CN111865965A - Cloud electronic medical data encryption system - Google Patents
Cloud electronic medical data encryption system Download PDFInfo
- Publication number
- CN111865965A CN111865965A CN202010685571.9A CN202010685571A CN111865965A CN 111865965 A CN111865965 A CN 111865965A CN 202010685571 A CN202010685571 A CN 202010685571A CN 111865965 A CN111865965 A CN 111865965A
- Authority
- CN
- China
- Prior art keywords
- key
- computer terminal
- cloud
- pct
- medical data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 239000008186 active pharmaceutical agent Substances 0.000 claims abstract description 39
- 238000013475 authorization Methods 0.000 claims abstract description 17
- 238000004891 communication Methods 0.000 claims description 12
- 238000000034 method Methods 0.000 claims description 6
- 230000000295 complement effect Effects 0.000 claims description 3
- 125000004122 cyclic group Chemical group 0.000 claims description 3
- 125000000217 alkyl group Chemical group 0.000 claims 1
- 230000004048 modification Effects 0.000 abstract description 3
- 238000012986 modification Methods 0.000 abstract description 3
- 230000036541 health Effects 0.000 description 7
- 230000000694 effects Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000000926 separation method Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 201000010099 disease Diseases 0.000 description 1
- 208000037265 diseases, disorders, signs and symptoms Diseases 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Bioethics (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
- Medical Treatment And Welfare Office Work (AREA)
Abstract
The invention relates to the technical field of cloud electronic medical data encryption, and discloses a cloud electronic medical data encryption system, which comprises: cloud data server CDS running medical data encryption system softwareDSCloud authorization server CASKComputer terminal PCT for authorizing electronic medical data reading operationDOComputer terminal PCT for authorizing electronic medical data writing operationDMComputer terminal PCT for reading electronic medical dataDR(ii) a CDS stored in cloud data serverDSOnly the electronic medical data passes through the computer terminal PCT with the read operation authorityDMIs authorized to allow the computer terminal PCTDRUser u ofiDecrypt the ciphertext and cause storage at the cloud data server CDSDSThe electronic medical data only has a computer terminal PCT with writing operation authorityDMCan the modification be made. The invention solves the technical problem that the data authenticity cannot be ensured on the premise of ensuring the privacy of the cloud electronic medical data at present.
Description
Technical Field
The invention relates to the technical field of cloud electronic medical data encryption, in particular to a cloud electronic medical data encryption system.
Background
With the widespread use of cloud computing, it has become a trend to outsource Personal Health Record (PHR) data to third party service providers, with the patient then having full control over the authorization of access to the data. The main idea of the PHR service is that each patient can remotely modify and manage his own personal health information, thereby making the storage, retrieval and sharing of personal health data more efficient. To provide privacy protection, patients may have full control over access to their own Electronic Medical Record (EMR) data and share personal health information only with legitimate users. Generally, in order to better treat diseases and monitor health conditions, patients share personal health record information with their attending physicians, family members, and close friends.
Although the PHR service can exchange patient health information to benefit patients through a patient-centric model, the PHR system has an application drawback of allowing data owners to arbitrarily modify data, resulting in an inability to guarantee data authenticity.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides a cloud electronic medical data encryption system to solve the technical problem that the authenticity of data cannot be ensured on the premise of ensuring the privacy of cloud electronic medical data.
(II) technical scheme
In order to achieve the purpose, the invention provides the following technical scheme:
a cloud electronic medical data encryption system, comprising: cloud data server CDS running medical data encryption system softwareDSCloud authorization server CASKComputer terminal PCT for authorizing electronic medical data reading operationDOComputer terminal PCT for authorizing electronic medical data writing operationDMComputer terminal PCT for reading electronic medical dataDR;
Cloud authorization server CASKPCT respectively with computer terminalsDOAnd computer terminal PCTDMCarrying out communication connection; computer terminal PCTDOAnd computer terminal PCTDMCDS (uniform cloud data server)DSCarrying out communication connection; cloud data server CDSDSPCT with computer terminalDRCarrying out communication connection;
the encryption method of the medical data encryption system specifically comprises the following steps:
the method comprises the following steps: cloud authorization server CASKAnd (3) setting parameters: let n ═ pq, Φ (n) ═ p-1 (q-1), where p ≠ q is prime, select e, d, and satisfy ed ≡ 1mod Φ (n), public key PK ≡ e, n, and private key SK ≡ d, n;
cloud authorization server CASKRandom selection of ei1、ei2And e is ai1ei2E.g. Emod phi (n), ei1Sending to a computer terminal PCT DME is to bei2Sending to a cloud data server CDSDS;
Cloud authorization server CASKRandom selection of dj1、dj2And d isj1dj2D is equal to dmod phi (n)j1Sending to a computer terminal PCTDOD is mixingj2Sending to a cloud data server CDSDS;
Step two: computer terminal PCTDOAnd (3) setting parameters: let G and GTIs a cyclic group of order prime p, and G is the generator of G, H and HwIs {0, 1}*Hash function of → G, HeIs composed of
The hash function of (1);
computer terminal PCTDORandom selection
And kaGenerating a master key MK ═ { k ═ k }a,β,gαH, p, G, pβ,e(g,g)α,H,Hw,He};
Let U be { U ═ U1,…,unIs the user set, Λ ═ att1,…,attpGenerating a computer terminal PCT by taking the attribute as an attribute baseDRUser u ofiAttribute key of
Wherein,
selecting randomly;
computer terminal PCTDORandom selection
As a challenge key, and calculating a complementary key
Will be provided with
Sent to user uiWill be
And all attribute groups GiSending to a cloud data server CDSDS;
Step three: cloud data server CDSDSConstructing a KEK binary tree according to the attribute group information and giving a PCT (PCT) to the computer terminalDRUser u ofiDistribution path key PKt;
Computer terminal PCTDOSelecting
Computing
I(w)*=[R,HMACk(R)]Wherein k is He(I (w)), w represents a keyword, I (w))*Indexing the ciphertext;
computer terminal PCTDOReading key d for electronic medical data jEncrypting to obtain a read key djIs encrypted by the encryption key
Wherein the random selection is
Omega is a leaf node set;
cloud data server CDSDSFor reading secret key djCiphertext E ofABE(dj) Performing re-encryption operation, specifically comprising:
random selection
Calculating and outputting:
wherein E isK(M) denotes the encryption of the message M, KEK (G) using the symmetric key Ki) Representing an attribute group GiThe minimum coverage set of;
step four: computer terminal PCTDMRandom selection of a key k from a key spacexAs a symmetric key, the message M is encrypted by using a symmetric encryption algorithm E to obtain a ciphertext
Reuse of write key ei1Encrypting a symmetric key kxTo obtain a ciphertext
Finally, the message cipher text C is equal to (C)i1,Ci2) Sending to a cloud data server CDSDS;
Cloud data server CDSDSUsing the corresponding write key ei2For ciphertext Ci2Performing re-encryption operation to obtain
Step five: CDS (server CDS) of cloud dataDSReading key d using corresponding electronic medical dataj2For ciphertext
Carry out decryption to obtainTo ciphertext
Cipher text of message
Reading key ciphertext
And sending the Hdr to the computer terminal PCTDRUser u ofi;
Computer terminal PCTDRUser u ofiDecrypting Hdr to obtain attribute group key
Updating the attribute key is as follows:
computer terminal PCTDRUser u ofiDecrypting read key ciphertext
Obtaining a read key d j1Then decrypt the symmetric key
Further, the user uiThe search key is w*Using the inquiry key
Calculating trap door
Mixing Q (w)*) Sending to a cloud data server CDSDS。
Further, the CDS is the cloud data serverDSComputing
k′=He(Q*(w*) Carry out keyword search.
Further, the user uiUsing kxRecovering a message
(III) advantageous technical effects
Compared with the prior art, the invention has the following beneficial technical effects:
in the scheme of the invention, as a read-write permission separation mechanism is adopted, the CDS stored in the cloud data serverDSOnly the electronic medical data passes through the computer terminal PCT with the read operation authorityDMIs authorized to allow the computer terminal PCTDRUser u ofiDecrypt the ciphertext and cause storage at the cloud data server CDSDSThe electronic medical data only has a computer terminal PCT with writing operation authorityDMThe modification can be carried out, so that the technical problem that the authenticity of data cannot be guaranteed on the premise of ensuring the privacy of cloud electronic medical data at present is solved.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A cloud electronic medical data encryption system, comprising: cloud data server CDS running with medical data encryption system software and used for storing electronic medical data, responding to user requests and providing corresponding servicesDSCloud authorization server CAS running medical data encryption system software and used for distributing read and write keysKRunning medical data encryption system software and used for electronic medical treatmentComputer terminal PCT for authorizing data reading operationDOComputer terminal PCT running with medical data encryption system software and used for authorizing electronic medical data writing operationsDMComputer terminal PCT running with medical data encryption system software and used for reading electronic medical dataDR;
Cloud authorization server CASKPCT respectively connected with computer terminals on medical data encryption system through network communication equipmentDOAnd computer terminal PCTDMCarrying out communication connection;
computer terminal PCTDOAnd computer terminal PCTDMCDS (CDS) of all cloud data servers on medical data encryption system through network communication equipmentDSCarrying out communication connection;
cloud data server CDSDSPCT with computer terminal on medical data encryption system through network communication equipmentDRCarrying out communication connection;
The encryption method of the medical data encryption system specifically comprises the following steps:
the method comprises the following steps: cloud authorization server CASKAnd (3) setting parameters: let n ═ pq, Φ (n) ═ p-1 (q-1), where p ≠ q is prime, select e, d, and satisfy ed ≡ 1mod Φ (n), public key PK ≡ e, n, and private key SK ≡ d, n;
cloud authorization server CASKRandom selection of ei1、ei2And e is ai1ei2E.g. Emod phi (n), ei1Sending to a computer terminal PCTDME is to bei2Sending to a cloud data server CDSDS;
Cloud authorization server CASKRandom selection of dj1、dj2And d isj1dj2D is equal to dmod phi (n)j1Sending to a computer terminal PCTDOD is mixingj2Sending to a cloud data server CDSDS;
Step two: computer terminal PCTDOAnd (3) setting parameters: let G and GTIs a cyclic group of order prime p, and G is the generator of G, H and HwIs {0, 1}*→GHash function of HeIs composed of
The hash function of (1);
computer terminal PCTDORandom selection
And kaGenerating a master key MK ═ { k ═ k }a,β,gαH, p, G, pβ,e(g,g)α,H,Hw,He};
Let U be { U ═ U1,…,unIs the user set, Λ ═ att1,…,attpGenerating a computer terminal PCT by taking the attribute as an attribute baseDRUser u ofiAttribute key of
Wherein,
selecting randomly;
computer terminal PCTDORandom selection
As a challenge key, and calculating a complementary key
Will be provided with
Sending to a computer terminal PCT DRUser u ofiWill be
And all attribute groups GiSending to a cloud data server CDSDS;
Step three: cloud data server CDSDSConstructing a KEK binary tree according to the attribute group information and giving a PCT (PCT) to the computer terminalDRTo a useruiDistribution path key PKtWherein each user must be uniquely assigned a leaf node, i.e. leaf node and user u, when constructing the binary treeiThe identities are in one-to-one correspondence;
computer terminal PCTDOSelecting
Computing
I(w)*=[R,HMACk(R)]Wherein k is He(I (w)), w represents a keyword, I (w))*Indexing the ciphertext;
computer terminal PCTDOReading key d for electronic medical datajEncrypting to obtain a read key djIs encrypted by the encryption key
Wherein the random selection is
Omega is a leaf node set;
cloud data server CDSDSFor reading secret key djCiphertext E ofABE(dj) Performing re-encryption operation, specifically comprising:
random selection
Calculating and outputting:
wherein E isK(M) denotes the encryption of the message M, KEK (G) using the symmetric key Ki) Representing an attribute group GiThe minimum coverage set of;
step four: computer terminal PCTDMRandom selection of a key k from a key spacexAs a symmetric key, the message M is encrypted by using a symmetric encryption algorithm E to obtain a ciphertext
Reuse of write key ei1Encrypting a symmetric key kxTo obtain a ciphertext
Finally, the message cipher text C is equal to (C) i1,Ci2) Sending to a cloud data server CDSDS;
Cloud data server CDSDSUsing the corresponding write key ei2For ciphertext Ci2Performing re-encryption operation to obtain
Step five: when computer terminal PCTDRUser u ofiThe required search key is w*Using the inquiry key
Calculating trap door
Mixing Q (w)*) Sending to a cloud data server CDSDS;
Cloud data server CDSDSComputing
k′=He(Q*(w*) ) then perform a key search, if there is an index satisfying HMACk(R)=HMACk′(R), then the corresponding ciphertext is added to the search result;
cloud data server CDSDSReading key d using corresponding electronic medical dataj2For ciphertext
Decrypting to obtain ciphertext
Cipher text of message
Reading key ciphertext
And Hdr to user ui;
User uiDecrypting Hdr to obtain attribute group key
Updating the attribute key is as follows:
user uiDecrypting read key ciphertext
Obtaining a read key dj1Then decrypt the symmetric key
User uiUsing kxRecovering a message
Due to the adoption of a read-write permission separation mechanism, the CDS stored in the cloud data server is enabledDSOnly the electronic medical data passes through the computer terminal PCT with the read operation authorityDMIs authorized to allow the computer terminal PCTDRUser u ofiDecrypt the ciphertext and cause storage at the cloud data server CDS DSThe electronic medical data only has a computer terminal PCT with writing operation authorityDMCan be repairedAnd (5) changing.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (4)
1. A cloud electronic medical data encryption system, comprising: cloud data server CDS running medical data encryption system softwareDSCloud authorization server CASKComputer terminal PCT for authorizing electronic medical data reading operationDOComputer terminal PCT for authorizing electronic medical data writing operationDMComputer terminal PCT for reading electronic medical dataDR;
Cloud authorization server CASKPCT respectively with computer terminalsDOAnd computer terminal PCTDMCarrying out communication connection; computer terminal PCTDOAnd computer terminal PCTDMCDS (uniform cloud data server)DSCarrying out communication connection; cloud data server CDSDSPCT with computer terminalDRCarrying out communication connection;
the encryption method of the medical data encryption system specifically comprises the following steps:
The method comprises the following steps: cloud authorization server CASKAnd (3) setting parameters: let n ═ pq, Φ (n) ═ p-1 (q-1), where p ≠ q is prime, select e, d, and satisfy ed ≡ 1mod Φ (n), public key PK ≡ e, n, and private key SK ≡ d, n;
cloud authorization server CASKRandom selection of ei1、ei2And e is ai1ei2E mode phi (n), ei1Sending to a computer terminal PCTDME is to bei2Sending to a cloud data server CDSDS;
Cloud authorization server CASKRandom selection of dj1、dj2And d isj1dj2D mod φ (n), dj1Is sent to the meterComputer terminal PCTDOD is mixingj2Sending to a cloud data server CDSDS;
Step two: computer terminal PCTDOAnd (3) setting parameters: let G and GTIs a cyclic group of order prime p, and G is the generator of G, H and HwIs {0, 1}*Hash function of → G, HeIs composed of
The hash function of (1);
computer terminal PCTDOThe alpha is randomly selected and the alpha is randomly selected,
and kaGenerating a master key MK ═ { k ═ k }a,β,gαH, p, G, pβ,e(g,g)α,H,Hw,He};
Let U be { U ═ U1,…,unIs the user set, Λ ═ att1,…,attpGenerating a computer terminal PCT by taking the attribute as an attribute baseDRUser u ofiAttribute key of
Wherein, r is a linear or branched alkyl group,
selecting randomly;
computer terminal PCTDORandom selection
As a challenge key, and calculating a complementary key
Will be provided with
Sent to user uiWill be
And all attribute groups GiSending to a cloud data server CDS DS;
Step three: cloud data server CDSDSConstructing a KEK binary tree according to the attribute group information and giving a PCT (PCT) to the computer terminalDRUser u ofiDistribution path key PKt;
Computer terminal PCTDOSelecting
Computing
I(w)*=[R,HMACk(R)]Wherein k is He(I (w)), w represents a keyword, I (w))*Indexing the ciphertext;
computer terminal PCTDOReading key d for electronic medical datajEncrypting to obtain a read key djIs encrypted by the encryption key
Wherein the random selection is
Omega is a leaf node set;
cloud data server CDSDSFor reading secret key djCiphertext E ofABE(dj) Performing re-encryption operation, specifically comprising:
random selection
Calculating and outputting:
wherein E isK(M) denotes the encryption of the message M, KEK (G) using the symmetric key Ki) Representing an attribute group GiThe minimum coverage set of;
step four: computer terminal PCTDMRandom selection of a key k from a key spacexAs a symmetric key, the message M is encrypted by using a symmetric encryption algorithm E to obtain a ciphertext
Reuse of write key ei1Encrypting a symmetric key kxTo obtain a ciphertext
Finally, the message cipher text C is equal to (C)i1,Ci2) Sending to a cloud data server CDSDS;
Cloud data server CDSDSUsing the corresponding write key ei2For ciphertext Ci2Performing re-encryption operation to obtain
Step five: CDS (server CDS) of cloud dataDSReading key d using corresponding electronic medical data j2For ciphertext
Decrypting to obtain ciphertext
Cipher text of message
Reading key ciphertext
And Hdr sends to the meterComputer terminal PCTDRUser u ofi;
Computer terminal PCTDRUser u ofiDecrypting Hdr to obtain attribute group key
Updating the attribute key is as follows:
computer terminal PCTDRUser u ofiDecrypting read key ciphertext
Obtaining a read key dj1Then decrypt the symmetric key
2. The cloud electronic medical data encryption system of claim 1, wherein the user uiThe search key is w*Using the inquiry key
Calculating trap door
Mixing Q (w)*) Sending to a cloud data server CDSDS。
3. The cloud electronic medical data encryption system of claim 2 wherein the cloud data server CDSDSComputing
k′=He(Q*(w*) Carry out keyword search.
4. The cloud electronic medical data encryption system of claim 3, wherein the user uiUsing kxRecovering a message
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010685571.9A CN111865965A (en) | 2020-07-16 | 2020-07-16 | Cloud electronic medical data encryption system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010685571.9A CN111865965A (en) | 2020-07-16 | 2020-07-16 | Cloud electronic medical data encryption system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111865965A true CN111865965A (en) | 2020-10-30 |
Family
ID=72983570
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010685571.9A Pending CN111865965A (en) | 2020-07-16 | 2020-07-16 | Cloud electronic medical data encryption system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111865965A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120144210A1 (en) * | 2010-12-03 | 2012-06-07 | Yacov Yacobi | Attribute-based access-controlled data-storage system |
| CN103729603A (en) * | 2014-01-11 | 2014-04-16 | 西安电子科技大学昆山创新研究院 | Secure file management system and method capable of achieving read/write splitting |
| CN103731432A (en) * | 2014-01-11 | 2014-04-16 | 西安电子科技大学昆山创新研究院 | Multi-user supported searchable encryption system and method |
| CN104468615A (en) * | 2014-12-25 | 2015-03-25 | 西安电子科技大学 | Data sharing based file access and permission change control method |
| CN106055993A (en) * | 2016-08-13 | 2016-10-26 | 深圳市樊溪电子有限公司 | Encryption storage system for block chains and method for applying encryption storage system |
-
2020
- 2020-07-16 CN CN202010685571.9A patent/CN111865965A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120144210A1 (en) * | 2010-12-03 | 2012-06-07 | Yacov Yacobi | Attribute-based access-controlled data-storage system |
| CN103729603A (en) * | 2014-01-11 | 2014-04-16 | 西安电子科技大学昆山创新研究院 | Secure file management system and method capable of achieving read/write splitting |
| CN103731432A (en) * | 2014-01-11 | 2014-04-16 | 西安电子科技大学昆山创新研究院 | Multi-user supported searchable encryption system and method |
| CN104468615A (en) * | 2014-12-25 | 2015-03-25 | 西安电子科技大学 | Data sharing based file access and permission change control method |
| CN106055993A (en) * | 2016-08-13 | 2016-10-26 | 深圳市樊溪电子有限公司 | Encryption storage system for block chains and method for applying encryption storage system |
Non-Patent Citations (3)
| Title |
|---|
| 张馨月等: "加密云数据多级安全访问控制方案", 《小型微型计算机系统》 * |
| 王于丁等: "DACPCC:一种包含访问权限的云计算数据访问控制方案", 《电子学报》 * |
| 黄容: "基于属性加密的数据共享方案研究与设计", 《中国优秀硕士学位论文全文数据库(电子期刊)》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110099043B (en) | Multi-authorization-center access control method supporting policy hiding and cloud storage system | |
| Yu et al. | Achieving secure, scalable, and fine-grained data access control in cloud computing | |
| Miao et al. | Secure online/offline data sharing framework for cloud-assisted industrial Internet of Things | |
| CN114065265B (en) | Fine-grained cloud storage access control method, system and equipment based on blockchain technology | |
| Gao et al. | BSSPD: A Blockchain‐Based Security Sharing Scheme for Personal Data with Fine‐Grained Access Control | |
| CN115296817B (en) | Data access control method based on block chain technology and attribute encryption | |
| CN113411323B (en) | Medical record data access control system and method based on attribute encryption | |
| CN113645195B (en) | Cloud medical record ciphertext access control system and method based on CP-ABE and SM4 | |
| Gardiyawasam Pussewalage et al. | A distributed multi-authority attribute based encryption scheme for secure sharing of personal health records | |
| Xu et al. | A secure EMR sharing system with tamper resistance and expressive access control | |
| Fugkeaw | A lightweight policy update scheme for outsourced personal health records sharing | |
| CN117744120A (en) | Multi-user searchable encryption method and system | |
| Merdassi et al. | A new LTMA-ABE location and time access security control scheme for mobile cloud | |
| CN116996870A (en) | Traceable and revocable decentralised CP-ABE privacy protection method and system | |
| CN115694974A (en) | Ciphertext data sharing method and system based on collaborative searchable | |
| CN114124392B (en) | Data controlled circulation method, system, device and medium supporting access control | |
| CN111865965A (en) | Cloud electronic medical data encryption system | |
| CN110474873B (en) | Electronic file access control method and system based on knowledge range encryption | |
| CN113382067A (en) | Novel personal health record scheme based on attribute encryption | |
| Kuo et al. | Medical information digital right management on the information-centric networking | |
| Chuang et al. | An Efficient GDPR-Compliant Data Management for IoHT Applications | |
| CN117828568B (en) | Database auditing method, system, equipment and readable storage medium based on fine granularity access control | |
| Eswara Narayanan et al. | A highly secured and streamlined cloud collaborative editing scheme along with an efficient user revocation in cloud computing | |
| Ghoubach et al. | Efficient and secure data sharing with outsourced decryption and efficient revocation for cloud storage systems | |
| Peethambaran et al. | Cloud Based Access Control Model For Selective Encryption Of Documents With Traitor Detection |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201030 |
|
| RJ01 | Rejection of invention patent application after publication |