CN112434336A - Block chain-based electronic medical record sharing method, device and system and storage medium - Google Patents
Block chain-based electronic medical record sharing method, device and system and storage medium Download PDFInfo
- Publication number
- CN112434336A CN112434336A CN202011343451.7A CN202011343451A CN112434336A CN 112434336 A CN112434336 A CN 112434336A CN 202011343451 A CN202011343451 A CN 202011343451A CN 112434336 A CN112434336 A CN 112434336A
- Authority
- CN
- China
- Prior art keywords
- medical record
- ciphertext
- client
- new
- patient
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Medical Informatics (AREA)
- Epidemiology (AREA)
- Primary Health Care (AREA)
- Public Health (AREA)
- Databases & Information Systems (AREA)
- Medical Treatment And Welfare Office Work (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of block chains, and discloses a block chain-based electronic medical record sharing method, device, system and storage medium, wherein the method comprises the following steps: receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, and acquiring a medical record signature and a storage address in a alliance chain according to the hash value; if the medical record signature is matched with the patient public key, acquiring a medical record ciphertext according to the storage address, and re-encrypting the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext; decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining newly added medical record information based on the electronic medical record plaintext, and re-encrypting the newly added medical record information to obtain a new medical record ciphertext; and determining new medical record ciphertext information corresponding to the new medical record ciphertext, and sending the new medical record ciphertext information to the patient client. The invention realizes the high availability of the electronic medical record while ensuring the safety of the electronic medical record.
Description
Technical Field
The present invention relates to the field of blockchain technologies, and in particular, to a method, an apparatus, a system, and a storage medium for sharing an electronic medical record based on a blockchain.
Background
With the development of cloud computing and block chain technology, the requirement of traditional application informatization and digitization transformation is urgent, for example, medical records are electronized to obtain corresponding electronic medical records, and the electronic medical records are mainly maintained by the own information management systems of all medical institutions, but safe and effective data sharing cannot be performed among all medical institutions. Therefore, how to improve the high availability of the electronic medical record while ensuring the safety of the electronic medical record becomes a problem which needs to be solved urgently at present.
Disclosure of Invention
The invention mainly aims to provide a block chain-based electronic medical record sharing method, device, system and storage medium, and aims to solve the technical problem of improving the high availability of an electronic medical record while ensuring the safety of the electronic medical record.
In order to achieve the above object, the present invention provides an electronic medical record sharing method based on a block chain, which is applied to an organization client, and the electronic medical record sharing method based on the block chain comprises the following steps:
receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, and acquiring a medical record signature and a storage address in an alliance chain connected with the mechanism client according to the hash value;
if the medical record signature is matched with the patient public key corresponding to the authorization key, acquiring a medical record ciphertext according to the storage address, and re-encrypting the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext;
decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining newly added medical record information based on the electronic medical record plaintext, and re-encrypting the newly added medical record information to obtain a new medical record ciphertext;
and determining new medical record ciphertext information corresponding to the new medical record ciphertext, and sending the new medical record ciphertext information to the patient client.
Optionally, the step of determining new medical record ciphertext information corresponding to the new medical record ciphertext includes:
and uploading the new medical record ciphertext to a cloud platform connected with the mechanism client to determine a new storage address of the new medical record ciphertext, performing hash signature on the new medical record ciphertext, and taking the new storage address and the hash signature as new medical record ciphertext information.
Optionally, the step of re-encrypting the medical record ciphertext and the authorization key to obtain a re-encrypted ciphertext includes:
and determining a preset encryption function, and calculating by taking the medical record ciphertext and the authorization key as the input of the encryption function to obtain a re-encrypted ciphertext.
Optionally, the step of decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain a plaintext of the electronic medical record includes:
and determining a decryption function corresponding to the encryption function, and calculating by taking a private key of the mechanism client and the re-encrypted ciphertext as the input of the decryption function to obtain the plaintext of the electronic medical record.
In order to achieve the above object, the present invention provides an electronic medical record sharing method based on a blockchain, which is applied to a patient client, and the electronic medical record sharing method based on the blockchain comprises the following steps:
generating an authorization key based on the query request sent by the mechanism client, determining a medical record ciphertext corresponding to the query request, and sending the hash value of the medical record ciphertext and the authorization key to the mechanism client;
receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, and detecting whether the new medical record ciphertext information is legal or not;
and if the new medical record ciphertext information is legal, signing the new medical record ciphertext information, and uploading the signed new medical record ciphertext information to an alliance chain connected with the patient client.
Optionally, the step of generating an authorization key based on the query request sent by the client of the institution includes:
acquiring an institution client public key of the institution client based on a query request sent by the institution client, and determining a patient client private key of the patient client;
and encrypting the public key of the institution client and the private key of the patient client, and taking the encrypted public key of the institution client and the encrypted private key of the patient client as authorization keys.
In addition, to achieve the above object, the present invention further provides an electronic medical record sharing device based on a block chain, including:
the acquisition module is used for receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, and acquiring a medical record signature and a storage address in an alliance chain connected with an organization client according to the hash value;
the re-encryption module is used for acquiring a medical record ciphertext according to the storage address and re-encrypting the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext if the medical record signature is matched with the patient public key corresponding to the authorization key;
the decryption module is used for decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining newly added medical record information based on the electronic medical record plaintext, and re-encrypting the newly added medical record information to obtain a new medical record ciphertext;
and the sending module is used for determining new medical record ciphertext information corresponding to the new medical record ciphertext and sending the new medical record ciphertext information to the patient client.
In addition, to achieve the above object, the present invention further provides an electronic medical record sharing device based on a block chain, including:
the determining module is used for generating an authorization key based on the query request sent by the mechanism client, determining a medical record ciphertext corresponding to the query request, and sending the hash value of the medical record ciphertext and the authorization key to the mechanism client;
the detection module is used for receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key and detecting whether the new medical record ciphertext information is legal or not;
and the signature module is used for signing the new medical record ciphertext information if the new medical record ciphertext information is legal and uploading the signed new medical record ciphertext information to an alliance chain connected with the patient client.
In addition, in order to achieve the above object, the present invention further provides an electronic medical record sharing system based on a blockchain, where the electronic medical record sharing system based on a blockchain includes a patient client, an institution client, a federation chain and a cloud platform, and the electronic medical record sharing system based on a blockchain includes:
the mechanism client side sends a query request to the patient client side, the patient client side generates an authorization key based on the query request sent by the mechanism client side, determines a medical record ciphertext corresponding to the query request, and sends a hash value of the medical record ciphertext and the authorization key to the mechanism client side;
the mechanism client receives a hash value and an authorization key of a medical record ciphertext sent by the patient client, and acquires a medical record signature and a storage address in the alliance chain connected with the mechanism client according to the hash value;
when the medical record signature is matched with the patient public key corresponding to the authorization key, the mechanism client acquires a medical record ciphertext according to the storage address, re-encrypts the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext, decrypts the re-encrypted ciphertext according to a private key of the mechanism client to acquire an electronic medical record plaintext, acquires newly-added medical record information based on the electronic medical record plaintext, and re-encrypts the newly-added medical record information to acquire a new medical record ciphertext;
the mechanism client side sends the new medical record ciphertext to the cloud platform, the cloud platform stores the received new medical record ciphertext and sends the stored new storage address to the mechanism client side, and therefore the mechanism client side can determine new medical record ciphertext information according to the new storage address;
and the mechanism client sends the new medical record ciphertext information to the patient client, and the patient client receives the new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, signs the new medical record ciphertext information when the new medical record ciphertext information is legal, and uploads the signed new medical record ciphertext information to an alliance chain connected with the patient client.
In addition, in order to achieve the above object, the present invention further provides a storage medium, where the storage medium stores an electronic medical record sharing program based on a block chain, and the electronic medical record sharing program based on the block chain, when executed by a processor, implements the steps of the electronic medical record sharing method based on the block chain as described above.
The invention obtains the medical record signature and the storage address according to the hash value sent by the patient client through the mechanism client, obtains the medical record ciphertext according to the storage address when the medical record signature is matched with the patient public key, then re-encrypts the authorization key and the medical record ciphertext sent by the patient client, then decrypts according to the private key of the mechanism client to obtain the electronic medical record plaintext, determines the new medical record ciphertext of the newly added medical record information according to the electronic medical record plaintext, and sends the new medical record ciphertext information corresponding to the new medical record ciphertext to the patient client, thereby avoiding the phenomenon that the node load of the alliance chain is large in the prior art and the usability of the electronic medical record is limited, and by uploading the important information to the block chain without uploading the whole electronic medical record to the alliance chain, thereby ensuring the authenticity and traceability of the data in the electronic medical record, realizing the safety of the electronic medical record is ensured, the high availability of the electronic medical record is improved.
Drawings
FIG. 1 is a block chain-based electronic medical record sharing device in a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a first embodiment of a method for sharing electronic medical records based on a blockchain according to the present invention;
FIG. 3 is a flowchart illustrating a third embodiment of a method for sharing electronic medical records based on a blockchain according to the present invention;
FIG. 4 is a block diagram of an apparatus module of the electronic medical record sharing apparatus according to the present invention;
FIG. 5 is a block diagram of another apparatus module of the electronic medical record sharing apparatus based on the blockchain according to the present invention;
fig. 6 is a schematic diagram of a system architecture of the electronic medical record sharing system based on the blockchain according to the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
As shown in fig. 1, fig. 1 is a schematic structural diagram of an electronic medical record sharing device based on a block chain in a hardware operating environment according to an embodiment of the present invention.
The electronic medical record sharing equipment based on the block chain can be a PC (personal computer) or server equipment, and a Java virtual machine runs on the electronic medical record sharing equipment.
As shown in fig. 1, the block chain-based electronic medical record sharing device may include: a processor 1001, such as a CPU, a network interface 1004, a user interface 1003, a memory 1005, a communication bus 1002. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1005 may be a high-speed RAM memory or a non-volatile memory (e.g., a magnetic disk memory). The memory 1005 may alternatively be a storage device separate from the processor 1001.
Those skilled in the art will appreciate that the blockchain-based electronic medical record sharing device architecture shown in fig. 1 does not constitute a limitation of the device, and may include more or less components than those shown, or combine some components, or arrange different components.
As shown in fig. 1, the memory 1005, which is a type of computer storage medium, can include an operating system, a network communication module, a user interface module, and a blockchain-based electronic medical record sharing program.
In the block chain-based electronic medical record sharing device shown in fig. 1, the network interface 1004 is mainly used for connecting to a background server and communicating data with the background server; the user interface 1003 is mainly used for connecting a client (user side) and performing data communication with the client; and the processor 1001 may be configured to call the blockchain-based electronic medical record sharing program stored in the memory 1005 and perform the following operations in the blockchain-based electronic medical record sharing method.
Based on the hardware structure, the embodiment of the electronic medical record sharing method based on the block chain is provided.
Referring to fig. 2 and fig. 2 are schematic flow diagrams illustrating a first embodiment of a block chain-based electronic medical record sharing method according to the present invention, where the block chain-based electronic medical record sharing method is applied to an organization client, and includes:
step S10, receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, and acquiring a medical record signature and a storage address in a alliance chain connected with the mechanism client according to the hash value;
at present, because the existing electronic medical record sharing scheme is a medical data security sharing method based on a block chain, the availability of the electronic medical record is easily limited, and the electronic medical record information is directly stored in the block, and each transaction in the block chain contains complete electronic medical record information, when the block chain is identified, network congestion is easily caused, so that the system is unavailable, the application range of the electronic medical record is limited, and the medical record information is directly stored in the block chain, so that the storage cost of consuming block chain nodes is increased, and the availability of the electronic medical record is limited. Therefore, in order to avoid the above problem, in this embodiment, a plurality of medical institutions may first form a federation chain, and only the hash of the electronic medical record, the signatures of the patient and the medical institution (i.e., the institution client), and the cloud platform storage address of the encrypted electronic medical record are recorded in the federation chain, where the federation chain is used to ensure the authenticity and traceability of each record. The electronic medical record information of the patient is encrypted by each mechanism by using the public key of the patient and is stored on the cloud platform, and different mechanisms can adopt different cloud platforms. In addition, in the embodiment, the alliance link is combined with a cloud storage technology, and necessary information is linked up, so that the system has extremely high availability while authenticity and traceability of electronic medical record data are guaranteed. And the electronic medical record of the patient can be encrypted by using a public key of the patient client, and the mechanism client of the medical mechanism can check the medical record information only under the condition of patient authorization, so that fine-grained control of private data is realized. Wherein the institution client is a client used by a medical institution. The patient client is the client used by the patient. The blockchain comprises a federation chain.
Therefore, in this embodiment, when a medical institution treats a patient, an inquiry request may be sent to a patient client through an institution client, and the patient client may determine the hash value of the medical record ciphertext according to the inquiry request, construct an authorization key in a re-encryption manner, and then send the authorization key to the institution client. And after receiving the hash value and the authorization key of the medical record ciphertext sent by the patient client, the mechanism client can directly acquire the medical record signature and the storage address of the electronic medical record in the cloud platform in the alliance chain connected with the mechanism client. That is, when a patient goes to an institution to see a doctor, the institution needs to check some historical medical record information of the patient, and the patient generates an authorization key sk for the institution through a patient clientp→hThen, the hash of the ciphertext of the medical record to be shared and the newly generated authorization key sk are combinedauAnd sending the data to the client of the institution. The mechanism queries on the alliance chain as key (byte) according to the hash received by the mechanism client to obtain a character string Sig (sk) with the following formatp,hash)||Sig(skhHash) | | url, where | | | is a string concatenation match. Wherein, in the embodiment, the patient public and private key (sk)p,pkp) Public and private keys of medical institution (sk)h,pkh) Patient authorized institution Key skp→hThe signature s is Sig (sk, hash), the encryption c1 is Enc (pk, m), and the re-encryption c2 is Renc (sk)p→hC1), decryption m ═ Dec (sk, c 2).
Step S20, if the medical record signature is matched with the patient public key corresponding to the authorization key, acquiring a medical record ciphertext according to the storage address, and re-encrypting the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext;
after the medical record signature and the storage address are obtained in the institution client, the public key in the medical record signature can be obtained first, and then the public key in the medical record signature and the patient public key corresponding to the authorization key can be obtainedAnd (6) matching. Wherein, the public key of the patient is the public key of the node where the patient client is located. And if the public key in the medical record signature is not matched with the patient public key, stopping the operation of acquiring the medical record ciphertext and outputting prompt information of medical record signature error. If the public key in the medical record signature is matched with the patient public key, the medical record ciphertext can be obtained according to the storage address. I.e. the authority client, according to the signature Sig (sk)pHash) recovery public key pkpAnd comparing the data with the public key corresponding to the patient to judge that the data really belongs to the patient, and downloading encrypted medical record information c1, namely medical record ciphertext in the cloud platform according to the storage address if the data passes verification. Then, the encrypted medical record information c1 (i.e. medical record ciphertext) and the authorization key sk are processedp→hRe-encrypting to obtain re-encrypted ciphertext Renc (sk)p→hC1) to obtain re-encrypted ciphertext c 2.
The agent re-encryption is a re-encrypted ciphertext which can be decrypted by an appointed receiver after the authorization of a data owner under the condition that an original ciphertext is not decrypted. Proxy re-encryption mainly consists of three participating proxies, a sender (i.e., a patient client) and a receiver (i.e., an institution client). The process of proxy re-encryption can be that a user can select different control granularities according to different data types and randomly select a symmetric key for each sharable data unit; the user encrypts data by using the symmetric key, encrypts the symmetric key by using the public key of the user, and then organizes a data ciphertext and a key ciphertext together to send to the agent party; when a user initiatively initiates a sharing request or receives a sharing request of a third party, an authorization key is generated for data needing to be shared by using a private key of the user and a public key of a receiving party, and then the key is sent to an agent party; after receiving the key, the agent side generates a re-encrypted ciphertext for the specified data and sends the ciphertext to a specified receiver; the receiving party decrypts the received ciphertext using its own private key.
In addition, in the proxy re-encryption scenario, although the data owner delegates the physical control right of the data to the proxy, since the proxy stores the ciphertext and does not need to decrypt the data during sharing, the confidentiality of the user data can still be ensured even if the proxy wants to steal the user data or intentionally and unintentionally leak the stored data.
Step S30, decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining newly added medical record information based on the electronic medical record plaintext, and re-encrypting the newly added medical record information to obtain a new medical record ciphertext;
after the mechanism client side obtains the re-encrypted ciphertext c2, the re-encrypted ciphertext can be decrypted according to a private key of the mechanism client side to obtain an electronic medical record plaintext. Namely computing Dec (sk)hAnd c2) obtaining the plaintext m of the electronic medical record. And the medical institution corresponding to the institution client acquires the electronic medical record plaintext m, treats the patient client according to the electronic medical record plaintext m, and uses the public key pk of the patient to the new increment medical record information m' of the patient by the institution client after the patient finishes the treatmentpComputing Enc (pk) by proxy re-encryption algorithmpM ') to obtain a new medical record ciphertext c1', namely, re-encrypting the information of the newly added medical record to obtain the re-encrypted new medical record ciphertext. In the re-encryption system, each user has a pair of public and private keys, the public key is used for encryption, and the private key is used for decryption, for example, if the patient client has a ciphertext C1 encrypted by its own public key, and wants to share the data of the ciphertext C1 to the institution client, the patient client may calculate an authorization key sk by using its own private key and the public key of the institution client based on a re-encryption key generation algorithm of proxy re-encryption first, the authorization key sk does not reveal its own private key of the patient client, then the patient client sends the authorization key sk and the ciphertext C1 to the institution client, the institution client generates a re-encryption ciphertext C2 based on the re-encryption algorithm of proxy encryption, and decrypts C2 by using the private key of the institution client, so as to obtain the data shared by the patient client.
And step S40, determining new medical record ciphertext information corresponding to the new medical record ciphertext, and sending the new medical record ciphertext information to the patient client.
Obtaining new data at an organization clientAfter the medical record ciphertext, the new medical record ciphertext can be uploaded to the cloud platform to be stored, and a new storage address (namely, a storage position of the new medical record ciphertext in the cloud platform) for storing the new medical record ciphertext, which is fed back by the cloud platform, is received. Then, the mechanism client signs the new medical record ciphertext piece in a Hash mode to obtain the hash' of the new medical record ciphertext and the signature Sig (sk) of the hashhHash') and sends it to the patient client as the new medical record ciphertext information. The patient client can verify the legality of the signature (namely, the Hash signature) in the ciphertext of the new medical record, and if the received information is illegal, the illegal operation of the organization can be fed back to the supervision organization; if the patient client selects to uplink the new medical record ciphertext information, the signature Sig (sk) is carried out on the received hashpHash ') and take hash' as key, Sig (sk)p,hash')||Sig(skhHash ') is stored in the federation chain as value, and hash' is stored in the hash list of the client. And when medical disputes occur, the arbitrator can determine the responsibility main body according to the records on the alliance chain.
In the embodiment, the re-encryption part of the ciphertext is not completed by the agent side, namely the cloud platform, but is directly executed by the client of the organization. Therefore, a safe and high-availability electronic medical record system can be directly and quickly built on the basis of the existing cloud storage system and the existing alliance chain platform without any adaptation of the cloud storage platform.
In the embodiment, by receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, a medical record signature and a storage address are acquired in a alliance chain connected with the mechanism client according to the hash value; if the medical record signature is matched with the patient public key corresponding to the authorization key, acquiring a medical record ciphertext according to the storage address, and re-encrypting the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext; decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining newly added medical record information based on the electronic medical record plaintext, and re-encrypting the newly added medical record information to obtain a new medical record ciphertext; and determining new medical record ciphertext information corresponding to the new medical record ciphertext, and sending the new medical record ciphertext information to the patient client. The medical record signature and the storage address are obtained through the mechanism client according to the hash value sent by the patient client, when the medical record signature is matched with the public key of the patient, the medical record ciphertext is obtained according to the storage address, the authorization key and the medical record ciphertext sent by the patient client are re-encrypted, the decryption is carried out according to the private key of the mechanism client, the electronic medical record plaintext is obtained, the new medical record ciphertext of the newly added medical record information is determined according to the electronic medical record plaintext, and the new medical record ciphertext information corresponding to the new medical record ciphertext is sent to the patient client, so that the phenomenon that the node load of a federation chain in the prior art is large, the usability of the electronic medical record is limited is avoided, the important information is uploaded to the block chain, the whole electronic medical record is not required to be uploaded to the federation chain, the authenticity and traceability of data in the electronic medical record are guaranteed, the safety of the electronic medical record is guaranteed, the high availability of the electronic medical record is improved.
Further, based on the first embodiment of the block chain-based electronic medical record sharing method of the present invention, a second embodiment of the block chain-based electronic medical record sharing method of the present invention is provided. This embodiment is a refinement of the step of determining the new medical record ciphertext information corresponding to the new medical record ciphertext in step S40 in the first embodiment of the present invention, and includes:
and a, uploading the new medical record ciphertext to a cloud platform connected with the mechanism client to determine a new storage address of the new medical record ciphertext, performing hash signature on the new medical record ciphertext, and taking the new storage address and the hash signature as new medical record ciphertext information.
In this embodiment, after the mechanism client acquires the new medical record ciphertext, the new medical record ciphertext may be sent to a cloud platform connected to the mechanism client for storage, and a new storage address for storing the new medical record ciphertext fed back by the cloud platform is received, and then the mechanism client performs hash signature on the new medical record ciphertext to obtain hash 'of the new medical record ciphertext and a signature Sig (sk) of the hash'hHash') and sends it to the patient client as the new medical record ciphertext information.
In this embodiment, the new medical record ciphertext is sent to the cloud platform, the new storage address is determined, the hash signature is performed on the new medical record ciphertext, and the new storage address and the hash signature are used as new medical record ciphertext information, so that the accuracy of the obtained new medical record ciphertext information is guaranteed.
Further, the step of re-encrypting the medical record ciphertext and the authorization key to obtain a re-encrypted ciphertext includes:
and b, determining a preset encryption function, and calculating by taking the medical record ciphertext and the authorization key as the input of the encryption function to obtain a re-encrypted ciphertext.
In this embodiment, when re-encrypting according to the medical record ciphertext and the authorization key, an Encryption function set in advance by the user, such as an AES Encryption function (Advanced Encryption Standard, symmetric Encryption algorithm), may be determined, and the medical record ciphertext and the authorization key may be input to the Encryption function for calculation, so as to obtain a re-encrypted ciphertext. For example, if the AES encryption function is E, C ═ E (K, P), where P is plaintext, K is a key, and C is ciphertext. That is, the encryption function E outputs the ciphertext C by inputting the plaintext P and the key K as parameters of the encryption function.
In this embodiment, the medical record ciphertext and the authorization key are input to the encryption function to be calculated, so that the re-encrypted ciphertext is obtained, and the accuracy of the obtained re-encrypted ciphertext is guaranteed.
Further, the step of decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext includes:
and c, determining a decryption function corresponding to the encryption function, and calculating by taking a private key of the mechanism client and the re-encrypted ciphertext as the input of the decryption function to obtain the plaintext of the electronic medical record.
In this embodiment, after the mechanism client acquires the re-encrypted ciphertext, it is further required to determine a decryption function corresponding to the encryption function, such as an AES decryption function, and input the private key of the mechanism client and the re-encrypted ciphertext into the decryption function for calculation, so as to obtain the plaintext of the electronic medical record. For example, if the AES decryption function is D, P ═ D (K, C), where C is the ciphertext, K is the key, and P is the plaintext. That is, the ciphertext C and the key K are input as parameters of the decryption function, and the decryption function outputs the plaintext P.
In the embodiment, the private key and the re-encrypted ciphertext of the mechanism client are input into the decryption function for calculation to obtain the electronic medical record plaintext, so that the accuracy of the obtained electronic medical record plaintext is guaranteed.
In addition, referring to fig. 3, fig. 3 is a schematic flowchart of a third embodiment of the method for sharing electronic medical records based on a blockchain according to the present invention, where the method for sharing electronic medical records based on a blockchain is applied to a patient client, and includes:
step S100, generating an authorization key based on the query request sent by the mechanism client, determining a medical record ciphertext corresponding to the query request, and sending the hash value of the medical record ciphertext and the authorization key to the mechanism client;
because the availability of the electronic medical records is low at present, in this embodiment, a plurality of medical institutions form a federation chain, and only the hash of the electronic medical records, the signatures of the patient and the medical institutions (i.e., institution clients), and the cloud platform storage addresses for encrypting the electronic medical records are recorded in the federation chain, and the federation chain is used for ensuring the authenticity and traceability of each record. The electronic medical record information of the patient is encrypted by each mechanism by using the public key of the patient and is stored on the cloud platform, and different mechanisms can adopt different cloud platforms. In addition, in the embodiment, the alliance link is combined with a cloud storage technology, and necessary information is linked up, so that the system has extremely high availability while authenticity and traceability of electronic medical record data are guaranteed. And the electronic medical record of the patient can be encrypted by using a public key of the patient client, and the mechanism client of the medical mechanism can check the medical record information only under the condition of patient authorization, so that fine-grained control of private data is realized. Wherein the institution client is a client used by a medical institution. The patient client is the client used by the patient.
In this embodiment, the patientPublic and private keys (sk)p,pkp) Public and private keys of medical institution (sk)h,pkh) Patient authorized institution Key skp→hThe signature s is Sig (sk, hash), the encryption c1 is Enc (pk, m), and the re-encryption c2 is Renc (sk)p→hC1), decryption m ═ Dec (sk, c 2).
In this embodiment, when a patient visits an institution, the institution needs to check some historical medical record information of the patient, and sends a corresponding query request to a patient client through an institution client, and when the patient client receives the query request sent by the institution client, the patient client determines a medical record ciphertext corresponding to the query request first, and generates a corresponding authorization key sk in an agent re-encryption manner according to the query requestp→hThen, the hash value of the medical record ciphertext is obtained, and the hash value of the medical record ciphertext and the authorization key sk are obtainedp→hAnd sending the information to the mechanism client. The proxy re-encryption is a re-encrypted ciphertext which can be decrypted by a designated receiver after the authorization of a data owner and the proxy party can re-encrypt the ciphertext under the condition that an original ciphertext is not decrypted. For example, if the patient client has a ciphertext C1 encrypted by its own public key, and wants to share the data of the ciphertext C1 with the organization client, the patient client may first use its own private key and the public key of the organization client to calculate an authorization key sk based on a re-encryption key generation algorithm of proxy re-encryption, where the authorization key sk does not reveal its own private key of the patient client, then the patient client sends the authorization key sk and the ciphertext C1 to the organization client, the organization client generates a re-encrypted ciphertext C2 based on the re-encryption algorithm of proxy encryption, and decrypts C2 with the private key of the organization client to obtain the data shared by the patient client.
In addition, in the proxy re-encryption scenario, although the data owner delegates the physical control right of the data to the proxy, since the proxy stores the ciphertext and does not need to decrypt the data during sharing, the confidentiality of the user data can still be ensured even if the proxy wants to steal the user data or intentionally and unintentionally leak the stored data.
Step S200, receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, and detecting whether the new medical record ciphertext information is legal or not;
when the patient client receives new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, whether the new medical record ciphertext information is legal or not can be detected, and different operations can be executed according to different detection results. Wherein, the new case history ciphertext information comprises a new storage address of the new case history ciphertext, the hash' of the new case history ciphertext and a signature Sig (sk) of the hashhHash'). The mode for detecting whether the new medical record ciphertext information is legal is to detect the signature in the new medical record ciphertext information.
And step S300, if the new medical record ciphertext information is legal, signing the new medical record ciphertext information, and uploading the signed new medical record ciphertext information to an alliance chain connected with the patient client.
When the new medical record ciphertext information is found to be illegal through judgment, the signature in the new medical record ciphertext information can be determined to be illegal, the received information can be discarded, and illegal operation of the organization can also be fed back to the supervision organization. If the new case history ciphertext information is legal, the new case history ciphertext information can be signed, namely the signature Sig (sk) is carried out on the received hashpHash ') and take hash' as key, Sig (sk)p,hash')||Sig(skhHash ') is stored in the federation chain as value, and hash' is stored in the hash list of the client. And when medical disputes occur, the arbitrator can determine the responsibility main body according to the records on the alliance chain.
In the embodiment, the re-encryption part of the ciphertext is not completed by the agent side, namely the cloud platform, but is directly executed by the client of the organization. Therefore, a safe and high-availability electronic medical record system can be directly and quickly built on the basis of the existing cloud storage system and the existing alliance chain platform without any adaptation of the cloud storage platform.
In this embodiment, an authorization key is generated based on a query request sent by the mechanism client, a medical record ciphertext corresponding to the query request is determined, and a hash value of the medical record ciphertext and the authorization key are sent to the mechanism client; receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, and detecting whether the new medical record ciphertext information is legal or not; and if the new medical record ciphertext information is legal, signing the new medical record ciphertext information, and uploading the signed new medical record ciphertext information to an alliance chain connected with the patient client. The hash value and the authorization key of the medical record ciphertext are sent to the mechanism client side through the patient client side, the new medical record ciphertext information fed back by the mechanism client side is received, the signature is carried out when the new medical record ciphertext information is legal, and the new medical record ciphertext information is uploaded to the alliance chain, so that the phenomenon that the usability of the electronic medical record is limited due to the fact that the node load of the alliance chain in the prior art is large is avoided, the important information is uploaded to the block chain, the electronic medical record is not required to be uploaded to the alliance chain integrally, authenticity and traceability of data in the electronic medical record are guaranteed, the safety of the electronic medical record is guaranteed, and meanwhile the high usability of the electronic medical record is improved.
Further, the step of generating an authorization key based on the query request sent by the client of the organization includes:
step x, acquiring an institution client public key of the institution client based on a query request sent by the institution client, and determining a patient client private key of the patient client;
in this embodiment, after the patient client receives the query request sent by the institution client, it is necessary to extract the institution client public key of the institution client in the query request, and extract the patient client private key in the patient client.
And step y, encrypting the public key of the institution client and the private key of the patient client, and taking the encrypted public key of the institution client and the encrypted private key of the patient client as authorization keys.
Then, the public key of the institution client and the private key of the patient client are encrypted by adopting an encryption algorithm such as an AES encryption function, and the encrypted public key of the institution client and the encrypted private key of the patient client are used as authorization keys. For example, if the patient client has a ciphertext C1 encrypted by its own public key, and wants to share the data of the ciphertext C1 with the organization client, the patient client may first use its own private key and the public key of the organization client to calculate an authorization key sk based on a re-encryption key generation algorithm of proxy re-encryption, where the authorization key sk does not reveal its own private key of the patient client, then the patient client sends the authorization key sk and the ciphertext C1 to the organization client, the organization client generates a re-encrypted ciphertext C2 based on the re-encryption algorithm of proxy encryption, and decrypts C2 with the private key of the organization client to obtain the data shared by the patient client.
In the embodiment, the authorization key is obtained by encrypting the public key of the client side of the organization and the private key of the client side of the patient, so that the accuracy of the obtained authorization key is guaranteed.
The invention also provides an electronic medical record sharing device based on the block chain, and referring to fig. 4, the electronic medical record sharing device based on the block chain comprises:
the acquisition module A10 is used for receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, and acquiring a medical record signature and a storage address in a alliance chain connected with an organization client according to the hash value;
a re-encryption module A20, configured to, if the medical record signature matches the patient public key corresponding to the authorization key, obtain a medical record ciphertext according to the storage address, and re-encrypt the medical record ciphertext and the authorization key to obtain a re-encrypted ciphertext;
the decryption module A30 is used for decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining new medical record information based on the electronic medical record plaintext, and re-encrypting the new medical record information to obtain a new medical record ciphertext;
and the sending module A40 is configured to determine new medical record ciphertext information corresponding to the new medical record ciphertext, and send the new medical record ciphertext information to the patient client.
Optionally, the sending module a40 is configured to:
and uploading the new medical record ciphertext to a cloud platform connected with the mechanism client to determine a new storage address of the new medical record ciphertext, performing hash signature on the new medical record ciphertext, and taking the new storage address and the hash signature as new medical record ciphertext information.
Optionally, a re-encryption module a20, configured to:
and determining a preset encryption function, and calculating by taking the medical record ciphertext and the authorization key as the input of the encryption function to obtain a re-encrypted ciphertext.
Optionally, a re-encryption module a20, configured to:
and determining a decryption function corresponding to the encryption function, and calculating by taking a private key of the mechanism client and the re-encrypted ciphertext as the input of the decryption function to obtain the plaintext of the electronic medical record.
In addition, the present invention further provides an electronic medical record sharing apparatus based on a block chain, and referring to fig. 5, the electronic medical record sharing apparatus based on the block chain includes:
a determining module a100, configured to generate an authorization key based on the query request sent by the mechanism client, determine a medical record ciphertext corresponding to the query request, and send a hash value of the medical record ciphertext and the authorization key to the mechanism client;
the detection module A200 is used for receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key and detecting whether the new medical record ciphertext information is legal or not;
the signature module a300 is configured to sign the new medical record ciphertext information if the new medical record ciphertext information is legal, and upload the signed new medical record ciphertext information to an alliance chain connected to the patient client.
Optionally, the determining module a100 is configured to:
acquiring an institution client public key of the institution client based on a query request sent by the institution client, and determining a patient client private key of the patient client;
and encrypting the public key of the institution client and the private key of the patient client, and taking the encrypted public key of the institution client and the encrypted private key of the patient client as authorization keys.
The method executed by each program unit can refer to each embodiment of the block chain-based electronic medical record sharing method of the present invention, and is not described herein again.
In addition, the invention also provides an electronic medical record sharing system based on the block chain, which is used for executing the electronic medical record sharing method based on the block chain, the electronic medical record sharing system based on the block chain comprises a patient client, an institution client, a alliance chain and a cloud platform, and the electronic medical record sharing system based on the block chain comprises:
the mechanism client side sends a query request to the patient client side, the patient client side generates an authorization key based on the query request sent by the mechanism client side, determines a medical record ciphertext corresponding to the query request, and sends a hash value of the medical record ciphertext and the authorization key to the mechanism client side;
the mechanism client receives a hash value and an authorization key of a medical record ciphertext sent by the patient client, and acquires a medical record signature and a storage address in the alliance chain connected with the mechanism client according to the hash value;
when the medical record signature is matched with the patient public key corresponding to the authorization key, the mechanism client acquires a medical record ciphertext according to the storage address, re-encrypts the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext, decrypts the re-encrypted ciphertext according to a private key of the mechanism client to acquire an electronic medical record plaintext, acquires newly-added medical record information based on the electronic medical record plaintext, and re-encrypts the newly-added medical record information to acquire a new medical record ciphertext;
the mechanism client side sends the new medical record ciphertext to the cloud platform, the cloud platform stores the received new medical record ciphertext and sends the stored new storage address to the mechanism client side, and therefore the mechanism client side can determine new medical record ciphertext information according to the new storage address;
and the mechanism client sends the new medical record ciphertext information to the patient client, and the patient client receives the new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, signs the new medical record ciphertext information when the new medical record ciphertext information is legal, and uploads the signed new medical record ciphertext information to an alliance chain connected with the patient client.
And in the block chain-based electronic medical record sharing system, the system mainly comprises clients (an organization client and a patient client), a alliance chain, a cloud platform and an arbitrator.
A client: the patient client is responsible for signing the hash of the electronic medical record ciphertext; saving a hash list of the patient; an authorization key is generated for an organization, and access control of medical record information is realized; and saving the medical record hash, the signature of the patient, the signature of the organization and the file storage address url in a key-value mode into a federation chain. The mechanism client side is responsible for encrypting and uploading case information of the patient to a cloud storage system; after the patient authorization is obtained, the patient medical records stored in the cloud storage systems can be pulled and decrypted locally.
Federation chain: a plurality of organizations are selected by a health department of government as block outlet nodes, and other organizations only participate in the synchronization of blocks; the information of each transaction record of the chain union chain comprises: the address stored by the electronic medical record in an encryption way, and the patient and the medical institution sign the ciphertext hash.
Cloud platform: the system is in charge of storing encrypted medical record information of each mechanism, different mechanisms can select different cloud storage systems, and the cloud storage systems operate independently and do not interfere with each other.
An arbitrating party: the method is used by health departments of governments, and mainly aims to determine responsibility subjects according to records on a chain when medical disputes occur.
And the system architecture of the electronic medical record sharing system based on the blockchain can be as shown in fig. 6, and includes clients (institution clients and patient clients), a federation chain (composed of nodes where each medical institution is located), a cloud platform and an arbitrator. The implementation step is 1, the patient client sends the hash and the authorization key to the mechanism client; 2. the mechanism client side obtains a medical record signature and a storage address according to the hash inquiry alliance chain; 3. the institution client verifies whether the signature and the patient public key are matched; 4. when the signature is matched with the public key, the mechanism client downloads the ciphertext into the cloud platform according to the storage address; 5, the mechanism client re-encrypts the ciphertext by using the authorization key and then decrypts the ciphertext by using a private key to obtain the medical record; 6. the organization client encrypts the newly added case by using the public key of the patient and uploads the ciphertext to the cloud platform; 7. the mechanism client returns the ciphertext address, the hash of the ciphertext and the signature to the patient client; 8. the patient client verifies the validity of the signature and reports the validity to the arbitrator if the signature is not valid; 9. if the patient agrees to the uplink, the patient client signs and sends the transaction to the alliance chain; 10. nodes in the alliance chain collect transactions to verify the validity, and an arbitrator can position a responsible body according to data on the chain to solve medical disputes. The federation chain may include, among other things, a plurality of bicks (nodes), including a prevhash and data.
In addition, the invention also provides a storage medium, namely a computer storage medium.
The computer storage medium of the present invention stores an electronic medical record sharing program based on a block chain, and the electronic medical record sharing program based on the block chain realizes the steps of the electronic medical record sharing method based on the block chain when being executed by a processor.
The method implemented when the block chain-based electronic medical record sharing program running on the processor is executed can refer to various embodiments of the block chain-based electronic medical record sharing method of the present invention, and details are not described here.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) as described above and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (10)
1. The electronic medical record sharing method based on the block chain is applied to an organization client, and comprises the following steps:
receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, and acquiring a medical record signature and a storage address in an alliance chain connected with the mechanism client according to the hash value;
if the medical record signature is matched with the patient public key corresponding to the authorization key, acquiring a medical record ciphertext according to the storage address, and re-encrypting the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext;
decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining newly added medical record information based on the electronic medical record plaintext, and re-encrypting the newly added medical record information to obtain a new medical record ciphertext;
and determining new medical record ciphertext information corresponding to the new medical record ciphertext, and sending the new medical record ciphertext information to the patient client.
2. The method for sharing an electronic medical record based on a blockchain according to claim 1, wherein the step of determining the new medical record ciphertext information corresponding to the new medical record ciphertext comprises:
and uploading the new medical record ciphertext to a cloud platform connected with the mechanism client to determine a new storage address of the new medical record ciphertext, performing hash signature on the new medical record ciphertext, and taking the new storage address and the hash signature as new medical record ciphertext information.
3. The method for sharing an electronic medical record based on a blockchain according to claim 1, wherein the step of re-encrypting the medical record ciphertext and the authorization key to obtain a re-encrypted ciphertext comprises:
and determining a preset encryption function, and calculating by taking the medical record ciphertext and the authorization key as the input of the encryption function to obtain a re-encrypted ciphertext.
4. The block chain-based electronic medical record sharing method according to claim 3, wherein the step of decrypting the re-encrypted ciphertext according to a private key of the institution client to obtain a plaintext of the electronic medical record comprises:
and determining a decryption function corresponding to the encryption function, and calculating by taking a private key of the mechanism client and the re-encrypted ciphertext as the input of the decryption function to obtain the plaintext of the electronic medical record.
5. The electronic medical record sharing method based on the block chain is applied to a patient client side, and comprises the following steps:
generating an authorization key based on the query request sent by the mechanism client, determining a medical record ciphertext corresponding to the query request, and sending the hash value of the medical record ciphertext and the authorization key to the mechanism client;
receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, and detecting whether the new medical record ciphertext information is legal or not;
and if the new medical record ciphertext information is legal, signing the new medical record ciphertext information, and uploading the signed new medical record ciphertext information to an alliance chain connected with the patient client.
6. The method for sharing an electronic medical record based on a blockchain as claimed in claim 5, wherein the step of generating an authorization key based on the query request sent by the institution client comprises:
acquiring an institution client public key of the institution client based on a query request sent by the institution client, and determining a patient client private key of the patient client;
and encrypting the public key of the institution client and the private key of the patient client, and taking the encrypted public key of the institution client and the encrypted private key of the patient client as authorization keys.
7. An electronic medical record sharing device based on a block chain is characterized in that the electronic medical record sharing device based on the block chain comprises:
the acquisition module is used for receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, and acquiring a medical record signature and a storage address in an alliance chain connected with an organization client according to the hash value;
the re-encryption module is used for acquiring a medical record ciphertext according to the storage address and re-encrypting the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext if the medical record signature is matched with the patient public key corresponding to the authorization key;
the decryption module is used for decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining newly added medical record information based on the electronic medical record plaintext, and re-encrypting the newly added medical record information to obtain a new medical record ciphertext;
and the sending module is used for determining new medical record ciphertext information corresponding to the new medical record ciphertext and sending the new medical record ciphertext information to the patient client.
8. The electronic medical record sharing device based on the block chain is characterized by further comprising:
the determining module is used for generating an authorization key based on the query request sent by the mechanism client, determining a medical record ciphertext corresponding to the query request, and sending the hash value of the medical record ciphertext and the authorization key to the mechanism client;
the detection module is used for receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key and detecting whether the new medical record ciphertext information is legal or not;
and the signature module is used for signing the new medical record ciphertext information if the new medical record ciphertext information is legal and uploading the signed new medical record ciphertext information to an alliance chain connected with the patient client.
9. The electronic medical record sharing system based on the blockchain is characterized by comprising a patient client, an organization client, a federation chain and a cloud platform, and comprises:
the mechanism client side sends a query request to the patient client side, the patient client side generates an authorization key based on the query request sent by the mechanism client side, determines a medical record ciphertext corresponding to the query request, and sends a hash value of the medical record ciphertext and the authorization key to the mechanism client side;
the mechanism client receives a hash value and an authorization key of a medical record ciphertext sent by the patient client, and acquires a medical record signature and a storage address in the alliance chain connected with the mechanism client according to the hash value;
when the medical record signature is matched with the patient public key corresponding to the authorization key, the mechanism client acquires a medical record ciphertext according to the storage address, re-encrypts the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext, decrypts the re-encrypted ciphertext according to a private key of the mechanism client to acquire an electronic medical record plaintext, acquires newly-added medical record information based on the electronic medical record plaintext, and re-encrypts the newly-added medical record information to acquire a new medical record ciphertext;
the mechanism client side sends the new medical record ciphertext to the cloud platform, the cloud platform stores the received new medical record ciphertext and sends the stored new storage address to the mechanism client side, and therefore the mechanism client side can determine new medical record ciphertext information according to the new storage address;
and the mechanism client sends the new medical record ciphertext information to the patient client, and the patient client receives the new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, signs the new medical record ciphertext information when the new medical record ciphertext information is legal, and uploads the signed new medical record ciphertext information to an alliance chain connected with the patient client.
10. A storage medium, wherein the storage medium stores thereon a blockchain-based electronic medical record sharing program, and the blockchain-based electronic medical record sharing program, when executed by a processor, implements the steps of the blockchain-based electronic medical record sharing method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011343451.7A CN112434336A (en) | 2020-11-25 | 2020-11-25 | Block chain-based electronic medical record sharing method, device and system and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011343451.7A CN112434336A (en) | 2020-11-25 | 2020-11-25 | Block chain-based electronic medical record sharing method, device and system and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112434336A true CN112434336A (en) | 2021-03-02 |
Family
ID=74698244
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011343451.7A Pending CN112434336A (en) | 2020-11-25 | 2020-11-25 | Block chain-based electronic medical record sharing method, device and system and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112434336A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113067857A (en) * | 2021-03-15 | 2021-07-02 | 新疆大学 | Electronic medical record cross-hospital sharing method based on double-chain structure |
| CN113990429A (en) * | 2021-12-29 | 2022-01-28 | 医典云(南京)数据科技有限公司 | Electronic medical record data protection method and device |
| CN114499894A (en) * | 2022-04-01 | 2022-05-13 | 南京金宁汇科技有限公司 | File storage and reading method and system in block chain network |
| CN114584325A (en) * | 2022-05-06 | 2022-06-03 | 四川野马科技有限公司 | Bid quoted price data hybrid storage system and method based on block chain and cloud storage |
| CN114866288A (en) * | 2022-04-12 | 2022-08-05 | 平安国际智慧城市科技股份有限公司 | Private information protection method and device based on block chain and storage medium |
| CN115879153A (en) * | 2022-12-16 | 2023-03-31 | 高雅娟 | Medical record access method based on block chain |
| CN116344013A (en) * | 2023-05-30 | 2023-06-27 | 浙江云针信息科技有限公司 | Medical data management method and system |
| CN116631578A (en) * | 2023-07-25 | 2023-08-22 | 山东硕杰医疗科技有限公司 | Lung cancer network comprehensive management information platform |
| CN117373599A (en) * | 2023-11-30 | 2024-01-09 | 武汉天喻信息产业股份有限公司 | Medical information sharing system and method based on block chain |
| CN118133327A (en) * | 2024-05-08 | 2024-06-04 | 三未信安科技股份有限公司 | Searchable encryption method and system supporting privacy of search mode |
| CN114866288B (en) * | 2022-04-12 | 2024-10-18 | 平安国际智慧城市科技股份有限公司 | Private information protection method and device based on blockchain and storage medium |
-
2020
- 2020-11-25 CN CN202011343451.7A patent/CN112434336A/en active Pending
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113067857B (en) * | 2021-03-15 | 2023-04-18 | 新疆大学 | Electronic medical record cross-hospital sharing method based on double-chain structure |
| CN113067857A (en) * | 2021-03-15 | 2021-07-02 | 新疆大学 | Electronic medical record cross-hospital sharing method based on double-chain structure |
| CN113990429A (en) * | 2021-12-29 | 2022-01-28 | 医典云(南京)数据科技有限公司 | Electronic medical record data protection method and device |
| CN113990429B (en) * | 2021-12-29 | 2022-03-15 | 医典云(南京)数据科技有限公司 | Electronic medical record data protection method and device |
| CN114499894A (en) * | 2022-04-01 | 2022-05-13 | 南京金宁汇科技有限公司 | File storage and reading method and system in block chain network |
| CN114866288A (en) * | 2022-04-12 | 2022-08-05 | 平安国际智慧城市科技股份有限公司 | Private information protection method and device based on block chain and storage medium |
| CN114866288B (en) * | 2022-04-12 | 2024-10-18 | 平安国际智慧城市科技股份有限公司 | Private information protection method and device based on blockchain and storage medium |
| CN114584325A (en) * | 2022-05-06 | 2022-06-03 | 四川野马科技有限公司 | Bid quoted price data hybrid storage system and method based on block chain and cloud storage |
| CN115879153B (en) * | 2022-12-16 | 2023-11-03 | 湖南提奥医疗科技有限公司 | Case history access method based on block chain |
| CN115879153A (en) * | 2022-12-16 | 2023-03-31 | 高雅娟 | Medical record access method based on block chain |
| CN116344013A (en) * | 2023-05-30 | 2023-06-27 | 浙江云针信息科技有限公司 | Medical data management method and system |
| CN116631578B (en) * | 2023-07-25 | 2023-10-13 | 山东硕杰医疗科技有限公司 | Lung cancer network comprehensive management information platform |
| CN116631578A (en) * | 2023-07-25 | 2023-08-22 | 山东硕杰医疗科技有限公司 | Lung cancer network comprehensive management information platform |
| CN117373599A (en) * | 2023-11-30 | 2024-01-09 | 武汉天喻信息产业股份有限公司 | Medical information sharing system and method based on block chain |
| CN117373599B (en) * | 2023-11-30 | 2024-04-09 | 武汉天喻信息产业股份有限公司 | Medical information sharing system and method based on block chain |
| CN118133327A (en) * | 2024-05-08 | 2024-06-04 | 三未信安科技股份有限公司 | Searchable encryption method and system supporting privacy of search mode |
| CN118133327B (en) * | 2024-05-08 | 2024-07-16 | 三未信安科技股份有限公司 | Searchable encryption method and system supporting privacy of search mode |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112434336A (en) | Block chain-based electronic medical record sharing method, device and system and storage medium | |
| CN109144961B (en) | Authorization file sharing method and device | |
| US11212264B1 (en) | Systems and methods for third party data protection | |
| US8509449B2 (en) | Key protector for a storage volume using multiple keys | |
| US7877604B2 (en) | Proof of execution using random function | |
| US8495383B2 (en) | Method for the secure storing of program state data in an electronic device | |
| CN106452770B (en) | Data encryption method, data decryption method, device and system | |
| TWI420339B (en) | Software authorization system and method | |
| US11606202B2 (en) | Methods and systems for secure data transmission | |
| US20170310479A1 (en) | Key Replacement Direction Control System and Key Replacement Direction Control Method | |
| KR20070057968A (en) | Sharing a secret by using random function | |
| US8806206B2 (en) | Cooperation method and system of hardware secure units, and application device | |
| CN109347832A (en) | A kind of dynamic data sharing method, terminal device and proxy server | |
| JP2018197997A5 (en) | ||
| JPWO2017033442A1 (en) | Information processing apparatus, authentication system, authentication method, and computer program | |
| US20210167955A1 (en) | Data transmission | |
| CN110610102B (en) | Data access method, device and system | |
| CN114679340B (en) | File sharing method, system, device and readable storage medium | |
| CN113301036A (en) | Communication encryption method and device, equipment and storage medium | |
| CN115941328A (en) | Sharable user data encryption processing method, device and system | |
| US20220360429A1 (en) | Location-key encryption system | |
| CN114936380A (en) | Block chain private data sharing method and system based on chameleon hash | |
| KR20200045820A (en) | Apparatus and method for encryption and decryption | |
| CN116599647B (en) | Information processing method, service node, blockchain network, and storage medium | |
| US10491385B2 (en) | Information processing system, information processing method, and recording medium for improving security of encrypted communications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |