of tickets passing the audit exceeds 51 percent, the RPN considers that the tickets pass the audit repliesThe block generation is successful. And the RPN integrates the data block with the public key set of the ATNs of the audit node and the corresponding digital signature and sends the integrated data block to all nodes, and all nodes update data. Thereafter, the data blocks will be stored in the federation chain in chronological order, with the value representing the reward that both the node and the node participating in the audit will receive credit. After the request is passed, the patient stores a reference to the medical data on a distributed server. Because the accounting process adopts a series of data encryption, signature and integrity verification, the medical record data stored in a distributed mode cannot be tampered randomly, and therefore the model has the characteristics of decentralization, tamper resistance, high safety and the like.
Example 4
The overall construction of the model for secure storage and sharing of electronic medical records based on blockchains is the same as in examples 1-3,
the invention is also a block chain based method for secure storage and sharing of electronic medical records. The method is used on the model of safe storage and sharing of the electronic medical record based on the block chain, and referring to fig. 1, comprises the following steps:
(1) model initialization: a certificate authority CA in the block chain of the alliance is responsible for issuing a certificate for each new user, wherein the certificate comprises an account ID and a public and private key pair (PK, SK), each new user with encryption and decryption requirements, namely a data creator, a data owner and a data user, needs to be initialized to obtain the own public and private key pair (PK, SK), and in addition, a symmetric encryption key may be needed. The invention adopts the existing signature algorithm capable of intercepting to design the signature, and the use of the digital signature technology can resist the attack of an attacker pretending to be a legal entity or forging false information. The data creator performs the following operations: key generation algorithm GK: let p be one such that in the multiplication loop group ZpThe prime numbers that are difficult to handle by the discrete logarithm problem,
Figure BDA0001790531730000101
is a primitive element, H is a hash function, and an integer is randomly selected
Figure BDA0001790531730000102
Calculating v ═ ga(mod p), the public key PK of the signerdocPrivate key SK { p, g, v }, anddoc=a。
(2) data creator obtains data: the data creator (medical institution) divides the medical data M into n segments and executes the revisable signature and sends the signature and the original electronic medical record EMRs to the data owner:
(2a) when a patient sees a doctor in a hospital or is examined in medical institutions such as the hospital, a doctor can generate medical data such as an electronic medical record containing personal information of the patient, an examination report and the like for the patient, and a data creator divides the electronic medical data M of the patient into n sections, namely: m ═ Mi1,2, …, n }, including name, sex, age, identification number, medical history, physical examination or laboratory sheet, medical prescription, similar medical record and other medically important information. N here can be flexibly designed according to actual situations and requirements.
(2b) The data creator randomly selects an integer
Figure BDA0001790531730000103
Calculating r ═ gk(mod p)。
(2c) Data creator for each sub-data M of original data MiCalculating a hash value hi=H(MiIiiiiiiii) 1 ≦ i ≦ 7, where CEAS is the truncation rule for the truncatable signature, T is the CEAS flag, and the truncation rule is the rule that the physician maximally preserves the validity of the patient medical data without removing the patient's privacy, such as: the sex and age of a patient are important reference factors influencing a part of pathology, so that a data creator needs to set the sex and age as an object to be intercepted, and the contact way of the name, identification card information, a telephone and the like of the patient is privacy of the patient, and the contact way has no great relation to medical data and can be set as a non-intercepted object. The interception signature of the CEAS can maximally protect the privacy of the patient on the premise of ensuring the validity of the medical data.
(2d) The data creator calculates each sub-data MiThe signature of (a), namely: deltai=(hi-ar)k-1mod(p-1),1≤i≤7。
(2e) The data creator obtains the global signature δ of the complete data MFull=(CEAS‖T‖δ1‖δ2‖…‖δ7)。
(2f) The data creator combines the raw medical data MiHash value hiGlobal signature deltaFullAfter the CEAS and the mark T are cascaded, the symmetric key of a doctor is used for encryption, and then the encryption key K is used for encryptiondocUsing the public key PK of the patientpatAfter encryption, the data are sent to the patient together, namely:
Figure BDA0001790531730000104
the medical data is symmetrically encrypted, and the key for symmetric encryption is asymmetrically encrypted. An attacker cannot open the encrypted information through brute force cracking in a short time, so that the medical data has good resistance to the traditional security attack.
(3) Data storage with intercepted signatures: after receiving the medical data and encrypted key from the data creator, the data owner (patient) uses its own private key SKpatEncryption key K for decrypting medical datadocThen, the original medical data M is decryptediSecond, verify the global signature deltaFullIf the data is correct, the data owner generates a revised signature (an intercepted signature) and stores the intercepted signature and the ciphertext of the original data into the cloud, and the steps are as follows:
(3a) decrypting each subdata M of the data M by the data owneriThen, the hash value h of each subdata is calculatedi=H(MiII | T | i) of CEAS, wherein 1 ≦ i ≦ 7.
(3b) From global signatures δFullEach subdata M is obtainediIs a signature deltaiAnd verify
Figure BDA0001790531730000111
Figure BDA0001790531730000112
Whether or not the above-mentioned conditions are satisfied,
namely, it is
Figure BDA0001790531730000113
If signature deltaFullIf the verification is passed, the following steps are executed, otherwise, failure is returned. The data owner can verify the identity of the sender of the received medical data and verify whether the obtained medical data is modified through a digital signature technology, and the technology can guarantee the authenticity and validity of the electronic medical data.
(3c) The patient follows the interception rules CEAS prescribed by the doctor and his privacy protection will, such as: the patient wants to protect his name and address, which in turn satisfies the interception rules CEAS, so he can hide this part of the data. The signature of the corresponding subdata is intercepted, so that the patient can conveniently protect the sensitive data of the patient, and the effective signature can be obtained without multiple interactions. The introduction of the signature can be intercepted, reducing the transmission of patient sensitive data from the outset.
(3d) The data owner encrypts and stores the intercepted medical data and the corresponding intercepted signature into cloud storage, and the original medical data are encrypted and stored in the cloud storage under the link, so that a foundation is laid for sharing the medical data. In this way, the problem of limited blockchain storage capacity is solved, meanwhile, the disclosure of original medical data in the blockchain is greatly reduced, the data is stored safely, and the safety of data storage is ensured due to the distributed characteristic of cloud storage.
(4) Data publishing with improved DPOS consensus mechanism: after the medical data is stored in the cloud by the patient, in order to really realize the sharing of the medical data safely and reliably, the patient needs to store the quote of the medical data, namely metadata, a hash value and a signature in a federation block chain, and set the access right by using an intelligent contract. All information in the federation chain is public and non-tampered, and each data block is stamped with a time stamp and arranged according to a certain time sequence. The distributed consensus mechanism enables trust to be built on the basis of cryptographic algorithms without relying on a trusted third party. Once written into the federation blockchain, data cannot be tampered with because each chunk holds the hash of its previous chunk, which is almost impossible if at least over 51% of the network effort is required to modify the data of a chunk. The hash of the original data of the medical record is saved in the medical chain of the invention, and any change of the original data can cause the change of the hash value, so that the non-tamper property of the medical record is directly ensured. The steps of data publishing in the model are as follows:
(4a) the data owner adopts the unique ID after registering on the block chain of the alliancepat(independent of privacy of individual identity) logs on to the federation blockchain.
(4b) The data owner has the sub-data number i e CI (M'), and the patient uses the private key SK of the patientpatFor MetadataiHash value of the original data hiDigitally signing with the timestamp t to obtain
Figure BDA0001790531730000121
Wherein the addition of the time stamp is well resistant to replay attacks.
(4c) The data owner requests that a reference to the medical data be stored in the blockchain, issues a request Req:
Figure BDA0001790531730000122
Figure BDA0001790531730000123
the block chain is a safe and reliable distributed database, and the risk of data leakage caused by the fact that a centralized mechanism is easily attacked is avoided. And each node on the block chain stores the same data, so that the single-point attack does not influence the whole system, and the decentralized storage system has good expandability and reliability.
(4d) The present invention is based on the alliance blockchain infrastructure, and the consensus process is controlled by part of the preselected nodes, not all nodes of the whole network, thereby greatly reducing the network overhead. The consensus mechanism of the blockchain solves the trust problem in the peer-to-peer network, so that data transmission and even transaction can be anonymous, and only the blockchain address of the user needs to be known. The invention adopts an improved DPOS consensus mechanism to carry out block consensus, and the selected medical institution has influence and authority on ranking, thereby ensuring the reliability of data sharing
(5) Data sharing based on smart contracts: along with the social progress, people pay more and more attention to their health, and besides the progress of medical technology, the improvement of the medical level of the society is also the sharing of medical data which cannot be ignored. The medical data is the record of pathological conditions, treatment conditions and treatment history of the patient, and has important reference value for further treatment of the patient, medical research of the pathological conditions by scientific research institutions and treatment of other patients with the same pathological conditions or similar pathological conditions, so that the importance of data sharing is self-evident. A data user needs to acquire medical data of a patient, submits an access application to a blockchain, provides information such as a public key, an access object and an access purpose of the data user, authenticates access authority of the blockchain based on CP-ABE access control, and utilizes a data access link urliThe EMRs of the electronic medical record data can be obtained, and the integrity and the validity of the original data are verified through the hash value and the signature, and the process comprises the following steps:
(5a) the block chain access authority is authenticated, the data sharing authority is completely predefined in an intelligent contract by a data owner, only authorized users or organizations can access the data, and each access transaction is recorded. Due to the existence of the time stamp, the behavior of violating the rules or maliciously using the data can be traced, and the user has the right to revoke the access right and accept the audit.
(5b) Medical data sharing in cloud storage, the identity of the data user may be the doctor or nurse responsible for the treatment of the data creator, a scientific research institution for medical research, and a patient with the same or similar pathology in order to assist in their treatment.
(5c) The data user needs to verify the signatureδExtTo ensure the required raw medical data MiIf the intercepted signature passes verification, the original medical data M is indicated to be not tampered, the user can carry out access operation to obtain shared data, and if the intercepted signature fails verification, the original medical data M is indicated to be not tamperediThe validity and integrity of the data are destroyed, and the data user informs the cloud storage manager of the message for processing.
The medical data is sent and stored, the reference of the medical data is stored in the alliance block chain and other processes, and the symmetric encryption technology and the asymmetric encryption technology are utilized, so that the traditional security attack resistance is good. During data transmission, the communication node uses a digital signature technology to resist the attack of an attacker pretending to be a legal entity or forging false information. Because the accounting process of the block chain of the alliance adopts a series of data encryption, signature and integrity verification, the medical record data stored in a distributed mode cannot be tampered randomly. These techniques can ensure the authenticity and validity of electronic medical data. In addition, the implementation of the intelligent contract effectively guarantees the access ownership of the data owner to the medical data of the data owner. In a word, the safe storage and sharing model of the electronic medical record based on the block chain can effectively ensure the safe storage and sharing of the data medical treatment.
Example 5
The overall structure of the model for safe storage and sharing of the electronic medical record based on the block chain is the same as that of the embodiment 1-4, in the step (3c), the patient intercepts the signature of the corresponding subdata according to the CEAS specified by the doctor and the will of the patient, and the process is carried out according to the following steps:
(3c1) the interception subset CI (M') is constructed according to the CEAS specified by the physician.
(3c2) Generating an intercepted sub data set M '{ M ═ according to the intercepted subset CI (M')i|i∈CI(M′)}。
(3c3) For each i ∈ CI (M'), from δFullTo take out deltai
(3c4) Generating a truncated signature deltaExt=(CEAS‖CI(M′)‖T‖δ1‖δ2‖…‖δf) Wherein δiAnd (i ═ 1,2, …, f) is the signature of the corresponding child data in CI (M').
The patient intercepts the signature of the corresponding subdata according to the intercepting rule CEAS specified by the doctor and the intention of the patient, and the protection of the sensitive data of the patient on the patient is realized to the maximum extent on the premise of meeting the intercepting rule CEAS.
Example 6
The overall structure of the model for safe storage and sharing of electronic medical records based on the block chain is the same as that of the embodiment 1-5, an improved DPOS consensus mechanism is adopted in the step (4d) for block consensus, and the original DPOS adopting the share authorization certification mechanism is improved into the DPOS consensus mechanism aiming at the medical field. The method comprises the following specific steps:
(4d1) when the value represents the node RPN, each transaction is verified, and all the collected effective data in the period is integrated into a data set (denoted as M)setAnd (Req | t }), attaching the digital signature of the node and the hash value of the new data block to form a new data block, and broadcasting the newly generated data block Records to other auditing nodes ATNs to be verified, wherein the process is specifically expressed as follows:
Figure BDA0001790531730000141
(4d2) after each ATN receives the data block, the validity and the correctness of the data block are verified through information such as a block hash value, a digital signature and the like sent by the RPN, an audit Result (Result) of the ATN is attached to a digital signature of the ATN, and the audit Result (Result) is encrypted by a public key of the RPN and then sent to a current value representative node as a Reply (Reply), wherein the process is specifically expressed as follows:
ATNs→RPN:
Figure BDA0001790531730000142
(4d3) the RPN checks the audit replies of all ATNs, if the number of tickets passing the audit exceeds 51%, the block is considered to be successfully generated, the RPN integrates the data block together with the public key set of the ATNs of the audit node and the corresponding digital signature and sends the integrated data block to all nodes, all the nodes update data, and then the data block is stored in a alliance chain in time sequence, the value represents that the nodes and the nodes participating in the audit all obtain the reward of credit points, and the process is specifically expressed as follows:
RPN→All:
Figure BDA0001790531730000143
the invention adopts an improved DPOS consensus mechanism to carry out block consensus, and improves the original DPOS adopting a share authorization certification mechanism into a DPOS consensus mechanism aiming at the medical field. The medical institutions selected by the invention have influence and authority in ranking, and the reliability of data sharing is ensured.
Example 7
The overall structure of the model for safe storage and sharing of electronic medical records based on the blockchain is the same as that in embodiments 1 to 6, and the access authority authentication of the blockchain in the step (5a) specifically comprises the following steps:
(5a1) a node N initiates a medical data sharing request transaction Req to a block chain, wherein the request contains a public key PK of the node NNObject account IDpatData access destination obj, access content MiAnd the time t, when the node N identity is checked by the value node, the transaction information is recorded into the block chain after the verification is passed, and the process is specifically expressed as follows:
N→RPN:Req=(PKN||IDpat‖obj‖Mi‖t),
note that: here MiM representing node N requesting access to patient onlyiData, if part of the data is accessed, is represented as (M)i1,2, …), denoted by M if a node wants to access all the data for that patient.
(5a2) Executing an intelligent contract: the intelligent contract is automatically executed, whether preset access conditions of patients are met is judged according to the identity information of the node N, and if the preset access conditions are met, the patient ID for the intelligent contract is triggeredpatThe provided private key decrypts the metadata and returns it to the secret that encrypted the metadata using the public key of node NText information:
Figure BDA0001790531730000151
(5a3) extracting data storage positions: after receiving the ciphertext information, the node N decrypts the ciphertext information by using the private key thereof to obtain the MetadataiAnd extracting the storage location urls thereiniAnd cloud removing, storing and searching the required original data.
According to the block chain access authority authentication method, the block chain access authority authentication, namely the data sharing authority, is predefined in an intelligent contract by a data owner, and only a user or an organization (a doctor, a nurse, a patient or a medical organization) authorized by the data owner can access data, so that the protection of the data owner on the medical privacy of the owner and the control of the data access authority are effectively guaranteed.
Example 8
The overall structure of the block chain-based electronic medical record secure storage and sharing model is the same as that in embodiments 1 to 7, and the specific implementation steps of the process of encrypting and storing the medical data and the corresponding intercepted signature to the cloud storage by the data owner in the step (3d) are as follows:
(3d1) user randomly generating document key Kpat
(3d2) Running a symmetric encryption algorithm E, and using a secret key K for the subdata number i epsilon CI (MpatEncryption (M)i‖hiII) t), wherein t is a time stamp, and the sub-data ciphertext is obtained
Figure BDA0001790531730000152
(3d3) Running symmetric encryption algorithm E, K is encrypted using master key UMKpatObtain a key ciphertext EUMK(Kpat)。
(3d4) Cipher text of data
Figure BDA0001790531730000153
The signature delta can be interceptedExtAnd key ciphertext EUMK(Kpat) By medical data categoryUploading the data to cloud storage, and returning the data to a storage position urls and a time stamp t corresponding to the patient, wherein the two form Metadatai(t | urls), that is, the data uploaded by the user to the cloud storage is:
Figure BDA0001790531730000161
the invention uses the symmetric encryption algorithm and the asymmetric encryption algorithm, and can effectively ensure that the medical data is safely protected in the storage process.
Example 9
The overall structure of the model for safe storage and sharing of the electronic medical record based on the blockchain is the same as that of the embodiment 1-8, and the specific steps of sharing the medical data in the cloud storage in the step (5b) are as follows:
(5b1) data consumers passing through storage locations urlsiRetrieve
Figure BDA0001790531730000162
EUMK(Kpat)、δExt
(5b2) The data consumer runs symmetric algorithm E, decrypts E using master key UMKUMK(Kpat) To solve the encryption key Kpat
(5b3) The data consumer runs a symmetric algorithm E, using a secret key KpatDecryption
Figure BDA0001790531730000163
Obtaining raw medical data (M)i‖hiT) and truncated signature δExt
The invention uses the symmetric encryption algorithm, and can effectively ensure that the medical data is safely protected in the reading process.
Example 10
The overall structure of the model for safe storage and sharing of electronic medical record based on block chain is the same as that of the embodiment 1-9, and the signature delta for verifying the data user in the step (5c)ExtTo ensure the required raw medical data MiThe specific steps of effectiveness and completeness are as follows:
(5c1) The verifier verifies first
Figure BDA0001790531730000164
If yes, executing the following steps, otherwise, returning failure, and indicating the medical data MiThe effectiveness and integrity of the system is compromised.
(5c2) For each medical subdata sequence number i belongs to CI (M'), h is calculatedi=H(MiIiiiiiiii) of CEAS by verifying
Figure BDA0001790531730000165
If true, to verify the truncated signature deltaExtThe correctness of the operation.
The invention uses the digital signature, and can effectively verify the validity and the integrity of the read medical data.
Embodiments and effects of the present invention will be further described below with reference to the accompanying drawings.
Example 11
The overall construction of the model for secure storage and sharing of electronic medical records based on blockchains is the same as in examples 1-10,
referring to fig. 1, the implementation steps of the invention are as follows:
step 1, system initialization: the certificate authority CA is responsible for issuing certificates for each new user, including an account ID, a public and private key pair (PK, SK). When a patient is seen in a hospital or examined in a medical institution such as a hospital, a doctor generates medical data such as an electronic medical record and an examination report containing personal information of the patient for the patient, classifies the medical data according to the medical data, and refines the medical data into M ═ name, gender, age, identification number, medical history, physical examination or laboratory sheet and medical prescription }, wherein the medical data are divided into 7 types, namely n is 7 and M is { M ═ 7 in the example1,m2,m3,m4,m5,m6,m7}。
The invention adopts the existing signature algorithm capable of intercepting to design the signature, and a data creator executes the following operations: key generation algorithm GK: let p be one such that in a multiplication loop groupZpThe prime numbers that are difficult to handle by the discrete logarithm problem,
Figure BDA0001790531730000171
is a primitive element. Randomly selecting integers
Figure BDA0001790531730000172
Calculating v ═ ga(mod p), the public key PK of the signerdocPrivate key SK { p, g, v }, anddoc=a。
step 2, data acquisition: the data creator performs the revisable signature after dividing the data M into 7 segments.
Referring to fig. 2, the data acquisition is specifically implemented as follows:
(2a) randomly selecting an integer
Figure BDA0001790531730000173
Calculating r ═ gk(mod p)。
(2b) For each subdata M of the original data MiCalculating a hash value hi=H(Mi‖CEAS‖T‖i),1≤i≤7。
(2c) Calculate the subdata MiSignature of δi=(hi-ar)k-1mod(p-1),1≤i≤7。
(2d) Global signature delta of output data MFull=(CEAS‖T‖δ1‖δ2‖…‖δ7)。
And 3, data storage: and the data owner generates a revised signature and stores the revised signature and the original data ciphertext into the cloud. After receiving the medical data sent by the doctor, the patient uses the private key SKpatEncryption key K for decrypting medical datadocThen, the original medical data M is decryptediFirst, the global signature δ is verifiedFullThe correctness of (2):
referring to fig. 3, the specific implementation steps of the signature verification of the received data are as follows:
(3a) for each sub-data M of the data MiCalculate hi=H(MiII | T | i) of CEAS, wherein 1 ≦ i ≦ 7.
(3b) From global signatures δFullTo obtain deltaiAnd verify
Figure BDA0001790531730000174
Whether or not the above-mentioned conditions are satisfied,
namely, it is
Figure BDA0001790531730000175
If signature deltaFullIf the verification is passed, the following steps are executed, otherwise, failure is returned.
(3c) The patient intercepts the signature of the corresponding subdata according to CEAS specified by the doctor and the will of the patient.
Referring to fig. 4, the specific implementation steps of the data interception signature process are as follows:
(3c1) the interception subset CI (M') is constructed according to the CEAS specified by the physician.
(3c2) Generating an intercepted sub data set M '{ M ═ according to the intercepted subset CI (M')i|i∈CI(M′)}。
(3c3) For each i ∈ CI (M'), from δFullTo take out deltai
(3c4) Generating a truncated signature deltaExt=(CEAS‖CI(M′)‖T‖δ1‖δ2‖…‖δf) Wherein δiAnd (i ═ 1,2, …, f) is the signature of the corresponding child data in CI (M').
(3d) And the data owner encrypts and stores the intercepted medical data and the corresponding intercepted signature into a cloud storage, respectively stores the medical data and the corresponding intercepted signature into corresponding folders according to categories, and adopts a basic ciphertext access control scheme (BCAC).
Referring to fig. 5, the specific implementation steps of data storage are as follows:
(3d1) user randomly generating document key Kpat
(3d2) Running a symmetric encryption algorithm E, and using a secret key K for the subdata number i epsilon CI (MpatEncryption (M)i‖hiIit), where t is the time stamp, resulting in the ciphertext
Figure BDA0001790531730000181
(3d3) Running symmetric encryption algorithm E, K is encrypted using master key UMKpatObtain the ciphertext EUMK(Kpat)。
(3d4) Will be provided with
Figure BDA0001790531730000182
δExt,EUMK(Kpat) Sequentially uploading the medical data to cloud storage according to the medical data category, returning the medical data to a corresponding storage position urls and a time stamp t of a patient, and forming Metadatai═ t (urls |). Namely, the data uploaded to the cloud storage by the user is as follows:
Figure BDA0001790531730000183
and 4, data release: after the intercepted medical data is stored in the cloud storage by the patient, in order to realize the sharing of the medical data, the patient only needs to store the metadata, the hash value and the signature into the union block chain, and set the access right by using the intelligent contract.
(4a) The patient adopts a unique IDpat(independent of privacy of personal identity) is registered and logged on the blockchain.
(4b) For the subdata number i e CI (M'), the patient uses his own private key SKpatFor MetadataiHash value of the original data hiAnd performing common digital signature with the timestamp t to obtain
Figure BDA0001790531730000184
(4c) The medical record is requested to be stored in the blockchain. Issuing a request:
Figure BDA0001790531730000185
(4d) the present invention adopts an improved DPOS consensus mechanism to carry out block consensus, and the specific steps are as follows:
(4d1) when the value represents the node RPN, each transaction is verified, and all the collected effective data in the period is integrated into a data set (denoted as M)setAnd { Req | t }), the new data block is formed by attaching the digital signature of the new data block and the hash value of the new data block, and the newly generated data block is broadcasted to other auditing nodes ATNs to be verified. The above process is specifically described as follows:
RPN→ATNs:
Figure BDA0001790531730000191
(4d2) after each ATN receives the data block, the validity and the correctness of the data block are verified through information such as the block hash value, the digital signature and the like sent by the RPN, the audit Result (Result) of the ATN is attached to the digital signature of the ATN, and the audit Result (Result) is encrypted by the public key of the RPN and then is sent to the current value representative node as a Reply (Reply). The above process is specifically described as follows:
ATNs→RPN:
Figure BDA0001790531730000192
(4d3) and the RPN checks the audit replies of all ATNs, and if the number of tickets passing the audit exceeds 51%, the block generation is considered to be successful. And the RPN integrates the data block with the public key set of the ATNs of the audit node and the corresponding digital signature and sends the integrated data block to all nodes, and all nodes update data. Thereafter, the data blocks will be stored in the federation chain in chronological order, with the value representing the reward that both the node and the node participating in the audit will receive credit. The above process is specifically described as follows:
RPN→All:
Figure BDA0001790531730000193
step 5, data sharing: the data user submits an access application to the blockchain, and the public key, the access object, the access destination and other information of the data user are provided. Utilizing urls based on CP-ABE access controliThe EMRs are obtained and passedThe hash value and signature verify the integrity and validity of the original data. The process comprises the following steps:
(5a) blockchain access rights authentication (CP-ABE access control):
(5a1) a node N initiates a medical data sharing request transaction Req to a block chain, wherein the request contains a public key PK of the node NNAccess object account IDpatData access destination obj, access content MiAnd the time t, when the node N identity is checked by the value node, the transaction information is recorded into the block chain after the verification is passed. The above process is specifically described as follows:
N→RPN:Req=(PKN||IDpat||Metadatai||Mi||t)
note that: here MiM representing node N requesting access to patient onlyiData; if part of the data is accessed, the data is expressed as (M)i1,2, …); if the node wants to access all the data of the patient, it is denoted by M.
(5a2) Executing an intelligent contract: the intelligent contract is automatically executed, whether preset access conditions of patients are met is judged according to the identity information of the node N, and if the preset access conditions are met, the patient ID for the intelligent contract is triggeredpatThe provided private key decrypts the metadata and returns to the ciphertext information that encrypted the metadata using the public key of node N:
Figure BDA0001790531730000194
(5a3) extracting data storage positions: after receiving the ciphertext information, the node N decrypts the ciphertext information by using the private key thereof to obtain MetadataiAnd extracting the storage location urls thereiniAnd cloud removing, storing and searching the required original data.
(5b) Medical data sharing in cloud storage:
(5b1) by storing the locations urlsiRetrieve
Figure BDA0001790531730000201
EUMK(Kpat)、δExt
(5b2) Running symmetric algorithm E, decrypting E using master key UMKUMK(Kpat) To solve the encryption key Kpat
(5b3) Running symmetric algorithm E, using secret key KpatDecryption
Figure BDA0001790531730000202
Obtaining raw medical data (M)i‖hiT) and truncated signature δExt
(5c) Data user verification signature deltaExtTo ensure the required raw medical data MiEffectiveness and integrity of (c):
(5c1) the verifier verifies first
Figure BDA0001790531730000203
And if so, executing the following steps, otherwise, returning to failure.
(5c2) For each i ∈ CI (M'), calculate hi=H(MiIiiiiiiii) of CEAS by verifying
Figure BDA0001790531730000204
Figure BDA0001790531730000205
If true, to verify the truncated signature deltaExtThe correctness of the operation.
If the intercepted signature is verified, indicating that the original medical data has not been tampered with, the user may perform his specific access operation. If the verification fails, the user may notify the cloud storage manager of the message for processing.
In summary, the model and the method for safely storing and sharing the electronic medical record based on the blockchain disclosed by the invention mainly solve the problems that the patient can control the access authority of the personal medical data and the sensitive medical data can not be safely stored and shared at the present stage. The model comprises a data creator, a data owner, cloud storage, a block chain of alliances and a data user, wherein the block chain is a control center. The scheme comprises the following steps: 1) initializing a system: the CA authority is responsible for issuing certificates for each new user, including account ID, public and private key pair (PK, SK); 2) data acquisition: the data creator divides the data M into n segments, then executes the revisable signature and sends the signature and the original EMRs to the data owner; 3) data storage: the data owner generates a revised signature and stores the revised signature and the original data ciphertext into the cloud; 4) data release: the data owner uploads information such as index ciphertext, a hash value, a signature and the like to obtain an effective block after the linkage block chain is approved; 5) data sharing: the data user submits an access application to the blockchain, and the public key, the access object, the access destination and other information of the data user are provided. And after the verification is passed, based on block chain access authority authentication, obtaining an access link of the medical data and reading the medical data at the cloud end. And verifies the integrity and validity of the original data by the hash value and the signature. The invention meets basic security requirements, reliability, privacy protection and secure storage capability, combines the cloud storage technology and the interceptable signature, realizes the secure and effective shared access of data by setting the sharing conditions through the intelligent contract by the user in the block chain of the alliance, and has strong practicability.

Claims (7)

1. A safe storage and sharing method of electronic medical records based on a block chain is characterized by comprising the following steps:
(1) initialization: a certificate authority CA in the federation blockchain is responsible for issuing a certificate for each new user, the certificate comprising an account ID, a public-private key pair (PK, SK); the medical data of the electronic medical record and the examination report of the personal information of the patient are classified according to the medical data, and the detailed medical data are M ═ M { name, gender, age, identification number, medical history, physical examination or laboratory sheet and medical prescription }, and are recorded as M ═ M { (M)1,m2,m3,m4,m5,m6,m7};
(2) Data acquisition: the data creator performs the revisable signature after dividing the data M into n segments and sends the signature and the original EMRs to the data owner:
(2a) partitioning electronic medical data M of a patientIs n segments, namely: m ═ Mi|i=1,2,…,n};
(2b) Randomly selecting an integer
Figure FDA0003163313140000011
Calculating r ═ gk(mod p);
(2c) For each subdata M of the original data MiCalculating a hash value hi=H(MiI is more than or equal to 1 and less than or equal to 7, wherein CEAS is an interception rule capable of intercepting a signature, and T is a CEAS mark;
(2d) calculate the subdata MiSignature of δi=(hi-ar)k-1mod(p-1),1≤i≤7;
(2e) Global signature delta of output data MFull=(CEAS||T||δ1||δ2||…||δ7);
(2f) The data creator combines the raw medical data MiHash value hiGlobal signature deltaFullAfter the CEAS and the mark T are cascaded, the symmetric key of a doctor is used for encryption, and then the encryption key K is used for encryptiondocUsing the public key PK of the patientpatAfter encryption, the data are sent to the patient together, namely:
Figure FDA0003163313140000012
(3) data storage with intercepted signatures: after receiving the medical data sent by the doctor, the data owner uses the private key SKpatEncryption key K for decrypting medical datadocThen, the original medical data M is decryptediSecond, verify the global signature deltaFullIf the correctness is correct, the data owner generates an intercepted signature and stores the intercepted signature and the ciphertext of the original data into the cloud end, and the steps are as follows:
(3a) for each sub-data M of the data MiCalculate hi=H(MiI | CEAS | | T | | | i), wherein i is more than or equal to 1 and less than or equal to 7;
(3b) from global signatures δFullTo obtain deltaiAnd verify
Figure FDA0003163313140000013
Whether or not the above-mentioned conditions are satisfied,
namely, it is
Figure FDA0003163313140000014
If signature deltaFullIf the verification is passed, executing the following steps, otherwise, returning to failure;
(3c) intercepting the signature of the corresponding subdata by the patient according to CEAS specified by the doctor and the will of the patient;
(3d) the data owner encrypts and stores the intercepted medical data and the corresponding intercepted signature into cloud storage;
(4) data publishing with improved DPOS consensus mechanism: after the patient stores the medical data in the cloud storage, the patient needs to store the metadata, the hash value and the signature in a federation blockchain, and sets access authority by using an intelligent contract, wherein the steps are as follows:
(4a) the patient adopts a unique IDpatRegistering and logging on a blockchain;
(4b) for the subdata number i e CI (M'), the patient uses his own private key SKpatFor MetadataiHash value of the original data hiAnd performing common digital signature with the timestamp t to obtain
Figure FDA0003163313140000021
(4c) Requesting to store the medical record in the blockchain, issuing a request:
Figure FDA0003163313140000022
(4d) the current value in the block chain network represents that the node receives the transaction request and is responsible for generating an effective block, and block consensus is carried out by using an improved DPOS (distributed DPOS consensus) mechanism;
(5) data sharing based on smart contracts: the data consumer submits an access request to the blockchainProviding its own public key, accessing object, accessing destination information, based on CP-ABE access control, using urlsiThe EMRs can be obtained, and the integrity and validity of the original data are verified through the hash value and the signature, and the process comprises the following steps:
(5a) CP-ABE access control;
(5b) medical data sharing in cloud storage;
(5c) data user verification signature deltaExtTo ensure the required raw medical data MiEffectiveness and integrity of;
if the intercepted signature passes verification, the fact that the original medical data are not tampered is indicated, the user can conduct access operation to obtain shared data, and if the verification does not pass, the user informs a cloud storage manager of the message to conduct processing.
2. The method for safe storage and sharing of blockchain-based electronic medical records according to claim 1, wherein in the step (3c), the patient intercepts the signature of the corresponding subdata according to the CEAS specified by the doctor and his/her will, and the steps are performed as follows:
(3c1) constructing a interception subset CI (M') according to the CEAS specified by the doctor;
(3c2) generating an intercepted sub data set M '{ M ═ according to the intercepted subset CI (M')i|i∈CI(M′)};
(3c3) For each i ∈ CI (M'), from δFullTo take out deltai
(3c4) Generating a truncated signature deltaExt=(CEAS||CI(M′)||T||δ1||δ2||…||δf) Wherein δiAnd (i ═ 1,2, …, f) is the signature of the corresponding child data in CI (M').
3. The method for safe storage and sharing of block chain-based electronic medical records according to claim 1, wherein the block consensus is performed by using a modified DPOS consensus mechanism in the step (4d), and the specific steps are as follows:
(4d1) when the value represents the node RPN, each transaction is verified, and all the collected effective numbers in the period of time are countedAccording to which it is integrated into a data set, denoted MsetAnd (2) attaching a digital signature of the node and a hash value of the new data block to form a new data block, and broadcasting the newly generated data block to other auditing nodes ATNs to be verified, wherein the process is specifically expressed as follows:
Figure FDA0003163313140000031
(4d2) after each ATN receives the data block, the validity and the correctness of the data block are verified through the block hash value and the digital signature information sent by the RPN, the auditing result of the data block is attached with the digital signature of the ATN, the data block is encrypted by the public key of the RPN and then is sent to the current value representing node as a return, and the process is specifically expressed as follows:
Figure FDA0003163313140000032
(4d3) the RPN checks the audit replies of all ATNs, if the number of tickets passing the audit exceeds 51%, the block is considered to be successfully generated, the RPN integrates the data block together with the public key set of the ATNs of the audit node and the corresponding digital signature and sends the integrated data block to all nodes, all the nodes update data, and then the data block is stored in a alliance chain in time sequence, the value represents that the nodes and the nodes participating in the audit all obtain the reward of credit points, and the process is specifically expressed as follows:
Figure FDA0003163313140000033
4. the method for secure storage and sharing of blockchain-based electronic medical records according to claim 1, wherein the specific steps of the block chain access right authentication in step (5a) are as follows:
(5a1) sharing access request: node N initiates a medical data sharing request to the blockchainTransaction Req, the request including its own public key PKNObject account IDpatData access destination obj, access content MiAnd time t information, when the node N identity is checked by the value node, the transaction information is recorded into the block chain after the verification is passed, and the process is specifically expressed as follows:
N→RPN:Req=(PKN||IDpat||obj||Mi||t),
note that: here MiM representing node N requesting access to patient onlyiData i 1,2, …, and if partial data is accessed, M is denotediIf the node wants to access all the data of the patient, the node is represented by M;
(5a2) executing an intelligent contract: the intelligent contract is automatically executed, whether preset access conditions of patients are met is judged according to the identity information of the node N, and if the preset access conditions are met, the patient ID for the intelligent contract is triggeredpatThe provided private key decrypts the metadata and returns to the ciphertext information that encrypted the metadata using the public key of node N:
Figure FDA0003163313140000041
(5a3) reading a data storage location: after receiving the ciphertext information, the node N decrypts the ciphertext information by using the private key thereof to obtain the MetadataiAnd extracting the storage location urls thereiniAnd cloud removing, storing and searching the required original data.
5. A safe storage and sharing system of block chain-based electronic medical record, which is realized according to any one of the safe storage and sharing methods of block chain-based electronic medical record of claims 1-4, and is characterized by comprising a data creator, a data owner, cloud storage, a block chain of alliances and a data user, wherein the data creator firstly sends the electronic medical record of a patient to the data owner; the data owner intercepts data according to an intercepting rule, encrypts the data and stores the encrypted data in the cloud; the data owner distributes the citation of the medical data stored in the cloud in the alliance block chain, and sets access authority by using an intelligent contract; after the data user obtains the access application of the alliance block chain, the data user obtains the data to be accessed after decrypting the data in the cloud storage;
the data creator is a medical institution or doctor, the data owner is a patient, and the data user is a doctor or medical institution or institute or other person desiring to obtain the data.
6. The blockchain-based electronic medical records secure storage and sharing system according to claim 5, wherein the federation blockchain is a control center of the entire model, wherein the certificate authority CA is responsible for issuing a certificate for each new user, the new user being either a data creator or a data owner, the certificate including an account ID, a public-private key pair (PK, SK), the data owner registering and logging on the federation blockchain with its own unique identity account; only references to data in cloud storage are reserved due to the limited storage capacity of the block chain of the federation; adopting an improved DPOS (distributed data processing system) consensus mechanism to perform block consensus, wherein a current value in an alliance block chain represents a node to receive a transaction request and is responsible for generating an effective block; setting access authority by using an intelligent contract; based on CP-ABE access control, data consumers want to utilize urlsiWhen EMRs are obtained, an access application is required to be submitted to a block chain of the alliance, the access application comprises a public key of the access application, an access object and target information, and the integrity and the validity of original data are verified through a hash value and a signature.
7. The blockchain-based electronic medical record secure storage and sharing system according to claim 5, wherein all references to medical record data on a federation blockchain will contain different timestamps and encryption keys.
CN201811034508.8A 2018-09-06 2018-09-06 Model and method for storing and sharing electronic medical record based on block chain Active CN109326337B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811034508.8A CN109326337B (en) 2018-09-06 2018-09-06 Model and method for storing and sharing electronic medical record based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811034508.8A CN109326337B (en) 2018-09-06 2018-09-06 Model and method for storing and sharing electronic medical record based on block chain

Publications (2)

Publication Number Publication Date
CN109326337A CN109326337A (en) 2019-02-12
CN109326337B true CN109326337B (en) 2021-09-03

Family

ID=65264739

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811034508.8A Active CN109326337B (en) 2018-09-06 2018-09-06 Model and method for storing and sharing electronic medical record based on block chain

Country Status (1)

Country Link
CN (1) CN109326337B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230090453A1 (en) * 2020-10-30 2023-03-23 KnowBe4, Inc. Systems and methods for determination of level of security to apply to a group before display of user data

Families Citing this family (122)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210375409A1 (en) * 2018-10-19 2021-12-02 Longenesis Ltd. Systems and methods for blockchain-based health data validation and access management
CN110022216B (en) * 2019-02-18 2022-02-01 西安链融科技有限公司 Efficient asynchronous Byzantine consensus method with low communication complexity and network communication platform
CN110010213A (en) * 2019-02-18 2019-07-12 深圳壹账通智能科技有限公司 Electronic health record storage method, system, device, equipment and readable storage medium storing program for executing
CN109743406A (en) * 2019-02-26 2019-05-10 北京工业大学 A kind of Internet of Things trust data service model based on block chain
CN109768987B (en) * 2019-02-26 2022-01-28 重庆邮电大学 Block chain-based data file safe and private storage and sharing method
CN109768867A (en) * 2019-03-08 2019-05-17 上海一健事信息科技有限公司 A method of the data access control based on block chain technology
CN109934012A (en) * 2019-03-20 2019-06-25 福建师范大学 Medical records secure storage access method based on block chain network
CN110049016B (en) * 2019-03-21 2022-02-18 深圳壹账通智能科技有限公司 Data query method, device, system, equipment and storage medium of block chain
EP3610383B1 (en) 2019-03-21 2021-07-07 Advanced New Technologies Co., Ltd. Data isolation in blockchain networks
CN109948367B (en) * 2019-03-27 2022-12-06 南京星链高科技发展有限公司 Medical data authorization method based on block chain technology
CN110071966B (en) * 2019-03-29 2022-01-04 广州中国科学院软件应用技术研究所 Block chain networking and data processing method based on cloud platform
SG11201908982QA (en) 2019-03-29 2019-10-30 Alibaba Group Holding Ltd Managing sensitive data elements in a blockchain network
CN110148475B (en) * 2019-04-03 2023-10-27 平安科技(深圳)有限公司 Medical information sharing method and device, readable storage medium and server
CN110059280A (en) * 2019-04-04 2019-07-26 中山大学 A kind of information issuing method based on block chain
WO2020206695A1 (en) * 2019-04-12 2020-10-15 Hangzhou Nuowei Information Technology Co., Ltd. System for decentralized ownership and secure sharing of personalized health data
CN110083604B (en) * 2019-04-17 2021-10-08 上海脆皮网络科技有限公司 Data right confirming method and device
CN111508575A (en) * 2019-04-19 2020-08-07 中国医学科学院阜外医院 Medical system integrating big data
CN110084071A (en) * 2019-04-24 2019-08-02 苏州国利岳康软件科技有限公司 Physical examination secure storage method of data based on block chain
CN110097935A (en) * 2019-04-24 2019-08-06 杭州宇链科技有限公司 A kind of medical rescue platform based on block chain
CN110233828B (en) * 2019-05-14 2022-01-04 深圳市科迈爱康科技有限公司 Mobile office method and device based on block chain
SG11202002166PA (en) * 2019-05-21 2020-04-29 Alibaba Group Holding Ltd Methods and devices for storing and processing electronic medical record on blockchain
CN110166476B (en) * 2019-05-30 2021-09-17 中国联合网络通信集团有限公司 Anti-brute force cracking method and device
CN110222518B (en) * 2019-05-30 2021-09-17 北京工业大学 Trusted authority access control method based on block chain
CN110299195B (en) * 2019-06-11 2023-05-30 中国矿业大学 Electronic medical record sharing system with privacy protection based on alliance chain and application method
CN110197084B (en) * 2019-06-12 2021-07-30 上海联息生物科技有限公司 Medical data joint learning system and method based on trusted computing and privacy protection
CN110400642A (en) * 2019-06-12 2019-11-01 梁胤豪 A kind of medical data shared system and design method based on block chain technology
CN110321721B (en) * 2019-07-02 2021-03-30 石家庄铁道大学 Block chain-based electronic medical record access control method
CN110489430B (en) * 2019-07-03 2020-07-17 特斯联(北京)科技有限公司 Tracing method and system based on data block signature and verification
CN110417750B (en) * 2019-07-09 2020-07-03 北京健网未来科技有限公司 Block chain technology-based file reading and storing method, terminal device and storage medium
CN110445840B (en) * 2019-07-09 2020-07-03 北京健网未来科技有限公司 File storage and reading method based on block chain technology
CN111863168A (en) * 2019-07-11 2020-10-30 中国医学科学院阜外医院 Hardware system with exchange protocol
CN111835762A (en) * 2019-07-11 2020-10-27 中国医学科学院阜外医院 Hardware system based on asymmetric key algorithm
CN110322940B (en) * 2019-07-15 2023-06-27 山东浪潮智慧医疗科技有限公司 Access authorization method and system for medical data sharing
CN110414203B (en) * 2019-07-26 2022-06-17 郑州大学 Internet medical identity authentication method based on block chain technology
CN110457958A (en) * 2019-08-22 2019-11-15 重庆华医康道科技有限公司 A kind of sharing method and its system of doctors and patients' Dynamic data exchange management based on block chain
US11126752B2 (en) * 2019-09-04 2021-09-21 Fresenius Medical Care Holdings, Inc. Authentication of medical device computing systems by using metadata signature
CN110602089B (en) * 2019-09-11 2021-08-10 腾讯科技(深圳)有限公司 Block chain-based medical data storage method, device, equipment and storage medium
CN110600096B (en) * 2019-09-16 2023-06-30 上海保险交易所股份有限公司 Medical data management method and system and computer storage medium
CN111049902B (en) * 2019-09-16 2021-08-13 腾讯科技(深圳)有限公司 Data storage method, device, storage medium and equipment based on block chain network
CN110598435B (en) * 2019-09-17 2021-11-19 上海保险交易所股份有限公司 Method, apparatus and readable medium for managing insurance agent history through blockchain
CN110808958A (en) * 2019-10-07 2020-02-18 复旦大学 Medicine separation management system based on CP-ABE and block chain
CN110797099B (en) * 2019-10-28 2022-06-17 河北北方学院 Medical data sharing method and system based on block chain
CN110727737B (en) * 2019-10-29 2022-10-18 南京邮电大学 Intelligent medical data storage method based on multilevel block chain system architecture
CN110781153B (en) * 2019-10-30 2020-08-04 中道新职坊科技发展有限公司 Cross-application information sharing method and system based on block chain
EP4070519A1 (en) * 2019-12-03 2022-10-12 Sony Group Corporation Method, computer program and data sharing system for sharing user-specific data of a user
CN111047295B (en) * 2019-12-13 2023-04-07 红云红河烟草(集团)有限责任公司 Data acquisition method for cigarette shred manufacturing process
CN110995751B (en) * 2019-12-18 2022-02-22 北京择天众康科技有限公司 Big data intelligent medical treatment and old age care service method and system based on block chain
CN111062721B (en) * 2019-12-31 2023-12-12 南京金宁汇科技有限公司 Signature method, system and storage medium applied to blockchain
CN113065951A (en) * 2020-01-02 2021-07-02 苏州同济区块链研究院有限公司 Transaction method, system, device, equipment and medium based on block chain
CN112541034A (en) * 2020-01-02 2021-03-23 北京融信数联科技有限公司 Government affair data sharing method based on alliance chain technology
CN111311257A (en) * 2020-01-20 2020-06-19 福州数据技术研究院有限公司 Medical data sharing excitation method and system based on block chain
CN111274273A (en) * 2020-01-22 2020-06-12 北京瑞卓喜投科技发展有限公司 Contract intelligent method and system and storage medium
CN111352999A (en) * 2020-03-06 2020-06-30 九次方大数据信息集团有限公司 National data circulation and data right confirming method and platform based on block chain
CN111461710B (en) * 2020-03-06 2023-06-23 重庆邮电大学 Distributed account book access control method based on alliance chain
CN113536388B (en) * 2020-04-16 2023-02-28 中移物联网有限公司 Data sharing method and system based on block chain
CN111682934B (en) * 2020-04-21 2023-08-01 国网天津市电力公司电力科学研究院 Method and system for storing, accessing and sharing comprehensive energy metering data
CN111599423B (en) * 2020-04-24 2023-03-21 广东职业技术学院 Block chain-based electronic medical record access method and system
CN111526200B (en) * 2020-04-27 2023-05-09 远光软件股份有限公司 Data storage access method and system based on blockchain and cloud platform
CN111581292B (en) * 2020-05-18 2023-12-15 中国工业互联网研究院 Industrial Internet data asset right-determining and trading method and platform
CN111832069B (en) * 2020-06-05 2023-08-29 广东科学技术职业学院 Multi-block chain on-chain data storage system and method based on cloud computing
CN111831743B (en) * 2020-06-05 2023-11-14 广东科学技术职业学院 Block chain data storage system and method based on cloud storage
CN111884805B (en) * 2020-06-24 2023-08-01 易联众信息技术股份有限公司 Data hosting method and system based on blockchain and distributed identity
CN111863165B (en) * 2020-06-28 2023-07-14 石家庄铁道大学 Medical information sharing authentication method based on block chain
CN111901302B (en) * 2020-06-28 2022-02-25 石家庄铁道大学 Medical information attribute encryption access control method based on block chain
CN111831662B (en) * 2020-07-24 2021-01-12 深圳市网通兴技术发展有限公司 Medical data information processing method and system
CN111966749B (en) * 2020-08-04 2021-08-17 中国科学院上海微系统与信息技术研究所 Data processing method and device, electronic equipment and storage medium
CN111967028B (en) * 2020-08-04 2021-05-25 中国科学院上海微系统与信息技术研究所 Data interaction system
CN111916173B (en) * 2020-08-07 2023-08-25 安徽师范大学 Medical data safety sharing system and method based on IPFS and alliance chain
CN111916172B (en) * 2020-08-07 2023-08-29 安徽师范大学 Medical data sharing system based on blockchain intelligent contract
CN112019348B (en) * 2020-08-26 2022-02-11 合肥工业大学 Smart phone cloud positioning method based on block chain privacy protection
CN112163191A (en) * 2020-09-15 2021-01-01 广东工业大学 Education resource sharing method and system based on national secret block chain
CN112530531B (en) * 2020-09-24 2023-11-21 扬州大学 Electronic medical record storage and sharing method based on double-block chain
CN111933292B (en) * 2020-09-27 2021-01-29 浙江杜比医疗科技有限公司 Block chain-based hospital body and medical data interaction method and storage medium
CN112349368A (en) * 2020-09-29 2021-02-09 福建西岸康健管理有限公司 Electronic health record authorization sharing and management system based on medical block chain
CN112261112B (en) * 2020-10-16 2023-04-18 华人运通(上海)云计算科技有限公司 Information sharing method, device and system, electronic equipment and storage medium
CN112181922B (en) * 2020-10-22 2023-10-03 中山大学 Block chain data sharing method, system, device and medium
CN112380543B (en) * 2020-10-23 2024-03-19 重庆大学 Electronic medical data privacy protection and safe sharing system based on blockchain
CN112447291B (en) * 2020-11-23 2023-03-28 四川大学华西医院 Block chain-based method for sharing hospital data
CN112149080B (en) * 2020-11-24 2021-03-12 国网江苏省电力有限公司苏州供电分公司 Authorization information verification system and method
CN112562811B (en) * 2020-12-15 2023-09-15 昆明理工大学 Block chain-based electronic medical data secure sharing method for thin clients
CN112565289B (en) * 2020-12-21 2022-06-24 北京航空航天大学 System and method for credible issuing and verifying of medical certificate based on block chain
WO2022134119A1 (en) * 2020-12-26 2022-06-30 西安科锐盛创新科技有限公司 Blockchain-based electronic medical record sharing method and electronic device
CN112560070B (en) * 2020-12-28 2024-03-22 杭州趣链科技有限公司 Data sharing method with auditing function
CN112635010B (en) * 2020-12-28 2023-07-07 扬州大学 Data storage and sharing method under edge computing based on double block chains
CN112559456B (en) * 2020-12-28 2022-07-05 杭州趣链科技有限公司 Data sharing method with privacy protection auditing and deleting functions
CN112733164B (en) * 2021-01-07 2023-12-08 中南大学 Case sharing method, system and private key storage medium based on blockchain
CN112735551B (en) * 2021-01-15 2023-01-31 山东科技大学 Medical record storage sharing model based on H-Algorand consensus mechanism and implementation method thereof
CN112766965B (en) * 2021-01-25 2022-09-02 天津理工大学 Privacy protection data sharing method based on intelligent contracts
CN112765640A (en) * 2021-01-29 2021-05-07 重庆卡歌科技有限公司 Data sharing method based on block chain technology
CN112927819A (en) * 2021-02-02 2021-06-08 杭州云嘉健康管理有限公司 5G cloud consulting room system
CN112908440A (en) * 2021-02-07 2021-06-04 深圳万海思数字医疗有限公司 Health management data sharing method and device and remote medical platform
CN112837776A (en) * 2021-03-05 2021-05-25 成都库珀区块链科技有限公司 Block chain data privacy security protection method based on prescription transfer platform
CN112951356B (en) * 2021-03-23 2023-03-31 电子科技大学 Cross-modal medical data joint sharing method based on alliance chain
CN113066563A (en) * 2021-04-02 2021-07-02 青岛科技大学 Credible medical bad information reporting processing system
CN112989111B (en) * 2021-04-20 2021-09-10 南京百伦斯智能科技有限公司 Video storage management method and system based on block chain
CN113539510A (en) * 2021-04-23 2021-10-22 江苏大学 Novel infectious disease discovery and management and control system based on intelligent contract
CN113268756A (en) * 2021-06-01 2021-08-17 上海交通大学医学院附属仁济医院 Patient sharing and quality control system based on block chain technology and human assisted reproduction technology
CN113507360B (en) * 2021-06-26 2024-01-09 暨南大学 System and method for exchanging and sharing technical big data based on blockchain
CN113468570A (en) * 2021-07-15 2021-10-01 湖北央中巨石信息技术有限公司 Private data sharing method based on intelligent contract
CN113689228A (en) * 2021-07-16 2021-11-23 杭州医康慧联科技股份有限公司 Integral data management method based on block chain
CN113570461A (en) * 2021-07-23 2021-10-29 北京芯安微电子技术有限公司 User data transaction system based on block chain
CN113538149B (en) * 2021-07-28 2024-02-27 浙江数秦科技有限公司 Multi-source data fusion platform based on block chain
CN113488128A (en) * 2021-07-28 2021-10-08 平安国际智慧城市科技股份有限公司 Block chain-based electronic medical record retrieval method and device and related equipment
CN113535663A (en) * 2021-08-09 2021-10-22 恒安嘉新(北京)科技股份公司 Data sharing processing method, device, equipment and medium based on block chain
CN113764060B (en) * 2021-09-09 2023-09-22 安徽师范大学 Medical data management system based on double-block chain and patient authorized medical record sharing method
CN113889208B (en) * 2021-09-17 2023-12-01 郑州轻工业大学 Block chain-based on-and-off-chain medical data sharing method, device and equipment
CN113645368A (en) * 2021-10-14 2021-11-12 深圳市云创精密医疗科技有限公司 Data image encryption processing method for high-precision medical treatment
CN113851203B (en) * 2021-12-01 2022-02-15 南京可信区块链与算法经济研究院有限公司 Neonate eye fundus screening collaborative learning method and system based on POS mechanism
CN113990429B (en) * 2021-12-29 2022-03-15 医典云(南京)数据科技有限公司 Electronic medical record data protection method and device
CN114726533B (en) * 2022-03-23 2023-12-01 扬州大学 Method for detecting and deleting redundant data in edge computing environment based on block chain
CN115277040B (en) * 2022-03-23 2024-03-08 山东新一代信息产业技术研究院有限公司 Medical health data storage and sharing method and system based on blockchain technology
CN114844675B (en) * 2022-03-31 2024-04-09 四川链向科技集团有限公司 Block chain data exchange method for Internet of things
CN115033912B (en) * 2022-04-20 2023-04-25 郑州轻工业大学 Medical data cross-equipment anonymous verification method, device and equipment based on blockchain
CN114565326B (en) * 2022-04-29 2022-08-30 深圳市誉兴通科技股份有限公司 Medicine management method and system based on Internet of things
CN114818010B (en) * 2022-06-23 2022-09-16 南京理工大学 Block chain medical record safe storage and sharing method based on double-chain structure
CN115297118B (en) * 2022-10-09 2023-01-31 北京航空航天大学杭州创新研究院 Data sharing method and data sharing system based on block chain
CN115440332B (en) * 2022-11-07 2023-02-10 南京邮电大学 Clinical test data storage and sharing method based on public chain and alliance chain
CN116978502A (en) * 2023-06-21 2023-10-31 中山大学肿瘤防治中心(中山大学附属肿瘤医院、中山大学肿瘤研究所) Blockchain-based paperless examination and approval method, system and storage medium for clinical trial
CN116506123B (en) * 2023-06-27 2023-09-15 广州信安数据有限公司 Multi-subject data community construction method, medium and system based on convention protocol
CN116644478B (en) * 2023-07-27 2024-03-26 深圳达实旗云健康科技有限公司 Medical data privacy protection method and device, electronic equipment and readable storage medium
CN116707835B (en) * 2023-08-09 2023-10-17 北京信创达科技有限公司 Method and system for realizing patient information interaction based on blockchain
CN117037988A (en) * 2023-08-22 2023-11-10 广州视景医疗软件有限公司 Electronic medical record storage method and device based on blockchain

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106603544A (en) * 2016-12-22 2017-04-26 中国科学技术大学 Data storage and cloud control method capable of lightweight auditing
CN106682530A (en) * 2017-01-10 2017-05-17 杭州电子科技大学 Method and device for medical information sharing privacy protection based on blockchain technology
CN107579979A (en) * 2017-09-07 2018-01-12 成都理工大学 The sharing query method of electronic health record based on block chain technology
CN108063752A (en) * 2017-11-02 2018-05-22 暨南大学 A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology
CN108462568A (en) * 2018-02-11 2018-08-28 西安电子科技大学 A kind of secure file storage and sharing method based on block chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106603544A (en) * 2016-12-22 2017-04-26 中国科学技术大学 Data storage and cloud control method capable of lightweight auditing
CN106682530A (en) * 2017-01-10 2017-05-17 杭州电子科技大学 Method and device for medical information sharing privacy protection based on blockchain technology
CN107579979A (en) * 2017-09-07 2018-01-12 成都理工大学 The sharing query method of electronic health record based on block chain technology
CN108063752A (en) * 2017-11-02 2018-05-22 暨南大学 A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology
CN108462568A (en) * 2018-02-11 2018-08-28 西安电子科技大学 A kind of secure file storage and sharing method based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于CES的电子病历签名系统研究与实现;王昌达;《计算机工程》;20100816;第1-5节 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230090453A1 (en) * 2020-10-30 2023-03-23 KnowBe4, Inc. Systems and methods for determination of level of security to apply to a group before display of user data

Also Published As

Publication number Publication date
CN109326337A (en) 2019-02-12

Similar Documents

Publication Publication Date Title
CN109326337B (en) Model and method for storing and sharing electronic medical record based on block chain
CN110321721B (en) Block chain-based electronic medical record access control method
Shi et al. Applications of blockchain in ensuring the security and privacy of electronic health record systems: A survey
Zhou et al. Med-PPPHIS: blockchain-based personal healthcare information system for national physique monitoring and scientific exercise guiding
Nagasubramanian et al. Securing e-health records using keyless signature infrastructure blockchain technology in the cloud
Guo et al. Secure attribute-based signature scheme with multiple authorities for blockchain in electronic health records systems
Yang et al. A blockchain-based approach to the secure sharing of healthcare data
CN111448565B (en) Data authorization based on decentralised identification
US7869591B1 (en) System and method for secure three-party communications
Ying et al. A lightweight policy preserving EHR sharing scheme in the cloud
CN109409100B (en) Information storage and sharing platform applied to medical data
CN110299195A (en) The electronic health record shared system and application method with secret protection based on alliance's chain
CN112530531A (en) Electronic medical record storage and sharing method based on double block chains
Razaque et al. Privacy preservation models for third-party auditor over cloud computing: A survey
US20230083642A1 (en) Methods and systems for managing user data privacy
Ghorbel et al. Accountable privacy preserving attribute-based access control for cloud services enforced using blockchain
Garg Decentralized transaction mechanism based on smart contracts
Ramesh et al. Blockchain based efficient tamper-proof EHR storage for decentralized cloud-assisted storage
Babu et al. MediBlocks: secure exchanging of electronic health records (EHRs) using trust-based blockchain network with privacy concerns
Ghayvat et al. Sharif: Solid pod-based secured healthcare information storage and exchange solution in internet of things
Srivastava et al. Attack resistant blockchain-based healthcare record system using modified RSA Algorithm
Liu et al. A fine‐grained medical data sharing scheme based on federated learning
Mittal et al. A novel two-level secure access control approach for blockchain platform in healthcare
Deng et al. Towards a cross‐context identity management framework in e‐health
CN115883214A (en) Electronic medical data sharing system and method based on alliance chain and CP-ABE

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant