CN110138792A - A kind of public health geodata goes privacy processing method and system - Google Patents

A kind of public health geodata goes privacy processing method and system Download PDF

Info

Publication number
CN110138792A
CN110138792A CN201910421196.4A CN201910421196A CN110138792A CN 110138792 A CN110138792 A CN 110138792A CN 201910421196 A CN201910421196 A CN 201910421196A CN 110138792 A CN110138792 A CN 110138792A
Authority
CN
China
Prior art keywords
server
geodata
public health
data
private data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910421196.4A
Other languages
Chinese (zh)
Other versions
CN110138792B (en
Inventor
付晨
夏天
范爱晶
孙靖
戚方圆
刘诚
魏礼君
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANGHAI DISEASE PREVENTION AND CONTROL CENTRE
Original Assignee
SHANGHAI DISEASE PREVENTION AND CONTROL CENTRE
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANGHAI DISEASE PREVENTION AND CONTROL CENTRE filed Critical SHANGHAI DISEASE PREVENTION AND CONTROL CENTRE
Priority to CN201910421196.4A priority Critical patent/CN110138792B/en
Publication of CN110138792A publication Critical patent/CN110138792A/en
Application granted granted Critical
Publication of CN110138792B publication Critical patent/CN110138792B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention provides a kind of public health geodatas to go privacy processing method and system, the following steps are included: login account information is sent to server-side after the first order encrypts, so that server-side decrypted authentication passes through, each user assigns corresponding operation permission according to the different of system actor;When needing typing public health geodata, public health geodata is filtered out into private data, and be classified to obtain different grades of private data according to preset classification rule;According to grade height respectively to private data second level encrypting and transmitting to server-side, the private data that can be decrypted correctly is saved by server-side;When needing to obtain public health geodata in server-side, by preset query condition by third level encrypting and transmitting to server-side, server-side obtains the querying condition after capable of being decrypted correctly, and feeds back public health geodata corresponding with querying condition.This technology advantage is to guarantee the safety of data using multi-layer formula cipher mode.

Description

A kind of public health geodata goes privacy processing method and system
Technical field
Privacy processing method is gone the present invention relates to field of communication technology more particularly to a kind of public health geodata and is System.
Background technique
Under the background of current big data, the protection of private data is particularly important in public health industry, and Disease Control and Prevention Center The particularity of business datum itself and social influence are larger, and data cover various diseases case or business information, just in case let out Reveal to the external world, it is possible to create various adverse effects, thus, data protection is most important.
Meanwhile Shanghai City Disease Control and Prevention Center started to build GIS shared platform in 2015, and the project passed through city in 2017 The examination of planning commission is defended, platform has summarized the data of Shanghai City disease control different business bar line so far.So in the base of shared platform On plinth, realize that private data guard is also extremely important, wherein realizing that the technology for going privacy to handle is the core that this patent needs to solve Heart technical problem.
Summary of the invention
For being let out in the prior art for the private data of various diseases case or business information in public health industry Leakage there are the problem of, a kind of mode being intended to be all made of the preservation and transmission of public health geodata encryption is now provided, And graded encryption preservation is carried out for private data, the user identity for obtaining private data is verified, can effectively guarantee public Hygienic geodata goes privacy processing method and system.
Specific technical solution is as follows:
A kind of public health geodata goes privacy processing method, wherein the following steps are included:
Step S1, login account information is sent to server-side after the first order encrypts, for server-side decryption Certification passes through, and each user assigns corresponding operation permission according to the different of system actor;
Step S2, when needing typing public health geodata, public health geodata is filtered out into private data, And it is classified according to preset classification rule to obtain different grades of private data;
Step S3, according to grade height respectively to private data second level encrypting and transmitting to the server-side, by The server-side saves the private data that can be decrypted correctly;
Step S4, when needing to obtain public health geodata in the client, by preset query condition by the For three-level encrypting and transmitting to server-side, the server-side obtains the querying condition after capable of being decrypted correctly, and feed back with it is described The corresponding public health geodata of querying condition.
Preferably, in the step S1, first level encryption method the following steps are included:
Step S11, encryption is carried out to the login account information using the first Encryption Algorithm and generates the first digest value, and will Encryption data and first digest value are sent to the server-side;
Step S12, the described server-side is decrypted the encryption data by the first Encryption Algorithm to generate second and pluck It is worth;
Step S13, first digest value is compared by the described server-side with second digest value, if comparison result Unanimously, then user identity authentication passes through;
If comparison result is inconsistent, refuse to log in the server-side.
Preferably, first Encryption Algorithm is md5 encryption algorithm.
Preferably, in the step S3, according to grade height respectively to private data second level encrypting and transmitting To the server-side, the private data that can be decrypted correctly is saved by the server-side the following steps are included:
Client is encrypted using the second Encryption Algorithm and the encryption different grades of private data of secret key pair, with shape At encryption data;
The encryption data is sent to server-side;
The server-side adds using described in decipherment algorithm corresponding with second Encryption Algorithm and the encryption secret key pair Ciphertext data is decrypted to judge whether decryption succeeds;
If successful decryption, the private data is saved;
If decryption failure, refuses to save the private data.
Preferably, second Encryption Algorithm is des encryption algorithm.
Preferably, the third Encryption Algorithm is des encryption algorithm.
Preferably, the grade of public health geodata division includes:
The first order, do not desensitize data;
The second level, desensitized data;
The third level, indifference data.
Preferably, the client provides two class store paths for the private data;
First kind store path does not desensitize data to store the first order;
Second class store path has desensitized data, third level indifference data to store the second level.
Preferably, the server-side division has multiple roles, and each role association obtains the privacy number of appropriate level According to operating right;
The role includes:
Audit group, system administration group and business information group.
It further include that a kind of public health geodata goes privacy processing system, wherein including;
Client, and the server-side being connect with the client;
Client is to be sent to server-side after the first order encrypts for login account information, for the server-side solution Close certification passes through, and each user assigns corresponding operation permission according to the different of system actor;
When needing typing public health geodata, the public health geodata filtered out by client hidden Private data, and be classified according to preset classification rule to obtain different grades of private data;
Client according to grade height respectively to private data second level encrypting and transmitting to the server-side, by institute Server-side is stated to save the private data that can be decrypted correctly;
When needing to obtain the public health geodata in the client, client passes through preset query condition For third level encrypting and transmitting to server-side, the server-side obtains the querying condition after capable of being decrypted correctly, and feedback and institute The corresponding public health geodata of querying condition is stated to client.
Above-mentioned technical proposal has the following advantages that or the utility model has the advantages that by the cipher mode of different levels, can be to public Hygienic geodata is classified and is realized safe preservation, while control user security accesses server-side, to guarantee privacy The safety of data private data in transmission process.
Detailed description of the invention
With reference to appended attached drawing, more fully to describe the embodiment of the present invention.However, appended attached drawing be merely to illustrate and It illustrates, and is not meant to limit the scope of the invention.
Fig. 1 is the flow chart that a kind of public health geodata of the present invention goes privacy processing method embodiment;
Fig. 2 is that a kind of public health geodata of the present invention is gone in privacy processing method embodiment, is added about to the first order The flow chart of decryption method;
Fig. 3 is the structural schematic diagram that a kind of public health geodata of the present invention goes privacy processing system embodiment.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, those of ordinary skill in the art without creative labor it is obtained it is all its His embodiment, shall fall within the protection scope of the present invention.
It should be noted that in the absence of conflict, the feature in embodiment and embodiment in the present invention can phase Mutually combination.
The present invention will be further explained below with reference to the attached drawings and specific examples, but not as the limitation of the invention.
The present invention includes that a kind of public health geodata goes privacy processing method.
As shown in Figure 1, a kind of public health geodata goes the embodiment of privacy processing method, wherein including following step It is rapid:
Step S1, login account information is sent to server-side after the first order encrypts, for server-side decrypted authentication Pass through, each user assigns corresponding operation permission according to the different of system actor;
As shown in Fig. 2, in step sl, the first level encryption method the following steps are included:
Step S11, encryption is carried out to the login account information using the first Encryption Algorithm and generates the first digest value, and will Encryption data and the first digest value are sent to the server-side;
Step S12, server-side is decrypted encryption data by the first Encryption Algorithm to generate the second digest value;
Step S13, the first digest value is compared by server-side with the second digest value, if comparison result is consistent, user Authentication passes through;
If comparison result is inconsistent, refuse login service end, above-mentioned first Encryption Algorithm is md5 encryption algorithm.
In above-mentioned technical proposal, client is saved in logging data, or by the public health geodata of typing Before, it requires to verify the identity information of user, it is to directly input use that the user identity of general use, which verifies mode, Family account information (user account and corresponding password), therefore data are sent in plain text during transmission has the Three obtains the account information of user, causes the private data of public health geodata to be leaked, passes through the account to user Information is encrypted the authenticity for being decrypted by server-side and can guaranteeing the user logged in.
Step S2, when needing typing public health geodata, public health geodata is filtered out into private data, And it is classified according to preset classification rule to obtain different grades of private data;
Step S3, according to grade height respectively to private data second level encrypting and transmitting to server-side, by server-side pair The private data that can be decrypted correctly is saved;
After client typing public health geodata, the private data of public health geodata is classified, It is divided into:
The first order, do not desensitize data;
The second level, desensitized data;
The third level, indifference data;
The private data of classification is saved, specifically client provides two class store paths for private data:
First kind store path, i.e., do not desensitize database, i.e., the above-mentioned server that do not desensitize does not take off to store the first order Quick data;
Second class store path, i.e. desensitization database, i.e., above-mentioned desensitization server have desensitized number to store the second level According to, third level indifference data.
In above-mentioned technical proposal, public health geodata, that is, data source will do it history precipitating, wherein public health Geodata mainly includes four major class, the data of data, health related factors tracking and control including disease surveillance and management, The data of the data of public health service and internal integrated management;
Frequently include privacy field in public health geodata, specific privacy field include name, gender, the age, ID card No., home address, phone, kinds of Diseases, date of birth, parent or relatives' name etc., this technology can be used certainly It is dynamic to identify privacy field to filter out private data;
This technology can automatic identification with name, gender, the age, ID card No., home address, phone, kinds of Diseases, The privacy field of date of birth, parent or relatives' name carry out secret protection.
Detailed process is as follows: when new typing public health geodata, if containing privacy information, this technology automatic identification is hidden Private field, confirmation need the field that encrypts, the public health geodata containing privacy field are marked, and store to not taking off It is saved on quick server;If markd public health geodata (containing privacy field), encrypts, then together by the second level Step judges whether encryption data can be decrypted correctly in the server that desensitized, if energy to the server that desensitized (as desensitization data) It is decrypted correctly, then stores markd public health geodata to the server that desensitized, conversely, if cannot be decrypted correctly, Error message is then returned to, and not storing data.Public health geodata without containing privacy field does unmarked processing, directly It is stored in desensitization server (as indifference data).
It should be noted that public health geodata is according to monitoring data and threshold value, (threshold rule is expertise, row Industry standard and history value) determined, data are transferred in desensitization database or the database that do not desensitize.
Such as:
If new typing public health geodata is free of private data, directly store to desensitization database;
It, can should after storing into the database that do not desensitize if new typing public health geodata contains private data Data are compared with threshold value:
(1) it if being less than threshold value, after going privacy to handle new typing public health geodata, stores to desensitization data Library;
(2) if being more than threshold value, new typing public health geodata is made into warning note, and be not yet stored into desensitization number According to library.
In above-mentioned technical proposal, after private data preservation, in step s3, the method packet that private data is encrypted Include following steps:
Client is encrypted using the second Encryption Algorithm and the encryption different grades of private data of secret key pair, with shape At encryption data;
The encryption data is sent to server-side;
The server-side adds using described in decipherment algorithm corresponding with second Encryption Algorithm and the encryption secret key pair Ciphertext data is decrypted to judge whether decryption succeeds;
If successful decryption, the private data is saved;
If decryption failure, refuses to save the private data.
In a kind of preferably embodiment, the second Encryption Algorithm is des encryption algorithm.
Step S4, when needing to obtain public health geodata in server-side, preset query condition is passed through into the third level For encrypting and transmitting to server-side, server-side obtains the querying condition after capable of being decrypted correctly, and feeds back public affairs corresponding with querying condition Health geodata altogether.
After private data is sent to server-side preservation, when the user of client needs from server-side with obtaining public health When managing the private data of data, safe acquisition is carried out in the following manner
Client encrypts querying condition using third Encryption Algorithm and has formed encryption number to the querying condition of generation According to;
Encryption data is sent to server-side;
Server-side use decipherment algorithm corresponding with third Encryption Algorithm and encryption secret key pair encryption data be decrypted with Judge whether decryption succeeds;
If successful decryption, private data corresponding with querying condition is returned;
If decryption failure, refuses the access of client.
Third Encryption Algorithm is des encryption algorithm.
The grade that the private data of public health geodata divides is divided into three-level, but the privacy of public health geodata The grade of data be not it is unalterable, real-time private data grade can be carried out according to threshold value and updated.
The setting rule of threshold value is configured according to expertise, professional standard, history average.Wherein, expert The highest priority of experience, professional standard such as " national public health emergency emergency preplan ", general office, the Ministry of Public Health is about print Notice, " the emerging public health thing of hair " national public health emergency relevant information reports management work specification (tentative) " The paraphrase (tentative) of part classification intension " etc., history average can be the history average of nearly 5 years (or 10 years), specific steps It is as follows:
First step expertise value: the expertise value (being denoted as Z) of user's input public health event;
Second step professional standard value: according to professional standard, professional standard value (being denoted as X) is taken;
Third step history average: system calculates nearly 5 years (or 10 years) monthly automatically, and (or season, time can voluntarily set Set) history average (being denoted as Y);
4th step compares professional standard value, history average and expertise value, confirms threshold value.System compares row automatically Industry standard value and history average are minimized as preliminary threshold.Preliminary threshold and expertise value are compared again, if waiting In expertise value, then threshold value is expertise value, if more than or less than expertise value, then pops up preliminary threshold and expert's warp The numerical value of value is tested, and marks and pays the utmost attention to expert's value, by the final numerical value of user's threshold value.
In public health geodata Input Process, first check whether new typing public health geodata is marked Private data then compares new typing public health geodata with threshold value if the data of secret protection need to be gone: if new Typing public health geodata is less than threshold value, then new typing public health geodata is never desensitized store in database to It desensitizes database (first carrying out secret protection to handle);If new typing public health geodata is greater than or equal to threshold value, no It stores to desensitization database.
If unmarked new typing public health geodata is secret protection, new typing public health geodata is deposited Storage extremely desensitization database.
In a kind of preferably embodiment, in step S1-S3, login account letter is sent to server-side by client Breath sends public health geodata, sends querying condition acquisition public health geodata to server-side;
In a kind of preferably embodiment, client provides two class store paths for private data;
First kind store path does not desensitize data to store the first order;
Second class store path has desensitized data, third level indifference data to store the second level.
Server-side division has multiple roles, and each role association obtains the operating right of the private data of appropriate level;
Role includes:
Audit group, system administration group and business information group;
Audit group is responsible for log audit, can only check log, can not check other any data;
System administration group is user right distribution, can not check other any data;
Business information group includes keyboarder, desensitization person, the person of desensitization,
Wherein keyboarder is responsible for typing public health geodata;
Desensitization person can check the data that desensitized, indifference data;
The person of desensitization can not check the data that do not desensitize, the data that desensitized, indifference data;
Keyboarder can be overlapped with desensitization person's permission, and keyboarder can be overlapped with the person's of desensitization permission.
For example, scholar of certain research case needs to obtain public health geodata case information after desensitization, so as into one Situations such as infection of step research patient is with interacting can pass through the user to system administration group application for desensitization person, the in this way use After the login system of family, the public health geodata case information of desensitization can be obtained.
Data be by authority acquiring, if user needs to obtain public health geodata, i.e., after logging in system by user, First determine whether user role is business information group, if it is not, then prompting user: " lack of competence checks data ", if so, exhibition Show the public health geodata under corresponding authority.
It further include that a kind of public health geodata goes privacy processing system in technical solution of the present invention.
As shown in figure 3, a kind of public health geodata goes the embodiment of privacy processing system, wherein including;
Client 2, and the server-side 1 being connect with client 2;
Client 2 after the first order encrypts to be sent to server-side 1 for login account information, for the solution of server-side 1 Close certification passes through, and each user assigns corresponding operation permission according to the different of system actor;
When needing typing public health geodata, public health geodata is filtered out by privacy by client 2 Data, and be classified according to preset classification rule to obtain different grades of private data;
Client 2 according to grade height respectively to private data second level encrypting and transmitting to server-side 1, by server-side 1 The private data that can be decrypted correctly is saved;
When needing to obtain public health geodata in server-side 1, preset query condition is passed through the third level by client 2 For encrypting and transmitting to server-side 1, server-side obtains the querying condition after capable of being decrypted correctly, and feeds back public affairs corresponding with querying condition Health geodata is total to client 2.
In above-mentioned technical proposal, when the user query of client (export, download or print) data, user's input is needed to look into Inquiry condition, querying condition needs are encrypted before being transferred to server-side, are being solved after server-side receives encryption data It is close, then query result is returned into client and is shown, the operation and method that wherein client and server-side execute correspond this Place repeats no more.
The foregoing is merely preferred embodiments of the present invention, are not intended to limit embodiments of the present invention and protection model It encloses, to those skilled in the art, should can appreciate that all with made by description of the invention and diagramatic content Equivalent replacement and obviously change obtained scheme, should all be included within the scope of the present invention.

Claims (10)

1. a kind of public health geodata goes privacy processing method, which comprises the following steps:
Step S1, login account information is sent to server-side after the first order encrypts, for the server-side decrypted authentication Pass through, each user assigns corresponding operation permission according to the different of system actor;
Step S2, when needing typing public health geodata, public health geodata is filtered out into private data, and press It is classified according to preset classification rule to obtain different grades of private data;
Step S3, according to grade height respectively to private data second level encrypting and transmitting to the server-side, by described Server-side saves the private data that can be decrypted correctly;
Step S4, when needing to obtain public health geodata in the client, preset query condition is passed through into the third level For encrypting and transmitting to server-side, the server-side obtains the querying condition after capable of being decrypted correctly, and feeds back and the inquiry The corresponding public health geodata of condition.
2. according to claim 1 go privacy processing method, which is characterized in that in the step S1, the first order adds Decryption method the following steps are included:
Step S11, encryption is carried out to the login account information using the first Encryption Algorithm and generates the first digest value, and will encryption Data and first digest value are sent to the server-side;
Step S12, the described server-side is decrypted the encryption data by the first Encryption Algorithm to generate the second digest value;
Step S13, first digest value is compared by the described server-side with second digest value, if comparison result one It causes, then user identity authentication passes through;
If comparison result is inconsistent, refuse to log in the server-side.
3. according to claim 2 go privacy processing method, which is characterized in that first Encryption Algorithm is md5 encryption Algorithm.
4. according to claim 1 go privacy processing method, which is characterized in that in the step S3, according to grade height It is low respectively to private data second level encrypting and transmitting to the server-side, by the server-side to the institute that can be decrypted correctly State private data saved the following steps are included:
Client is encrypted using the second Encryption Algorithm and the encryption different grades of private data of secret key pair, is added with being formed Ciphertext data;
The encryption data is sent to server-side;
The server-side encrypts number using described in decipherment algorithm corresponding with second Encryption Algorithm and the encryption secret key pair According to being decrypted to judge whether decryption succeeds;
If successful decryption, the private data is saved;
If decryption failure, refuses to save the private data.
5. according to claim 4 go privacy processing method, which is characterized in that second Encryption Algorithm is des encryption Algorithm.
6. according to claim 1 go privacy processing method, which is characterized in that the third Encryption Algorithm is des encryption Algorithm.
7. -6 any described going privacy processing method according to claim 1, which is characterized in that public health geodata divides Grade include:
The first order, do not desensitize data;
The second level, desensitized data;
The third level, indifference data.
8. according to claim 7 go privacy processing method, which is characterized in that the client is directed to the private data Two class store paths are provided;
First kind store path does not desensitize data to store the first order;
Second class store path has desensitized data, third level indifference data to store the second level.
9. according to claim 1 go privacy processing method, which is characterized in that the server-side division has multiple roles, Each role association obtains the operating right of the private data of appropriate level;
The role includes:
Audit group, system administration group and business information group.
10. a kind of public health geodata goes privacy processing system, which is characterized in that including;
Client, and the server-side being connect with the client;
Client is to be sent to server-side after the first order encrypts for login account information, so that server-side decryption is recognized Card passes through, and each user assigns corresponding operation permission according to the different of system actor;
When needing typing public health geodata, the public health geodata is filtered out by privacy number by client According to, and be classified according to preset classification rule to obtain different grades of private data;
Client according to grade height respectively to private data second level encrypting and transmitting to the server-side, by the clothes Business end saves the private data that can be decrypted correctly;
When needing to obtain the public health geodata in the client, preset query condition is passed through third by client For grade encrypting and transmitting to server-side, the server-side obtains the querying condition after capable of being decrypted correctly, and feeds back and look into described The corresponding public health geodata of inquiry condition is to client.
CN201910421196.4A 2019-05-21 2019-05-21 Public health geographic data privacy removal processing method and system Active CN110138792B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910421196.4A CN110138792B (en) 2019-05-21 2019-05-21 Public health geographic data privacy removal processing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910421196.4A CN110138792B (en) 2019-05-21 2019-05-21 Public health geographic data privacy removal processing method and system

Publications (2)

Publication Number Publication Date
CN110138792A true CN110138792A (en) 2019-08-16
CN110138792B CN110138792B (en) 2020-01-14

Family

ID=67571639

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910421196.4A Active CN110138792B (en) 2019-05-21 2019-05-21 Public health geographic data privacy removal processing method and system

Country Status (1)

Country Link
CN (1) CN110138792B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115189966A (en) * 2022-09-06 2022-10-14 江苏荣泽信息科技股份有限公司 Block chain private data encryption and decryption service system
DE202022107224U1 (en) 2022-12-23 2023-03-29 Jalawi Sulaiman Alshudukhi System for secure storage and transaction of health data in interconnected implanted medical devices and control servers

Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101561815A (en) * 2009-05-19 2009-10-21 华中科技大学 Distributed cryptograph full-text retrieval system
US20130036447A1 (en) * 2011-08-02 2013-02-07 Kenneth Martin Lassesen Attribution points for policy management
US20130167192A1 (en) * 2011-12-27 2013-06-27 Wellpoint, Inc. Method and system for data pattern matching, masking and removal of sensitive data
CN103220141A (en) * 2012-01-18 2013-07-24 中国移动通信集团辽宁有限公司 Sensitive data protecting method and system based on group key strategy
CN103997733A (en) * 2014-05-30 2014-08-20 李克 WiFi access resource sharing method and system
CN104182619A (en) * 2014-08-05 2014-12-03 上海市精神卫生中心 Intelligent terminal based system and method for realizing acquiring and processing of emotional characteristic parameters
CN104270465A (en) * 2014-10-23 2015-01-07 成都双奥阳科技有限公司 Cloud storage protection system
CN104866775A (en) * 2015-06-12 2015-08-26 四川友联信息技术有限公司 Bleaching method for financial data
CN105426445A (en) * 2015-11-06 2016-03-23 天津佳宁坤祥科技有限公司 Format-preserving data desensitization method
CN106228084A (en) * 2016-07-19 2016-12-14 北京同余科技有限公司 Data guard method that the sensitive field of based role dynamically adjusts and system
CN106407843A (en) * 2016-10-17 2017-02-15 深圳中兴网信科技有限公司 Data desensitization method and data desensitization device
CN108231147A (en) * 2017-12-29 2018-06-29 南京卫坤特信息技术有限公司 Generate the system and method for resident's Electronic Health Record
CN109033873A (en) * 2018-07-19 2018-12-18 四川长虹智慧健康科技有限公司 A kind of data desensitization method preventing privacy compromise
CN109740363A (en) * 2019-01-04 2019-05-10 贵州大学 Rating documents desensitization encryption method
CN109753811A (en) * 2018-12-28 2019-05-14 北京东方国信科技股份有限公司 A kind of data probe design method and device detecting sensitive information

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101561815A (en) * 2009-05-19 2009-10-21 华中科技大学 Distributed cryptograph full-text retrieval system
US20130036447A1 (en) * 2011-08-02 2013-02-07 Kenneth Martin Lassesen Attribution points for policy management
US20130167192A1 (en) * 2011-12-27 2013-06-27 Wellpoint, Inc. Method and system for data pattern matching, masking and removal of sensitive data
CN103220141A (en) * 2012-01-18 2013-07-24 中国移动通信集团辽宁有限公司 Sensitive data protecting method and system based on group key strategy
CN103997733A (en) * 2014-05-30 2014-08-20 李克 WiFi access resource sharing method and system
CN104182619A (en) * 2014-08-05 2014-12-03 上海市精神卫生中心 Intelligent terminal based system and method for realizing acquiring and processing of emotional characteristic parameters
CN104270465A (en) * 2014-10-23 2015-01-07 成都双奥阳科技有限公司 Cloud storage protection system
CN104866775A (en) * 2015-06-12 2015-08-26 四川友联信息技术有限公司 Bleaching method for financial data
CN105426445A (en) * 2015-11-06 2016-03-23 天津佳宁坤祥科技有限公司 Format-preserving data desensitization method
CN106228084A (en) * 2016-07-19 2016-12-14 北京同余科技有限公司 Data guard method that the sensitive field of based role dynamically adjusts and system
CN106407843A (en) * 2016-10-17 2017-02-15 深圳中兴网信科技有限公司 Data desensitization method and data desensitization device
CN108231147A (en) * 2017-12-29 2018-06-29 南京卫坤特信息技术有限公司 Generate the system and method for resident's Electronic Health Record
CN109033873A (en) * 2018-07-19 2018-12-18 四川长虹智慧健康科技有限公司 A kind of data desensitization method preventing privacy compromise
CN109753811A (en) * 2018-12-28 2019-05-14 北京东方国信科技股份有限公司 A kind of data probe design method and device detecting sensitive information
CN109740363A (en) * 2019-01-04 2019-05-10 贵州大学 Rating documents desensitization encryption method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115189966A (en) * 2022-09-06 2022-10-14 江苏荣泽信息科技股份有限公司 Block chain private data encryption and decryption service system
CN115189966B (en) * 2022-09-06 2022-12-06 江苏荣泽信息科技股份有限公司 Block chain private data encryption and decryption service system
DE202022107224U1 (en) 2022-12-23 2023-03-29 Jalawi Sulaiman Alshudukhi System for secure storage and transaction of health data in interconnected implanted medical devices and control servers

Also Published As

Publication number Publication date
CN110138792B (en) 2020-01-14

Similar Documents

Publication Publication Date Title
CN112863629B (en) Block chain-based medical electronic medical record distributed management system and preparation method thereof
US20180232526A1 (en) System and method for securely storing and sharing information
EP1099996B1 (en) Privacy data escrow system and method
CN109729168A (en) A kind of data share exchange system and method based on block chain
CN1833398B (en) Secure data parser method and system
CN111415163B (en) Block chain-based service processing and verifying method, system and verifying node
CN1295688A (en) Secure database manugement system for confidential records
US20180219836A1 (en) Distributed Data System
CN113094730A (en) Medical data safety management platform based on internet
CN106664198A (en) System and method for encryption key management, federation and distribution
CN103188105A (en) Safety enhancing system and method thereof of NAS equipment
WO2002006948A1 (en) Method for protecting the privacy, security, and integrity of sensitive data
CN106022159B (en) ERP data processing methods based on cloud computing
EP3185465A1 (en) A method for encrypting data and a method for decrypting data
US20050044366A1 (en) Method for making databases secure
CN110717197A (en) Credit investigation data sharing method based on block chain
CN110138792A (en) A kind of public health geodata goes privacy processing method and system
CN106326666A (en) Health record information management service system
CN106301791B (en) Method and system for realizing unified user authentication authorization based on big data platform
Hicks et al. Vams: Verifiable auditing of access to confidential data
US7689829B2 (en) Method for the encryption and decryption of data by various users
Kumari et al. A survey on big data security: Issues challenges and techniques
CN113555076A (en) Electronic medical record system based on superridger fabric (alliance chain)
CN106022584A (en) Resource management method for small enterprises
CN102789563A (en) Protecting system for information safety of website background program and protecting method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant